Trojaner-Board - GVU Blockierte "Abgesicherten Modus" und OTL konnte nicht gestartet werden.

Aloha,

Ich habe nun OTLPE drauf.

Aber das wurde ich leider nicht gefragt, (WIN XP)

Zitat:

"Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten."

Ich habe mich weiter an die Anleitung gehalten und die "RUN Scan" taste gedrückt. Doch leider sind hier keine 2 Datein gespeichert wurden.

Hier die OTL.txt
OTL Logfile:

Code:

OTL logfile created on: 1/22/2013 2:48:57 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free

Paging file location(s): C:\pagefile.sys 4096 4600 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 139.27 Gb Total Space | 6.31 Gb Free Space | 4.53% Space Free | Partition Type: NTFS

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet003

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AppMgmt) --  File not found

SRV - (winmgmt) -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Temp\wpbt0.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)

SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)

SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()

SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (sony_ssm.sys) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (PciCon) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV - (AsrAppCharger) -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)

DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)

DRV - (AMBFilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)

DRV - (MonFilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)

DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)

DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\Lolueria_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\Lolueria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll ( )

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Programme\PremierOpinion\firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/01/18 06:56:07 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/07/12 20:06:56 | 000,000,000 | ---D | M]

 

[2011/12/02 06:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2013/01/18 06:56:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011/07/06 12:33:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2010/03/19 01:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\mozilla firefox\plugins\npmieze.dll

[2013/01/18 06:56:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013/01/18 06:56:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013/01/18 06:56:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2011/07/06 16:01:13 | 000,000,143 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\foxsearch.src

[2013/01/18 06:56:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2013/01/18 06:56:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013/01/18 06:56:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [CTSyncService] C:\Programme\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Programme\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [WireLessKeyboard]  File not found

O4 - HKLM..\Run: [WireLessMouse]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockIES]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockOCTuner]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\Lolueria_ON_C..\Run: [EA Core]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [Steam] C:\Programme\Steam\steam.exe (Valve Corporation)

O4 - HKU\Lolueria_ON_C..\Run: [zASRockInstantBoot]  File not found

O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Lolueria_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/07/05 14:52:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/01/22 14:45:12 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent

[2013/01/22 01:29:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2013/01/21 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/21 15:06:29 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client

[2013/01/18 10:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 10:39:11 | 000,000,000 | ---D | C] -- C:\Programme\MAESTIA

[2013/01/18 10:35:53 | 000,648,970 | ---- | C] (RoCWorks                                                    ) -- C:\Programme\MAESTIA_SETUP.exe

[2013/01/18 07:05:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2013/01/18 07:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\Vistart Live bY Pri2sh

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\TrueTransparency

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\Styler

[2013/01/18 07:03:49 | 000,000,000 | ---D | C] -- C:\Programme\Multi_Patcher_6.0

[2013/01/18 06:58:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Thoosje Windows Vista Sidebar

[2013/01/18 06:58:05 | 000,000,000 | ---D | C] -- C:\Programme\Thoosje

[2013/01/18 06:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013/01/18 06:56:11 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2013/01/18 06:55:25 | 000,000,000 | ---D | C] -- C:\Programme\XP_Live___Ice

[2013/01/17 14:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Wizards of the Coast

[2013/01/17 14:12:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Steam

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\Risen

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Risen

[2013/01/03 00:10:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[2012/12/23 18:36:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\TTE Savegames

[2012/12/23 18:34:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Tiny Token Empires

[2012/12/23 18:34:09 | 000,000,000 | ---D | C] -- C:\Programme\Tiny Token Empires

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/01/22 06:10:18 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/22 06:10:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/22 05:58:57 | 000,003,178 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 05:58:57 | 000,000,802 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 01:35:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2013/01/22 00:11:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2013/01/21 15:06:40 | 000,000,809 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/21 15:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/18 11:38:50 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/18 10:53:29 | 000,000,638 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 06:58:17 | 000,000,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 14:01:46 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/17 11:48:23 | 000,449,596 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013/01/17 11:48:23 | 000,433,106 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/17 11:48:23 | 000,080,724 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013/01/17 11:48:23 | 000,068,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/17 11:45:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/17 05:29:35 | 000,013,678 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/04 14:58:54 | 003,110,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/01/03 00:10:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013/01/22 05:58:57 | 000,000,802 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/21 15:51:36 | 000,003,178 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/21 15:51:34 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/21 15:06:40 | 000,000,809 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/18 10:53:29 | 000,000,638 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:37:24 | 1386,150,974 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-2.bin

[2013/01/18 10:35:53 | 1799,350,784 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-1.bin

[2013/01/18 06:58:17 | 000,000,501 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012/12/17 20:37:00 | 000,000,941 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\.recently-used.xbel

[2012/11/13 05:23:48 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2012/11/13 05:23:48 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2012/10/16 12:12:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dxinfo.INI

[2012/02/10 12:58:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2011/12/05 10:57:26 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011/11/09 16:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll

[2011/11/09 16:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/07/20 02:00:04 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/12 08:09:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\update_in_progress.lock

[2011/07/05 16:39:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2011/07/05 16:34:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2011/07/05 16:25:17 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI

[2011/07/05 16:24:47 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini

[2011/07/05 16:24:47 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini

[2011/07/05 16:24:12 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL

[2011/07/05 16:17:29 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011/07/05 15:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/07/05 15:42:06 | 000,127,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/07/05 15:31:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/07/05 15:27:16 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/07/05 14:53:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/07/05 14:49:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/10/01 21:49:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2009/10/01 21:49:24 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2009/09/01 14:55:54 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2009/08/07 12:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/02/28 07:00:00 | 000,449,596 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/02/28 07:00:00 | 000,433,106 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/02/28 07:00:00 | 000,080,724 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/02/28 07:00:00 | 000,068,062 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

 
 ========== LOP Check ==========

 

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Canneverbe Limited

[2011/11/16 09:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\DAEMON Tools Lite

[2011/08/09 12:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\EleFun Games

[2011/12/24 13:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\gtk-2.0

[2011/12/05 07:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Gutscheinmieze

[2012/07/28 11:01:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Imperium Romanum

[2012/10/02 13:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Kalypso Media

[2011/08/09 14:38:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Neverball

[2012/01/20 21:54:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Obsidian Entertainment

[2012/03/19 21:14:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\OpenOffice.org

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Origin

[2012/05/18 18:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\pokerth

[2011/12/04 07:54:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ProtectDISC

[2011/08/06 06:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\runic games

[2013/01/18 07:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2011/07/26 09:39:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The Creative Assembly

[2012/10/07 15:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The First Templar

[2011/09/11 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Tific

[2013/01/21 15:07:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\TS3Client

[2011/07/13 12:28:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ts3overlay

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Ubisoft

[2011/07/16 15:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Utherverse

[2013/01/18 07:05:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2012/12/17 20:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\XRay Engine

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited

[2012/05/18 18:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClintwoodGames

[2011/11/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2011/09/13 18:49:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core

[2011/07/21 12:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts

[2012/03/31 07:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fallout3

[2011/07/05 16:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FNET

[2012/08/24 09:18:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI

[2011/07/24 07:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpDRM

[2012/01/20 21:54:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Obsidian Entertainment

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin

[2012/08/03 15:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pendulo Studios

[2011/08/10 10:52:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 85 bytes -> C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT

@Alternate Data Stream - 170 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FC3D5E57

< End of report >

--- --- ---

Ich hoffe das war Richtig :abklatsch:

Das bekommt ihr!! sorry das ich leider keine Zeit habe.

Bis heute und danke nochmals!

Aloha,

Habe nun eine neue OTLPE erstellt.

OTL Logfile:

Code:

OTL logfile created on: 1/22/2013 8:38:50 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): C:\pagefile.sys 4096 4600 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 139.27 Gb Total Space | 6.22 Gb Free Space | 4.46% Space Free | Partition Type: NTFS

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet003

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AppMgmt) --  File not found

SRV - (winmgmt) -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Temp\wpbt0.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)

SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)

SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()

SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (sony_ssm.sys) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (PciCon) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV - (AsrAppCharger) -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)

DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)

DRV - (AMBFilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)

DRV - (MonFilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)

DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)

DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\Lolueria_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\Lolueria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://my.daemon-search.com/startpage|google.de"

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190

FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1

FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll ( )

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Programme\PremierOpinion\firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/01/18 06:56:07 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/07/12 20:06:56 | 000,000,000 | ---D | M]

 

[2011/07/05 15:31:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Extensions

[2013/01/18 07:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Firefox\Profiles\20ut4aba.default\extensions

[2011/07/06 16:01:57 | 000,002,055 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\daemon-search.xml

[2011/05/17 13:23:12 | 000,003,295 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\search-results.xml

[2013/01/18 06:56:03 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\sweetim.xml

[2011/12/02 06:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

File not found (No name found) -- 

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

[2013/01/18 06:56:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011/07/06 12:33:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2010/03/19 01:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\mozilla firefox\plugins\npmieze.dll

[2013/01/18 06:56:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013/01/18 06:56:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013/01/18 06:56:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2011/07/06 16:01:13 | 000,000,143 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\foxsearch.src

[2013/01/18 06:56:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2013/01/18 06:56:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013/01/18 06:56:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2013/01/22 15:29:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [CTSyncService] C:\Programme\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Programme\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [WireLessKeyboard]  File not found

O4 - HKLM..\Run: [WireLessMouse]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockIES]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockOCTuner]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\Lolueria_ON_C..\Run: [EA Core]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [Steam] C:\Programme\Steam\steam.exe (Valve Corporation)

O4 - HKU\Lolueria_ON_C..\Run: [zASRockInstantBoot]  File not found

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Lolueria_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/07/05 14:52:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\AutoRun\command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Explore\Command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Open\Command - "" = K:\SysAnti.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/01/22 15:29:01 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe

[2013/01/22 15:28:57 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/01/22 14:45:12 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent

[2013/01/22 01:29:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2013/01/21 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/21 15:06:29 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client

[2013/01/18 10:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 10:39:11 | 000,000,000 | ---D | C] -- C:\Programme\MAESTIA

[2013/01/18 10:35:53 | 000,648,970 | ---- | C] (RoCWorks                                                    ) -- C:\Programme\MAESTIA_SETUP.exe

[2013/01/18 07:05:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2013/01/18 07:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\TrueTransparency

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\Styler

[2013/01/18 06:58:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Thoosje Windows Vista Sidebar

[2013/01/18 06:58:05 | 000,000,000 | ---D | C] -- C:\Programme\Thoosje

[2013/01/18 06:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013/01/18 06:56:11 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2013/01/18 06:55:25 | 000,000,000 | ---D | C] -- C:\Programme\XP_Live___Ice

[2013/01/17 14:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Wizards of the Coast

[2013/01/17 14:12:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Steam

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\Risen

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Risen

[2013/01/03 00:10:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/01/22 14:30:02 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/22 14:21:59 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2013/01/22 14:19:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/22 09:37:47 | 000,003,178 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 01:35:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2013/01/21 15:06:40 | 000,000,809 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/21 15:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/18 11:38:50 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/18 10:53:29 | 000,000,638 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 06:58:17 | 000,000,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 14:01:46 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/17 11:48:23 | 000,449,596 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013/01/17 11:48:23 | 000,433,106 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/17 11:48:23 | 000,080,724 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013/01/17 11:48:23 | 000,068,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/17 11:45:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/17 05:29:35 | 000,013,678 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/04 14:58:54 | 003,110,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/01/03 00:10:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013/01/22 09:37:47 | 000,003,178 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 09:37:02 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/21 15:06:40 | 000,000,809 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/18 10:53:29 | 000,000,638 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:37:24 | 1386,150,974 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-2.bin

[2013/01/18 10:35:53 | 1799,350,784 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-1.bin

[2013/01/18 06:58:17 | 000,000,501 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012/12/17 20:37:00 | 000,000,941 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\.recently-used.xbel

[2012/11/13 05:23:48 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2012/11/13 05:23:48 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2012/10/16 12:12:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dxinfo.INI

[2012/02/10 12:58:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2011/12/05 10:57:26 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011/11/09 16:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll

[2011/11/09 16:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/07/20 02:00:04 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/12 08:09:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\update_in_progress.lock

[2011/07/05 16:39:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2011/07/05 16:34:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2011/07/05 16:25:17 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI

[2011/07/05 16:24:47 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini

[2011/07/05 16:24:47 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini

[2011/07/05 16:24:12 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL

[2011/07/05 16:17:29 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011/07/05 15:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/07/05 15:42:06 | 000,127,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/07/05 15:31:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/07/05 15:27:16 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/07/05 14:53:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/07/05 14:49:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/10/01 21:49:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2009/10/01 21:49:24 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2009/09/01 14:55:54 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2009/08/07 12:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/02/28 07:00:00 | 000,449,596 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/02/28 07:00:00 | 000,433,106 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/02/28 07:00:00 | 000,080,724 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/02/28 07:00:00 | 000,068,062 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

 
 ========== LOP Check ==========

 

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Canneverbe Limited

[2011/11/16 09:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\DAEMON Tools Lite

[2011/08/09 12:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\EleFun Games

[2011/12/24 13:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\gtk-2.0

[2011/12/05 07:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Gutscheinmieze

[2012/07/28 11:01:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Imperium Romanum

[2012/10/02 13:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Kalypso Media

[2011/08/09 14:38:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Neverball

[2012/01/20 21:54:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Obsidian Entertainment

[2012/03/19 21:14:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\OpenOffice.org

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Origin

[2012/05/18 18:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\pokerth

[2011/12/04 07:54:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ProtectDISC

[2011/08/06 06:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\runic games

[2013/01/18 07:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2011/07/26 09:39:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The Creative Assembly

[2012/10/07 15:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The First Templar

[2011/09/11 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Tific

[2013/01/21 15:07:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\TS3Client

[2011/07/13 12:28:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ts3overlay

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Ubisoft

[2011/07/16 15:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Utherverse

[2013/01/18 07:05:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2012/12/17 20:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\XRay Engine

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited

[2012/05/18 18:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClintwoodGames

[2011/11/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2011/09/13 18:49:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core

[2011/07/21 12:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts

[2012/03/31 07:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fallout3

[2011/07/05 16:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FNET

[2012/08/24 09:18:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI

[2011/07/24 07:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpDRM

[2012/01/20 21:54:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Obsidian Entertainment

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin

[2012/08/03 15:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pendulo Studios

[2011/08/10 10:52:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft

 
 ========== Purity Check ==========

 

 

< End of report >

--- --- ---

Das nun die Aktuelle OTLPE

Gruss Tangtung

Aloha,

Wie gewünscht die neue OTLPE.

OTL Logfile:

Code:

OTL logfile created on: 1/22/2013 8:38:50 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): C:\pagefile.sys 4096 4600 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 139.27 Gb Total Space | 6.22 Gb Free Space | 4.46% Space Free | Partition Type: NTFS

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet003

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AppMgmt) --  File not found

SRV - (winmgmt) -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Temp\wpbt0.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)

SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)

SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()

SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (sony_ssm.sys) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (PciCon) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV - (AsrAppCharger) -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)

DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)

DRV - (AMBFilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)

DRV - (MonFilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)

DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)

DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\Lolueria_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\Lolueria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://my.daemon-search.com/startpage|google.de"

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190

FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1

FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll ( )

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Programme\PremierOpinion\firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/01/18 06:56:07 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/07/12 20:06:56 | 000,000,000 | ---D | M]

 

[2011/07/05 15:31:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Extensions

[2013/01/18 07:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Firefox\Profiles\20ut4aba.default\extensions

[2011/07/06 16:01:57 | 000,002,055 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\daemon-search.xml

[2011/05/17 13:23:12 | 000,003,295 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\search-results.xml

[2013/01/18 06:56:03 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\sweetim.xml

[2011/12/02 06:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

File not found (No name found) -- 

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

[2013/01/18 06:56:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011/07/06 12:33:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2010/03/19 01:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\mozilla firefox\plugins\npmieze.dll

[2013/01/18 06:56:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013/01/18 06:56:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013/01/18 06:56:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2011/07/06 16:01:13 | 000,000,143 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\foxsearch.src

[2013/01/18 06:56:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2013/01/18 06:56:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013/01/18 06:56:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2013/01/22 15:29:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [CTSyncService] C:\Programme\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Programme\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [WireLessKeyboard]  File not found

O4 - HKLM..\Run: [WireLessMouse]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockIES]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockOCTuner]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\Lolueria_ON_C..\Run: [EA Core]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [Steam] C:\Programme\Steam\steam.exe (Valve Corporation)

O4 - HKU\Lolueria_ON_C..\Run: [zASRockInstantBoot]  File not found

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Lolueria_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/07/05 14:52:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\AutoRun\command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Explore\Command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Open\Command - "" = K:\SysAnti.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/01/22 15:29:01 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe

[2013/01/22 15:28:57 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/01/22 14:45:12 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent

[2013/01/22 01:29:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2013/01/21 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/21 15:06:29 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client

[2013/01/18 10:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 10:39:11 | 000,000,000 | ---D | C] -- C:\Programme\MAESTIA

[2013/01/18 10:35:53 | 000,648,970 | ---- | C] (RoCWorks                                                    ) -- C:\Programme\MAESTIA_SETUP.exe

[2013/01/18 07:05:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2013/01/18 07:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\TrueTransparency

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\Styler

[2013/01/18 06:58:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Thoosje Windows Vista Sidebar

[2013/01/18 06:58:05 | 000,000,000 | ---D | C] -- C:\Programme\Thoosje

[2013/01/18 06:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013/01/18 06:56:11 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2013/01/18 06:55:25 | 000,000,000 | ---D | C] -- C:\Programme\XP_Live___Ice

[2013/01/17 14:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Wizards of the Coast

[2013/01/17 14:12:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Steam

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\Risen

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Risen

[2013/01/03 00:10:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/01/22 14:30:02 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/22 14:21:59 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2013/01/22 14:19:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/22 09:37:47 | 000,003,178 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 01:35:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2013/01/21 15:06:40 | 000,000,809 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/21 15:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/18 11:38:50 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/18 10:53:29 | 000,000,638 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 06:58:17 | 000,000,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 14:01:46 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/17 11:48:23 | 000,449,596 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013/01/17 11:48:23 | 000,433,106 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/17 11:48:23 | 000,080,724 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013/01/17 11:48:23 | 000,068,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/17 11:45:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/17 05:29:35 | 000,013,678 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/04 14:58:54 | 003,110,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/01/03 00:10:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013/01/22 09:37:47 | 000,003,178 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 09:37:02 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/21 15:06:40 | 000,000,809 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/18 10:53:29 | 000,000,638 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:37:24 | 1386,150,974 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-2.bin

[2013/01/18 10:35:53 | 1799,350,784 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-1.bin

[2013/01/18 06:58:17 | 000,000,501 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012/12/17 20:37:00 | 000,000,941 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\.recently-used.xbel

[2012/11/13 05:23:48 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2012/11/13 05:23:48 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2012/10/16 12:12:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dxinfo.INI

[2012/02/10 12:58:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2011/12/05 10:57:26 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011/11/09 16:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll

[2011/11/09 16:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/07/20 02:00:04 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/12 08:09:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\update_in_progress.lock

[2011/07/05 16:39:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2011/07/05 16:34:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2011/07/05 16:25:17 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI

[2011/07/05 16:24:47 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini

[2011/07/05 16:24:47 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini

[2011/07/05 16:24:12 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL

[2011/07/05 16:17:29 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011/07/05 15:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/07/05 15:42:06 | 000,127,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/07/05 15:31:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/07/05 15:27:16 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/07/05 14:53:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/07/05 14:49:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/10/01 21:49:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2009/10/01 21:49:24 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2009/09/01 14:55:54 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2009/08/07 12:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/02/28 07:00:00 | 000,449,596 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/02/28 07:00:00 | 000,433,106 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/02/28 07:00:00 | 000,080,724 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/02/28 07:00:00 | 000,068,062 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

 
 ========== LOP Check ==========

 

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Canneverbe Limited

[2011/11/16 09:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\DAEMON Tools Lite

[2011/08/09 12:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\EleFun Games

[2011/12/24 13:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\gtk-2.0

[2011/12/05 07:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Gutscheinmieze

[2012/07/28 11:01:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Imperium Romanum

[2012/10/02 13:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Kalypso Media

[2011/08/09 14:38:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Neverball

[2012/01/20 21:54:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Obsidian Entertainment

[2012/03/19 21:14:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\OpenOffice.org

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Origin

[2012/05/18 18:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\pokerth

[2011/12/04 07:54:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ProtectDISC

[2011/08/06 06:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\runic games

[2013/01/18 07:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2011/07/26 09:39:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The Creative Assembly

[2012/10/07 15:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The First Templar

[2011/09/11 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Tific

[2013/01/21 15:07:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\TS3Client

[2011/07/13 12:28:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ts3overlay

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Ubisoft

[2011/07/16 15:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Utherverse

[2013/01/18 07:05:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2012/12/17 20:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\XRay Engine

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited

[2012/05/18 18:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClintwoodGames

[2011/11/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2011/09/13 18:49:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core

[2011/07/21 12:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts

[2012/03/31 07:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fallout3

[2011/07/05 16:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FNET

[2012/08/24 09:18:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI

[2011/07/24 07:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpDRM

[2012/01/20 21:54:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Obsidian Entertainment

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin

[2012/08/03 15:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pendulo Studios

[2011/08/10 10:52:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft

 
 ========== Purity Check ==========

 

 

< End of report >

--- --- ---

Gruss
Tangtung

Aloha,

Habe leider die falsche spalte angeklickt drum widerholt sich alles, sorry.

OTL Logfile:

Code:

OTL logfile created on: 1/22/2013 8:38:50 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): C:\pagefile.sys 4096 4600 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 139.27 Gb Total Space | 6.22 Gb Free Space | 4.46% Space Free | Partition Type: NTFS

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet003

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AppMgmt) --  File not found

SRV - (winmgmt) -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Temp\wpbt0.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)

SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)

SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()

SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (sony_ssm.sys) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (PciCon) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV - (AsrAppCharger) -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)

DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)

DRV - (AMBFilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)

DRV - (MonFilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)

DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)

DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\Lolueria_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\Lolueria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://my.daemon-search.com/startpage|google.de"

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190

FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1

FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.0.8

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Programme\Gemeinsame Dateien\mpDRM\NPMPDRM.dll ( )

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Programme\PremierOpinion\firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/01/18 06:56:07 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/07/12 20:06:56 | 000,000,000 | ---D | M]

 

[2011/07/05 15:31:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Extensions

[2013/01/18 07:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\mozilla\Firefox\Profiles\20ut4aba.default\extensions

[2011/07/06 16:01:57 | 000,002,055 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\daemon-search.xml

[2011/05/17 13:23:12 | 000,003,295 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\search-results.xml

[2013/01/18 06:56:03 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Mozilla\Firefox\Profiles\20ut4aba.default\searchplugins\sweetim.xml

[2011/12/02 06:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

File not found (No name found) -- 

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\LOLUERIA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\20UT4ABA.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI

[2013/01/18 06:56:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011/07/06 12:33:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2010/03/19 01:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\mozilla firefox\plugins\npmieze.dll

[2013/01/18 06:56:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013/01/18 06:56:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013/01/18 06:56:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2011/07/06 16:01:13 | 000,000,143 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\foxsearch.src

[2013/01/18 06:56:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2013/01/18 06:56:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013/01/18 06:56:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2013/01/22 15:29:03 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\Lolueria_ON_C\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4 - HKLM..\Run: [AMBDef] C:\WINDOWS\AMBDEF.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [CTSyncService] C:\Programme\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Programme\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [WireLessKeyboard]  File not found

O4 - HKLM..\Run: [WireLessMouse]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockIES]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [ASRockOCTuner]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\Lolueria_ON_C..\Run: [EA Core]  File not found

O4 - HKU\Lolueria_ON_C..\Run: [Steam] C:\Programme\Steam\steam.exe (Valve Corporation)

O4 - HKU\Lolueria_ON_C..\Run: [zASRockInstantBoot]  File not found

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Lolueria_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/07/05 14:52:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\AutoRun\command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Explore\Command - "" = K:\SysAnti.exe

O33 - MountPoints2\{233dfad2-0fc6-11e1-84fb-002522ae41f2}\Shell\Open\Command - "" = K:\SysAnti.exe

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/01/22 15:29:01 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe

[2013/01/22 15:28:57 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/01/22 14:45:12 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent

[2013/01/22 01:29:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2013/01/21 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/21 15:06:29 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client

[2013/01/18 10:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 10:39:11 | 000,000,000 | ---D | C] -- C:\Programme\MAESTIA

[2013/01/18 10:35:53 | 000,648,970 | ---- | C] (RoCWorks                                                    ) -- C:\Programme\MAESTIA_SETUP.exe

[2013/01/18 07:05:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2013/01/18 07:05:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\TrueTransparency

[2013/01/18 07:05:42 | 000,000,000 | ---D | C] -- C:\Programme\Styler

[2013/01/18 06:58:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Thoosje Windows Vista Sidebar

[2013/01/18 06:58:05 | 000,000,000 | ---D | C] -- C:\Programme\Thoosje

[2013/01/18 06:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013/01/18 06:56:11 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2013/01/18 06:55:25 | 000,000,000 | ---D | C] -- C:\Programme\XP_Live___Ice

[2013/01/17 14:16:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Wizards of the Coast

[2013/01/17 14:12:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Steam

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\Risen

[2013/01/03 00:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lolueria\Eigene Dateien\Risen

[2013/01/03 00:10:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/01/22 14:30:02 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/22 14:21:59 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2013/01/22 14:19:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/22 09:37:47 | 000,003,178 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 01:35:15 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2013/01/21 15:06:40 | 000,000,809 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/21 15:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client

[2013/01/18 11:38:50 | 000,036,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/18 10:53:29 | 000,000,638 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAESTIA

[2013/01/18 06:58:17 | 000,000,501 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 14:01:46 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/17 11:48:23 | 000,449,596 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013/01/17 11:48:23 | 000,433,106 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/17 11:48:23 | 000,080,724 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013/01/17 11:48:23 | 000,068,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/17 11:45:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/17 05:29:35 | 000,013,678 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/04 14:58:54 | 003,110,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/01/03 00:10:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Risen

[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013/01/22 09:37:47 | 000,003,178 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js

[2013/01/22 09:37:47 | 000,000,802 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Startmenü\Programme\Autostart\runctf.lnk

[2013/01/22 09:37:02 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad

[2013/01/21 15:06:40 | 000,000,809 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk

[2013/01/18 10:53:29 | 000,000,638 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAESTIA.lnk

[2013/01/18 10:37:24 | 1386,150,974 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-2.bin

[2013/01/18 10:35:53 | 1799,350,784 | ---- | C] () -- C:\Programme\MAESTIA_SETUP-1.bin

[2013/01/18 06:58:17 | 000,000,501 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Verknüpfung mit Downloads.lnk

[2013/01/18 06:58:09 | 000,001,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Desktop\Thoosje Windows Vista Sidebar.lnk

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2013/01/17 07:34:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll

[2012/12/17 20:37:00 | 000,000,941 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\.recently-used.xbel

[2012/11/13 05:23:48 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2012/11/13 05:23:48 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2012/10/16 12:12:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dxinfo.INI

[2012/02/10 12:58:56 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2011/12/05 10:57:26 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011/11/09 16:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll

[2011/11/09 16:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/07/20 02:00:04 | 000,036,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/07/12 08:09:05 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Lolueria\update_in_progress.lock

[2011/07/05 16:39:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2011/07/05 16:34:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2011/07/05 16:25:17 | 000,011,323 | R--- | C] () -- C:\WINDOWS\System32\CTSBAMB.INI

[2011/07/05 16:24:47 | 000,014,040 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini

[2011/07/05 16:24:47 | 000,005,288 | ---- | C] () -- C:\WINDOWS\xFi_MiddleLayerKey32.ini

[2011/07/05 16:24:12 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\AMBSPI.DLL

[2011/07/05 16:17:29 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2011/07/05 15:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2011/07/05 15:42:06 | 000,127,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/07/05 15:31:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2011/07/05 15:27:16 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/07/05 14:53:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2011/07/05 14:49:25 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/10/01 21:49:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2009/10/01 21:49:24 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2009/09/01 14:55:54 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2009/08/07 12:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/02/28 07:00:00 | 000,449,596 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/02/28 07:00:00 | 000,433,106 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/02/28 07:00:00 | 000,080,724 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/02/28 07:00:00 | 000,068,062 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

 
 ========== LOP Check ==========

 

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Canneverbe Limited

[2011/11/16 09:30:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\DAEMON Tools Lite

[2011/08/09 12:41:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\EleFun Games

[2011/12/24 13:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\gtk-2.0

[2011/12/05 07:55:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Gutscheinmieze

[2012/07/28 11:01:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Imperium Romanum

[2012/10/02 13:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Kalypso Media

[2011/08/09 14:38:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Neverball

[2012/01/20 21:54:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Obsidian Entertainment

[2012/03/19 21:14:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\OpenOffice.org

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Origin

[2012/05/18 18:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\pokerth

[2011/12/04 07:54:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ProtectDISC

[2011/08/06 06:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\runic games

[2013/01/18 07:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Styler

[2011/07/26 09:39:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The Creative Assembly

[2012/10/07 15:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\The First Templar

[2011/09/11 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Tific

[2013/01/21 15:07:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\TS3Client

[2011/07/13 12:28:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ts3overlay

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Ubisoft

[2011/07/16 15:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\Utherverse

[2013/01/18 07:05:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\ViStart

[2012/12/17 20:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lolueria\Anwendungsdaten\XRay Engine

[2011/12/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited

[2012/05/18 18:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClintwoodGames

[2011/11/19 19:36:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite

[2011/09/13 18:49:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core

[2011/07/21 12:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts

[2012/03/31 07:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fallout3

[2011/07/05 16:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FNET

[2012/08/24 09:18:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI

[2011/07/24 07:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpDRM

[2012/01/20 21:54:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Obsidian Entertainment

[2011/07/21 12:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin

[2012/08/03 15:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pendulo Studios

[2011/08/10 10:52:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2011/07/07 09:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft

 
 ========== Purity Check ==========

 

 

< End of report >

--- --- ---

Die Aktuelle OTLPE

Gruss Tangtung