| SichlMichl | 11.06.2013 17:53 |
Ich habe über eine virtuelle Maschine auf meinem Mac die Datei heruntergeladen und dann mit einem Doppelklick versucht den Brennvorgang zu starten.
Das hat leider nicht funktioniert. Dann habe ich die iso über SharedFolder auf meinem Mac abgelegt und von dort aus auf eine DVD gebrannt. Ich hoffe es beeinträchtigt nicht das Ergebnis!
Nachdem ich OTLPE gestartet habe, hat er mich immer nach einem Verzeichnis gefragt. Ich habe ihm dann das "Windows"-Verzeichnis gegeben.
Abschließend hat er nur ein ein - und nicht wie prognostiziert zwei - Logfiles erstellt.
Siehe: Code:
OTL logfile created on: 6/11/2013 7:35:17 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.30 Mb Free Space | 74.31% Space Free | Partition Type: NTFS
Drive E: | 452.66 Gb Total Space | 357.30 Gb Free Space | 78.93% Space Free | Partition Type: NTFS
Drive F: | 7.26 Gb Total Space | 7.07 Gb Free Space | 97.32% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/09/22 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/11 08:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto] -- E:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto] -- E:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/15 12:25:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/29 12:30:31 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- E:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/29 12:29:46 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- E:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/01 03:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 03:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/09/23 05:44:26 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- E:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/10 05:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto] -- E:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- E:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/04/13 12:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 08:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto] -- E:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/29 19:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto] -- E:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto] -- E:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/04 13:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- E:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/29 12:30:49 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- E:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/03/29 12:30:49 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- E:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/03/29 12:30:49 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- E:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/03/08 12:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/10/01 03:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 03:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 03:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- E:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 03:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/03 15:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/05/24 03:46:36 | 000,246,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/05/15 08:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/09/01 23:54:18 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/09 18:45:10 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\User_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5735z&r=27361010q345l0444z1h5z4722720q
IE - HKU\User_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\User_ON_E\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found
IE - HKU\User_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/MycameraPlugin: E:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: E:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\User_ON_E\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\User_ON_E\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\User_ON_E\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKU\User_ON_E\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDWare] E:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [avgnt] E:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\User_ON_E..\Run: [ccleaner] E:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\User_ON_E..\Run: [ctfmon.exe] E:\ProgramData\zd22g.dat ()
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/06/05 17:23:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- E:\ProgramData\rundll32.exe
[2013/06/05 13:10:37 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{04E45FB1-E25B-46C4-930F-E00C773F1811}
[2013/06/04 13:09:35 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{48986FA0-044A-4FE6-AC96-F37AC059240A}
[2013/06/04 04:45:52 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{DF70BE44-F2EF-4EE2-91BA-37A2E4AF6C89}
[2013/06/04 02:22:24 | 000,000,000 | -H-D | C] -- E:\Windows\AxInstSV
[2013/06/03 16:38:16 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{87C344D2-49FE-4559-A24D-3F981117437D}
[2013/06/03 03:08:52 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{5FEF4DDB-875F-4CD8-83B4-67E45CDC66A2}
[2013/06/02 12:48:56 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{5B9A6866-BABA-4FAD-AB65-8236CFAF9CEF}
[2013/06/02 04:49:51 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{5D8EE79D-59BB-49B3-AACA-7E7D042F141A}
[2013/06/01 13:10:45 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{267A12A0-1626-43BE-866A-B3485C59CF0A}
[2013/06/01 09:11:32 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{0D48F8BD-44D1-4840-833A-B572766CC883}
[2013/05/31 13:10:07 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{FE4BDACE-8CA4-444C-8198-E1DBDE704930}
[2013/05/31 10:46:20 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{071DD618-F7B4-40DD-99AF-D166371C6B9B}
[2013/05/30 05:18:29 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{81D01859-FAC6-41B0-82CC-3F564A008B33}
[2013/05/29 15:26:00 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{4518D920-8A10-4B26-9941-5D944CDF0E2B}
[2013/05/28 11:38:40 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{58F72398-40FD-447B-929C-2C16118B3BE4}
[2013/05/27 10:08:29 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{35C1C56D-D315-4FB5-90CC-D480B3198386}
[2013/05/26 14:20:55 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{89070AD7-6C4B-4AA5-8DB8-AB1D1A4FF978}
[2013/05/25 05:28:15 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{B313017B-2064-472C-A73B-645652B5A610}
[2013/05/24 11:14:12 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{30B5A044-8C54-424B-A051-83BDC5BDEB58}
[2013/05/22 13:19:55 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{9F90E46F-224B-4F9E-8220-188CCFC6E3D9}
[2013/05/22 08:33:57 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{EE241B4C-2F56-42B7-9499-B1C364A7B7BC}
[2013/05/21 13:18:11 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{C47F369A-E95A-4836-AABB-11DC078908C4}
[2013/05/21 10:41:07 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{0E26042C-4A67-4EC3-BBD1-815AA4C45C66}
[2013/05/20 04:24:49 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{83C9541E-281A-4169-92C2-F8A0FFE1A08E}
[2013/05/19 13:28:51 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{F0A30F4C-ED74-4097-84AF-7334287D527E}
[2013/05/18 11:34:34 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{23E912DF-3E2F-4D48-B247-EF2226078F90}
[2013/05/17 11:38:40 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{1083A4E5-E0B1-46D9-A4F6-6FDA78F889D7}
[2013/05/16 15:09:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\ieui.dll
[2013/05/16 15:09:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2013/05/16 15:09:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ie4uinit.exe
[2013/05/16 15:09:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll
[2013/05/16 15:09:08 | 000,493,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\msfeeds.dll
[2013/05/16 15:09:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iesysprep.dll
[2013/05/16 15:09:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iesysprep.dll
[2013/05/16 15:09:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\RegisterIEPKEYs.exe
[2013/05/16 15:09:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/16 15:09:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iesetup.dll
[2013/05/16 15:09:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iesetup.dll
[2013/05/16 15:09:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\iernonce.dll
[2013/05/16 15:09:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\iernonce.dll
[2013/05/16 15:09:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2013/05/16 15:09:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript.dll
[2013/05/16 15:09:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2013/05/16 15:09:05 | 002,877,440 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\jscript9.dll
[2013/05/16 14:24:27 | 000,265,064 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\dxgmms1.sys
[2013/05/16 14:24:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\cdd.dll
[2013/05/16 14:24:16 | 001,930,752 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\authui.dll
[2013/05/16 14:24:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\shdocvw.dll
[2013/05/16 14:24:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\authui.dll
[2013/05/16 14:24:15 | 000,111,448 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\consent.exe
[2013/05/16 14:23:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\wwanprotdim.dll
[2013/05/16 12:19:56 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{0E87BF01-FC21-4C99-8B3C-3CC6ABA2CB01}
[2013/05/15 11:53:35 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{31098013-6259-4DBB-8F74-9C35CDD40A64}
[2013/05/14 13:37:53 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{8656FCD6-D650-4D79-9DF9-3BE4C7830069}
[2013/05/14 02:40:16 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{BBF66118-197B-42B0-B324-07C41D17B0F7}
[2013/05/13 11:53:26 | 000,000,000 | ---D | C] -- E:\Users\User\AppData\Local\{F2454E79-B692-4DEA-A4A0-086F2887B375}
[1 E:\Users\User\AppData\Local\*.tmp files -> E:\Users\User\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/11 11:38:36 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2013/06/11 11:38:02 | 095,023,320 | ---- | M] () -- E:\ProgramData\g22dz.pad
[2013/06/11 11:37:25 | 3166,150,656 | -HS- | M] () -- E:\hiberfil.sys
[2013/06/11 04:31:37 | 000,009,696 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/11 04:31:36 | 000,009,696 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/11 04:31:26 | 000,654,852 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2013/06/11 04:31:26 | 000,616,694 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2013/06/11 04:31:26 | 000,130,434 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2013/06/11 04:31:26 | 000,106,816 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2013/06/06 01:24:00 | 000,000,884 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/05 17:27:24 | 000,002,608 | ---- | M] () -- E:\ProgramData\g22dz.js
[2013/06/05 17:24:15 | 000,001,027 | ---- | M] () -- E:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk
[2013/06/05 17:24:04 | 000,000,151 | ---- | M] () -- E:\ProgramData\g22dz.reg
[2013/06/05 17:24:04 | 000,000,055 | ---- | M] () -- E:\ProgramData\g22dz.bat
[2013/06/05 17:23:56 | 000,163,840 | ---- | M] () -- E:\ProgramData\zd22g.dat
[2013/06/05 17:23:56 | 000,044,544 | ---- | M] (Microsoft Corporation) -- E:\ProgramData\rundll32.exe
[2013/06/03 03:24:33 | 000,001,114 | ---- | M] () -- E:\Windows\wiso.ini
[2013/06/02 01:16:04 | 000,012,158 | ---- | M] () -- E:\Users\User\Documents\Meier Maria EÜR 2012.odt
[2013/06/01 09:30:44 | 000,001,233 | ---- | M] () -- E:\Users\Public\Desktop\ElsterFormular.lnk
[2013/05/28 14:01:30 | 000,013,408 | ---- | M] () -- E:\Users\User\Documents\Schmidt Jürgen EST 2012.odt
[2013/05/17 11:35:24 | 000,306,528 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2013/05/15 12:25:07 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 12:25:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/05/14 13:19:01 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/05/14 03:14:31 | 000,012,398 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad SA 2012.ods
[2013/05/14 03:12:24 | 000,014,122 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad FW AV 2012.ods
[2013/05/14 03:07:40 | 000,017,661 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad Entwicklung des AV 30.06.2013.ods
[2013/05/14 03:00:34 | 000,009,031 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad EÜ FW 2012.ods
[2013/05/14 02:53:56 | 000,014,242 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad Anlagespiegel 30.06.2013.ods
[2013/05/14 02:47:57 | 000,008,867 | ---- | M] () -- E:\Users\User\Documents\Schmidt Konrad EÜ LW 2012 2013.ods
[1 E:\Users\User\AppData\Local\*.tmp files -> E:\Users\User\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/05 17:27:24 | 000,002,608 | ---- | C] () -- E:\ProgramData\g22dz.js
[2013/06/05 17:24:15 | 000,001,027 | ---- | C] () -- E:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk
[2013/06/05 17:24:04 | 000,000,151 | ---- | C] () -- E:\ProgramData\g22dz.reg
[2013/06/05 17:24:04 | 000,000,055 | ---- | C] () -- E:\ProgramData\g22dz.bat
[2013/06/05 17:24:02 | 095,023,320 | ---- | C] () -- E:\ProgramData\g22dz.pad
[2013/06/05 17:23:56 | 000,163,840 | ---- | C] () -- E:\ProgramData\zd22g.dat
[2013/05/31 13:39:29 | 000,012,158 | ---- | C] () -- E:\Users\User\Documents\Meier Maria EÜR 2012.odt
[2013/05/27 13:54:25 | 000,013,408 | ---- | C] () -- E:\Users\User\Documents\Schmidt Jürgen EST 2012.odt
[2013/05/14 03:00:33 | 000,009,031 | ---- | C] () -- E:\Users\User\Documents\Schmidt Konrad EÜ FW 2012.ods
[2013/05/14 02:53:54 | 000,014,242 | ---- | C] () -- E:\Users\User\Documents\Schmidt Konrad Anlagespiegel 30.06.2013.ods
[2013/05/14 02:51:43 | 000,017,661 | ---- | C] () -- E:\Users\User\Documents\Schmidt Konrad Entwicklung des AV 30.06.2013.ods
[2013/05/14 02:47:55 | 000,008,867 | ---- | C] () -- E:\Users\User\Documents\Schmidt Konrad EÜ LW 2012 2013.ods
[2012/11/16 10:41:55 | 000,000,017 | ---- | C] () -- E:\Windows\SysWow64\shortcut_ex.dat
[2011/11/01 05:31:29 | 000,000,952 | -HS- | C] () -- E:\ProgramData\KGyGaAvL.sys
[2011/07/02 12:05:50 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2011/06/12 09:03:06 | 000,000,000 | ---- | C] () -- E:\Users\User\AppData\Local\{2223C978-20C5-43B9-AEC1-75F785987E94}
[2011/01/14 15:50:37 | 000,016,384 | ---- | C] () -- E:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/26 11:01:25 | 000,001,114 | ---- | C] () -- E:\Windows\wiso.ini
[2010/12/25 13:16:15 | 001,527,912 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/23 13:41:42 | 000,000,425 | ---- | C] () -- E:\Windows\BRWMARK.INI
[2010/10/23 13:41:42 | 000,000,027 | ---- | C] () -- E:\Windows\BRPP2KA.INI
[2010/09/23 05:37:43 | 000,206,208 | ---- | C] () -- E:\Windows\PLFSetI.exe
[2010/09/23 05:37:43 | 000,113,264 | ---- | C] () -- E:\Windows\FixUVC.exe
[2010/09/23 05:37:43 | 000,000,302 | ---- | C] () -- E:\Windows\PidList_C.ini
[2010/09/06 08:06:36 | 000,982,220 | ---- | C] () -- E:\Windows\SysWow64\igkrng500.bin
[2010/09/06 08:06:35 | 000,134,592 | ---- | C] () -- E:\Windows\SysWow64\igfcg500.bin
[2010/09/06 08:06:35 | 000,092,216 | ---- | C] () -- E:\Windows\SysWow64\igfcg500m.bin
[2010/09/06 08:06:34 | 000,439,300 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng500.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2010/09/06 07:31:33 | 000,000,000 | ---D | M] -- E:\ProgramData\Acer
[2010/10/21 10:34:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2011/10/27 12:42:55 | 000,000,000 | ---D | M] -- E:\ProgramData\Ask
[2010/09/06 07:38:01 | 000,000,000 | ---D | M] -- E:\ProgramData\BackupManager
[2013/02/25 03:03:10 | 000,000,000 | ---D | M] -- E:\ProgramData\Buhl Data Service GmbH
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/10/21 10:34:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2012/02/05 14:20:43 | 000,000,000 | ---D | M] -- E:\ProgramData\elsterformular
[2010/09/06 07:26:46 | 000,000,000 | ---D | M] -- E:\ProgramData\eSobi
[2010/10/21 10:34:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2011/01/12 14:23:04 | 000,000,000 | ---D | M] -- E:\ProgramData\NCH Swift Sound
[2010/09/23 05:46:02 | 000,000,000 | ---D | M] -- E:\ProgramData\NTI Launcher
[2010/10/21 10:37:07 | 000,000,000 | ---D | M] -- E:\ProgramData\oem
[2010/10/21 10:53:44 | 000,000,000 | ---D | M] -- E:\ProgramData\Partner
[2012/02/18 07:40:34 | 000,000,000 | ---D | M] -- E:\ProgramData\PC Drivers HeadQuarters
[2011/11/08 18:22:08 | 000,000,000 | ---D | M] -- E:\ProgramData\PhotoStitch
[2010/12/25 13:28:09 | 000,000,000 | ---D | M] -- E:\ProgramData\ReviverSoft
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/10/21 10:34:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/12/17 08:15:12 | 000,000,000 | ---D | M] -- E:\ProgramData\tmp
[2010/12/27 12:05:08 | 000,000,000 | ---D | M] -- E:\ProgramData\VirtualizedApplications
[2010/10/21 10:34:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/02/18 07:08:10 | 000,000,000 | -HSD | M] -- E:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/02/18 15:07:19 | 000,000,000 | ---D | M] -- E:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2013/05/25 10:36:57 | 000,032,640 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
TDSSKiller.exe und speichere diese Datei auf dem Desktop
WARNUNG an die MITLESER: