Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Oldtimer erstellt bloß OTL.text - nicht Extra.txt

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 01.06.2012, 13:47   #1
GunGun
 
Oldtimer erstellt bloß OTL.text  - nicht Extra.txt - Standard

Oldtimer erstellt bloß OTL.text - nicht Extra.txt



Hallo ! ,

habe wie in Schritt 2 bei "für alle Hilfesuchenden" alle Punkte beim Ausführen der OTL.exe befolgt, allerdings wird nur das OTL.txt und nicht- wie angegeben- das Extra.txt erstellt.
Jetzt frage ich mich, ob irgendwelche Häckchen, oder Sonstiges, falsch gesetzt sind und somit der Scan nicht wie vorgesehen läuft.

Bitte um Hilfe und danke dafür im voraus!!

und hier die entstandene OTL.txt, falls sie jemand benötigt:

Code:
ATTFilter
OTL logfile created on: 01.06.2012 13:14:50 - Run 3
OTL by OldTimer - Version 3.2.45.0     Folder = C:\Users\******\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,93% Memory free
6,21 Gb Paging File | 4,86 Gb Available in Paging File | 78,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,45 Gb Total Space | 208,97 Gb Free Space | 72,70% Space Free | Partition Type: NTFS
Drive D: | 10,64 Gb Total Space | 1,27 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
 
Computer Name: ******-PC | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.01 13:04:33 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gunnar\Desktop\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.11.09 12:42:38 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011.09.01 17:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\Engine\5.2.1.3\ccsvchst.exe
PRC - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) -- C:\Programme\ShadowExplorer\sesvc.exe
PRC - [2009.09.05 17:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.09 19:14:02 | 000,296,320 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009.02.09 19:14:02 | 000,116,096 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009.02.09 19:13:36 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009.01.13 17:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe
PRC - [2009.01.08 13:07:56 | 000,450,663 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2009.01.08 13:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe
PRC - [2008.12.25 13:41:20 | 000,189,736 | ---- | M] (CyberLink) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.12.25 13:41:16 | 001,316,136 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.12.17 17:11:40 | 000,365,952 | ---- | M] () -- C:\Programme\SMINST\BLService.exe
PRC - [2008.11.28 18:04:26 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008.11.18 19:35:44 | 000,914,224 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2006.11.22 07:20:00 | 003,768,320 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Programme\WIBUKEY\Server\WkSvMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.10 18:24:32 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3c92d4b3ec56936eab8e17ed81940c10\Microsoft.VisualBasic.ni.dll
MOD - [2012.05.10 18:23:23 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012.05.10 18:18:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 18:18:05 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012.05.10 18:17:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.05.10 18:16:57 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.05.10 18:15:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.05.10 18:14:43 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
MOD - [2012.05.10 18:14:06 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
MOD - [2012.05.10 18:13:26 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
MOD - [2012.05.10 18:12:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012.05.10 18:12:56 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c466fbf8e50c7c11b2fa994707124290\PresentationFramework.ni.dll
MOD - [2012.05.10 18:12:15 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b4ade6954a61a7626858c123dc951ba6\PresentationCore.ni.dll
MOD - [2012.05.10 18:11:41 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012.05.10 18:11:32 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.05.10 18:11:14 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011.05.28 23:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.04.03 03:09:59 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3308.43095__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:59 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3308.43112__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3308.43107__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:58 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3308.43111__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:58 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3308.43186__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:58 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3308.43186__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:58 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3308.43166__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:58 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3308.43102__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:58 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3308.43148__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:58 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3308.43135__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3308.43102__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:57 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3308.43153__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:57 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3308.43185__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:57 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3308.43153__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:57 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3308.43152__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3308.43185__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:56 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3308.43137__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3308.43103__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3308.43113__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3308.43132__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3308.43161__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3308.43147__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3308.43117__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009.04.03 03:09:56 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3308.43112__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3308.43146__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:56 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3308.43137__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3308.43136__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3308.43116__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3308.43145__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3308.43147__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:55 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3308.43136__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.04.03 03:09:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3308.43136__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.04.03 03:09:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3246.34233__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3246.34194__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3246.34290__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3246.34445__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3246.34278__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3246.34443__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.04.03 03:09:55 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.04.03 03:09:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3246.34145__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.04.03 03:09:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.04.03 03:09:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3246.34138__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.04.03 03:09:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3246.34297__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.04.03 03:09:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3246.34264__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.04.03 03:09:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3246.34295__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.04.03 03:09:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.04.03 03:09:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3246.34300__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.04.03 03:09:52 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3246.34155__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.04.03 03:09:52 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3246.34242__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3246.34346__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3246.34407__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3246.34574__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.04.03 03:09:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3246.34401__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3246.34251__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3246.34236__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3246.34198__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.04.03 03:09:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3246.34229__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3246.34316__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.04.03 03:09:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3246.34304__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3246.34350__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3246.34337__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3246.34335__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3246.34333__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3246.34345__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3246.34279__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3246.34319__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3246.34305__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3246.34282__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3246.34340__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3246.34307__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.04.03 03:09:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3246.34274__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.04.03 03:09:51 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3246.34235__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.04.03 03:09:50 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3308.43175__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.04.03 03:09:50 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3308.43106__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.04.03 03:09:50 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3308.43180__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.04.03 03:09:50 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3308.43179__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.04.03 03:09:50 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3308.43194__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.04.03 03:09:50 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3246.34183__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.04.03 03:09:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3246.34205__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.04.03 03:09:50 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3246.34258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.04.03 03:09:50 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3246.34292__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.04.03 03:09:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3246.34174__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.04.03 03:09:50 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.04.03 03:09:50 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.04.03 03:09:50 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3309.2__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.04.03 03:09:50 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3308.43092__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.04.03 03:09:49 | 001,077,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3308.43099__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.04.03 03:09:49 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3308.43093__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.04.03 03:09:49 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3308.43095__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.04.03 03:09:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3246.34261__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.04.03 03:09:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3246.34227__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.04.03 03:09:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3246.34289__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.04.03 03:09:48 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3308.43094__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.04.03 03:09:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3308.43093__90ba9c70f846762e\APM.Server.dll
MOD - [2009.04.03 03:09:48 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3308.43092__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.04.03 03:09:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.04.03 03:09:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3308.43180__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.04.03 03:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3246.34356__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 06:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2009.02.25 03:16:56 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.02.25 03:16:56 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009.02.09 19:14:04 | 000,124,288 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
MOD - [2009.02.09 19:14:02 | 000,263,560 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
MOD - [2009.02.09 19:14:02 | 000,038,184 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
MOD - [2009.02.09 19:14:00 | 000,349,480 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
MOD - [2009.02.09 19:13:26 | 000,066,856 | ---- | M] () -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus.dll
MOD - [2009.01.22 02:34:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.12.25 13:41:24 | 000,881,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.10.29 17:34:28 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007.08.14 13:59:54 | 006,365,184 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 13:55:52 | 000,131,072 | ---- | M] () -- C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 13:55:28 | 001,581,056 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtCore4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe -- (N360)
SRV - [2011.01.02 21:29:50 | 000,009,216 | ---- | M] (www.shadowexplorer.com) [Auto | Running] -- C:\Programme\ShadowExplorer\sesvc.exe -- (sesvc)
SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.09 19:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2009.02.09 19:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2009.01.13 17:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe -- (AESTFilters)
SRV - [2009.01.08 13:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe -- (STacSV)
SRV - [2008.12.17 17:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Programme\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008.01.21 04:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008.01.21 04:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.05.31 11:50:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.05.31 11:50:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.05.23 22:39:14 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120531.036\NAVEX15.SYS -- (NAVEX15)
DRV - [2012.05.23 22:39:14 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120531.036\NAVENG.SYS -- (NAVENG)
DRV - [2012.04.28 02:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120531.003\IDSvix86.sys -- (IDSVix86)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.03 01:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120517.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.05.11 16:26:35 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.04.21 03:37:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symtdiv.sys -- (SYMTDIv)
DRV - [2011.03.31 05:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtsp.sys -- (SRTSP)
DRV - [2011.03.31 05:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011.03.15 04:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symefa.sys -- (SymEFA)
DRV - [2011.01.27 08:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symds.sys -- (SymDS)
DRV - [2010.11.16 03:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\ironx86.sys -- (SymIRON)
DRV - [2010.05.07 07:34:48 | 000,640,640 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2010.05.07 07:34:48 | 000,582,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2009.12.09 16:05:35 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.12.08 22:18:32 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ezplay.sys -- (ezplay)
DRV - [2009.10.13 16:42:22 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2009.10.13 16:42:22 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2009.10.13 16:42:22 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2009.10.13 16:42:22 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2009.10.13 16:42:22 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2009.08.24 11:14:30 | 000,044,544 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\azvusb.sys -- (azvusb)
DRV - [2009.04.11 06:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009.03.19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.01.22 03:00:24 | 004,257,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.01.20 16:49:26 | 000,142,848 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.01.08 13:07:56 | 000,391,168 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.12.20 00:01:46 | 001,093,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.12.05 13:06:06 | 000,109,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.11.28 18:04:24 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/04/03 03:50:57] [Kernel | Auto | Running] -- C:\Programme\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.09.04 19:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.04.28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.03.27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008.03.27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.11.22 07:20:00 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WibuKey.sys -- (WIBUKEY)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{186B55E9-E01B-4F88-8EEC-A6216AA2803D}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{5B0AA7FF-E06C-4DDB-B180-FD9E87D2D566}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=204&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{FE86B5D2-7CEB-4817-A281-F778AE18DA5B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{6C6CBBA2-69AC-4FFA-8A88-76EF8C38CCBB}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=204&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Gunnar\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gunnar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012.02.12 11:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_7_5 [2012.06.01 12:39:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.02 18:12:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.02 18:12:46 | 000,000,000 | ---D | M]
 
[2012.05.31 16:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Extensions
[2012.02.13 17:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions
[2012.05.31 16:19:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.31 16:19:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2012.05.31 16:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012.05.31 16:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.05.31 16:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2012.05.31 16:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2012.05.31 16:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009.09.03 17:51:36 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Gunnar\AppData\Roaming\mozilla\Firefox\Profiles\kh92vfkb.default\extensions\moveplayer@movenetworks.com
[2011.11.21 22:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.09.15 14:50:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.14 20:37:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.12.14 20:37:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.13 10:05:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.13 10:05:34 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.08.31 20:03:27 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2009.08.31 20:03:27 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2010.09.13 10:05:35 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.21 22:11:27 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2010.09.13 10:05:35 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.13 10:05:35 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Gunnar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Gunnar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Gunnar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.2.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O4 - Startup: C:\Users\Gunnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB85C418-27BC-437E-A967-C511835BC10D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB8B59CA-DB69-4058-B529-D412323938CC}: NameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) - C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) - C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{00bf5928-bff6-11df-91d9-00238bb2b2fe}\Shell\AutoRun\command - "" = H:\Menu.exe
O33 - MountPoints2\{495fd90c-f244-11df-9c53-00238bb2b2fe}\Shell - "" = AutoRun
O33 - MountPoints2\{495fd90c-f244-11df-9c53-00238bb2b2fe}\Shell\AutoRun\command - "" = F:\launcher.exe
O33 - MountPoints2\{8b2a3c21-5db2-11de-9ba7-00238bb2b2fe}\Shell - "" = AutoRun
O33 - MountPoints2\{8b2a3c21-5db2-11de-9ba7-00238bb2b2fe}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{a3a20d79-2d4e-11e0-9a94-00238bb2b2fe}\Shell\AutoRun\command - "" = SOL/fla.exe
O33 - MountPoints2\{a3a20d79-2d4e-11e0-9a94-00238bb2b2fe}\Shell\explore\command - "" = SOL/fla.exe
O33 - MountPoints2\{a3a20d79-2d4e-11e0-9a94-00238bb2b2fe}\Shell\open\command - "" = SOL/fla.exe
O33 - MountPoints2\{c09076bb-af52-11df-9fcf-00238bb2b2fe}\Shell - "" = AutoRun
O33 - MountPoints2\{c09076bb-af52-11df-9fcf-00238bb2b2fe}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{f4fe8fe1-6c8f-11de-b310-00238bb2b2fe}\Shell - "" = AutoRun
O33 - MountPoints2\{f4fe8fe1-6c8f-11de-b310-00238bb2b2fe}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.01 13:04:30 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Gunnar\Desktop\OTL.exe
[2012.06.01 12:20:13 | 000,000,000 | R--D | C] -- C:\Users\Gunnar\Searches
[2012.06.01 11:45:09 | 000,000,000 | R--D | C] -- C:\Users\Gunnar\Favorites
[2012.05.31 22:27:46 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\www.shadowexplorer.com
[2012.05.31 22:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
[2012.05.31 22:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\ShadowExplorer
[2012.05.31 22:06:08 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\TuneUp Software
[2012.05.31 22:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.05.31 22:03:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.31 22:03:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.31 19:36:38 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\Malwarebytes
[2012.05.31 19:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.31 19:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.31 19:36:27 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.31 19:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.31 14:22:03 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\Ppihkni
[2012.05.14 18:41:04 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\Blackberry Desktop
[2012.05.14 17:55:24 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Local\Research In Motion
[2012.05.14 17:55:21 | 000,000,000 | ---D | C] -- C:\Users\Gunnar\AppData\Roaming\Research In Motion
[2012.05.14 17:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
[2012.05.14 17:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2012.05.14 17:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion
[2012.05.14 17:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2012.05.09 16:42:30 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.09 16:42:29 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.05.09 16:42:29 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.05.09 16:42:29 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.05.09 16:42:28 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.05.09 16:42:02 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.09 16:42:01 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.09 16:42:01 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.01 13:04:33 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gunnar\Desktop\OTL.exe
[2012.06.01 12:40:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.01 12:37:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.01 12:37:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.01 12:37:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.01 12:35:46 | 000,000,176 | ---- | M] () -- C:\Users\Gunnar\defogger_reenable
[2012.06.01 12:34:36 | 000,050,477 | ---- | M] () -- C:\Users\Gunnar\Desktop\Defogger.exe
[2012.06.01 12:31:06 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.01 01:55:51 | 000,326,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.31 23:21:26 | 000,070,656 | ---- | M] () -- C:\Users\Gunnar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.31 22:41:09 | 000,633,580 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.31 22:41:09 | 000,600,138 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.31 22:41:09 | 000,128,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.31 22:41:09 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.30 02:29:55 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGunnar.job
[2012.05.24 15:37:06 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.05.14 18:50:52 | 000,000,077 | ---- | M] () -- C:\Users\Gunnar\AppData\Roaming\tDXGVtpsasUeTDdGflpsV
[2012.05.14 18:50:51 | 000,000,077 | ---- | M] () -- C:\Users\Gunnar\AppData\Roaming\AGVtUxfsUGVtdxVtdx
[2012.05.14 18:32:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
[2012.05.14 17:53:48 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
[2012.05.14 17:52:22 | 000,001,147 | ---- | M] () -- C:\Users\Gunnar\AppData\Roaming\GDqealpsyEJNdsdGfysy
[2012.05.14 17:51:40 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.01 12:35:15 | 000,000,176 | ---- | C] () -- C:\Users\Gunnar\defogger_reenable
[2012.06.01 12:34:47 | 000,050,477 | ---- | C] () -- C:\Users\Gunnar\Desktop\Defogger.exe
[2012.05.14 18:32:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimUsb_01007.Wdf
[2012.05.14 17:53:48 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_RimSerial_01007.Wdf
[2012.05.14 17:51:39 | 000,002,096 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.01.06 00:14:16 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010.09.14 22:29:49 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.06.06 18:14:59 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
 
========== LOP Check ==========
 
[2010.10.26 23:47:23 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\ACShredder
[2012.03.09 16:28:42 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Amazon
[2012.05.14 18:41:08 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Blackberry Desktop
[2012.05.31 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\DAEMON Tools Lite
[2012.05.31 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\DAEMON Tools Pro
[2012.05.31 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Facebook
[2012.05.31 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\FF376FFB71961DA82D33C4E6D67B78D1
[2012.05.31 16:19:51 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\FreeFLVConverter
[2010.11.18 18:55:09 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\FreeVideoConverter
[2009.09.13 00:05:52 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Leadertech
[2012.03.10 01:37:20 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\muvee Technologies
[2009.08.23 23:12:19 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Nokia
[2012.05.31 16:20:02 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\OfferBox
[2009.09.30 14:47:59 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\OpenOffice.org
[2009.08.06 15:33:29 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\PC Suite
[2012.05.31 21:05:16 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Ppihkni
[2012.05.14 18:08:31 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Research In Motion
[2010.09.21 22:32:40 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\SharePod
[2011.09.03 15:39:48 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Simfy
[2012.05.31 16:20:06 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Steganos
[2009.06.06 17:59:13 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Template
[2012.05.31 16:20:06 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Tific
[2012.05.31 22:06:08 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\TuneUp Software
[2009.12.14 14:34:56 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Ubisoft
[2012.05.31 16:20:06 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\uTorrent
[2012.05.31 16:20:06 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\Vso
[2012.05.31 16:20:06 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\widestream
[2009.05.20 15:35:22 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\WildTangent
[2012.05.31 22:27:46 | 000,000,000 | ---D | M] -- C:\Users\Gunnar\AppData\Roaming\www.shadowexplorer.com
[2012.06.01 12:36:15 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         

Alt 03.06.2012, 12:46   #2
GunGun
 
Oldtimer erstellt bloß OTL.text  - nicht Extra.txt - Standard

Oldtimer erstellt bloß OTL.text - nicht Extra.txt



hat denn keiner ne ahnung????
__________________


Alt 03.06.2012, 17:20   #3
jarasan
 
Oldtimer erstellt bloß OTL.text  - nicht Extra.txt - Standard

Oldtimer erstellt bloß OTL.text - nicht Extra.txt



Hallo GunGun,

ich glaube die Helfer hier sind ziemlich ausgelastet. Also antworte ich einfach mal.

1. Zu OTL gibt es ein Tutorial hier: http://www.trojaner-board.de/85104-o...oldtimer.html.

Der Punkt ist : Haken bei "benutze SafeList" bei Extra Registrierung. Das sollte eigentlich dafür sorgen, dass auch ExtrasTxt erstellt wird.

Wenn OTL gescannt hat öffnet sich in der Regel OTL.txt im Editor und Extras.txt minimiert in der Taskleiste. Aber beide sollten eigentlich auch auf dem Desktop gespeichert werden (sofern du OTL dorthin gespeichert hast, ansonsten im Ordner, in dem du OTL abgelegt hast).

Sofern du an all das gedacht hast, sollte es funktionieren, ich lese aber gelegentlich in anderen Threads auch, dass bei anderen Usern auch keine Extras.txt erstellt wurde. Möglicherweise liegt es also an etwas anderem.
Für den Fall entschuldige ich mich mal, dass ich dir da nicht weiterhelfen kann. Vielleicht hilft es auch, OTL zu deinstallieren, alle existierenden Logfiles zu löschen und neu herunterzuladen (auf den Desktop ! )

viele Grüße

Andreas
__________________

Alt 03.06.2012, 21:53   #4
GunGun
 
Oldtimer erstellt bloß OTL.text  - nicht Extra.txt - Standard

Oldtimer erstellt bloß OTL.text - nicht Extra.txt



vielen dank für deine hilfe, Juniper25, hat funktioniert!!

Antwort

Themen zu Oldtimer erstellt bloß OTL.text - nicht Extra.txt
ausführen, bandoo, befolgt, bitte um hilfe, branding, erstell, erstellt, falsch, frage, gesetzt, hilfesuche, hilfesuchenden, intranet, limited.com/facebook, oldtimer, otl.exe, otl.txt, punkte, scan, schritt, searchqu toolbar, searchscopes, sonstiges, version=1.0



Ähnliche Themen: Oldtimer erstellt bloß OTL.text - nicht Extra.txt


  1. Plötzlich nur noch weißer Bildschirm auf laptop - Frst.text erstellt
    Log-Analyse und Auswertung - 20.07.2013 (7)
  2. CPU Schwankungen - OTL Oldtimer Log
    Log-Analyse und Auswertung - 19.06.2013 (11)
  3. GVU-Trojaner, jedoch OTLPENet.exe nicht downloadbar auf http://oldtimer.geekstogo.com/OTLPENet.exe
    Log-Analyse und Auswertung - 20.02.2013 (13)
  4. Gibt es die OTLPENet.exe von Oldtimer nicht mehr?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (2)
  5. GEMA - Trojaner ...shell.text bereits erstellt
    Plagegeister aller Art und deren Bekämpfung - 10.01.2012 (91)
  6. 50Euro Virus - Win7 / 64 - OTL Logfile erstellt nach Anleitung erstellt
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (2)
  7. BKA-Trojaner, jedoch OTLPENet.exe nicht downloadbar auf http://oldtimer.geekstogo.com/OTLPENet.exe
    Log-Analyse und Auswertung - 16.11.2011 (14)
  8. Ukash BKA Trojaner: OTL file erstellt, jedoch keine extas.text und nun?
    Log-Analyse und Auswertung - 07.09.2011 (1)
  9. OTM by Oldtimer - was ist das?
    Antiviren-, Firewall- und andere Schutzprogramme - 06.12.2010 (23)
  10. Ijodia.exe was ist das bloß?
    Alles rund um Windows - 27.07.2010 (5)
  11. Darstellungs problem! (Text wird nicht angezeigt)
    Antiviren-, Firewall- und andere Schutzprogramme - 18.04.2010 (3)
  12. Trojaner & Virus bloß welcher und wo??
    Log-Analyse und Auswertung - 13.06.2009 (18)
  13. Anwendungen+Internet bloß begrenzt funktionstüchtig
    Plagegeister aller Art und deren Bekämpfung - 01.02.2009 (1)
  14. trojaner oder doch bloß paranoia ?!
    Log-Analyse und Auswertung - 14.01.2008 (18)
  15. Bloß kein Ad Aware!!!!
    Antiviren-, Firewall- und andere Schutzprogramme - 17.01.2006 (16)
  16. Wie werd ich diese Fieslinge bloß los?
    Log-Analyse und Auswertung - 13.11.2005 (8)

Zum Thema Oldtimer erstellt bloß OTL.text - nicht Extra.txt - Hallo ! , habe wie in Schritt 2 bei "für alle Hilfesuchenden" alle Punkte beim Ausführen der OTL.exe befolgt, allerdings wird nur das OTL.txt und nicht- wie angegeben- das Extra.txt - Oldtimer erstellt bloß OTL.text - nicht Extra.txt...
Archiv
Du betrachtest: Oldtimer erstellt bloß OTL.text - nicht Extra.txt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.