Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virenwarnung von web.de bekommen, daraufhin Login gesperrt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 21.09.2012, 08:18   #1
rebhuhn
 
Virenwarnung von web.de bekommen, daraufhin Login gesperrt - Standard

Virenwarnung von web.de bekommen, daraufhin Login gesperrt



Einen schönen guten Morgen,

vorgestern wurde mir mein Zugang zu web.de mit dem Hinweis "Virenwarnung" gesperrt, da ich plötzlich unendlich viele Spam-Mails bekommen habe. Daraufhin habe ich alles durchgescannt und es wurden auch Viren gefunden. Diese habe ich leider bereits gelöscht bevor ich auf dieses Forum gestoßen bin.
Nun habe ich Bedenken, dass mein Rechner noch nicht sauber sein könnte. Ich habe OTL und GMER durchgeführt. Kann mir jemand dabei helfen? Ich traue mich nicht ins Internet (bin jetzt an einem anderen Rechner). Vielen Dank vorab für die Hilfe.

OTL.TXT:
OTL logfile created on: 9/20/2012 8:00:54 PM - Run 3
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Heike\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.87 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 58.40% Memory free
5.73 Gb Paging File | 4.25 Gb Available in Paging File | 74.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424.66 Gb Total Space | 142.51 Gb Free Space | 33.56% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 21.12 Gb Free Space | 52.80% Space Free | Partition Type: NTFS
Drive F: | 122.71 Mb Total Space | 91.79 Mb Free Space | 74.80% Space Free | Partition Type: FAT

Computer Name: MAMAHEIKE-PC | User Name: Mama Heike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/19 09:56:32 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Heike\Desktop\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/03 10:52:56 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/04 15:29:24 | 001,370,224 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\mshaktuell.exe
PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011/04/19 16:12:22 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2011/04/19 16:12:18 | 000,408,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/23 23:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files\FreePDF_XP\fpassist.exe
PRC - [2010/10/13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2010/07/20 18:21:40 | 000,323,280 | ---- | M] (Napster) -- C:\Users\Public\Programme\napster.exe
PRC - [2010/04/23 16:53:10 | 001,423,904 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2010/04/20 17:57:18 | 000,083,456 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe
PRC - [2010/03/29 17:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) -- C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/01/13 19:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2009/12/14 20:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2009/12/12 00:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe
PRC - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Users\Public\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/13 16:47:08 | 002,846,720 | ---- | M] (RapidSolution Software AG) -- C:\Program Files\Tunebite\tunebite.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/12 20:07:26 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\d0981ac2a5c158f32ae5126437b5a537\Vodafone.View.ManagedToolTip.ni.dll
MOD - [2012/07/12 20:07:25 | 000,876,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\47bb1dd545cfa7cc24333695b8326098\Vodafone.View.Shared.ni.dll
MOD - [2012/07/12 20:07:24 | 000,607,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\452f2c794296bc3c4d76ddbc746a1d2c\Vodafone.View.SecondaryWindows.ni.dll
MOD - [2012/07/12 20:07:22 | 000,943,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\2e862d5fb7ea288c3e6f038a98837f80\Vodafone.BusinessLogic.ni.dll
MOD - [2012/07/12 20:07:20 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\36ade0bd561894700538d476a039864a\Vodafone.Contracts.Adapter.ni.dll
MOD - [2012/07/12 20:07:19 | 002,104,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\01bc6715d9fd6e74a4e2f3a74c73ff61\Spring.Core.ni.dll
MOD - [2012/07/12 20:07:14 | 001,303,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\68e45643116190979faac529c7e746db\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll
MOD - [2012/07/12 20:07:12 | 003,346,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\eb3bfe4332deefed3bf42fac4ec2c13a\Infragistics2.Win.Misc.v9.2.ni.dll
MOD - [2012/07/12 20:07:08 | 011,050,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\99d7d0e3f5d380da3c5d920ccf2db21e\Infragistics2.Win.v9.2.ni.dll
MOD - [2012/07/12 20:06:59 | 000,871,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\ab508eb66f0918950878416de02e0657\Infragistics2.Shared.v9.2.ni.dll
MOD - [2012/07/12 20:06:57 | 007,135,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\e162a49f9e823a32e3cb53f7b821c629\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll
MOD - [2012/07/12 20:06:49 | 000,100,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\c24df5833933258fad9319f1a649c9e9\Vodafone.Core.Contracts.ni.dll
MOD - [2012/07/12 20:06:49 | 000,037,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\282c1e89e125dcc264f8d6b6d769d6dd\Vodafone.Contracts.Presenter.ni.dll
MOD - [2012/07/12 20:06:48 | 000,132,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\41b1fe111b3e4c76028f496c86ff0292\Vodafone.Contracts.Model.ni.dll
MOD - [2012/07/12 20:06:47 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\2a340f9e6c26b35cd2c8c879cf981276\Vodafone.Contracts.View.ni.dll
MOD - [2012/07/12 20:06:47 | 000,094,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\7d8cf231ee57d0809fd3f4ddff5efcbc\Vodafone.Contracts.Common.ni.dll
MOD - [2012/07/12 20:06:44 | 000,341,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\78546a6db6f085acff1f662f76566395\Vodafone.CommonDialogs.ni.dll
MOD - [2012/07/12 20:06:43 | 000,947,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\e2c356ca25c2115b5029a14e6f2b4824\Vodafone.ApplicationHost.Impl.ni.dll
MOD - [2012/07/12 20:06:41 | 000,080,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\ff9620d99525adfbcdf796bc7b1f6681\Vodafone.SmsProfileManager.ni.dll
MOD - [2012/07/12 20:06:40 | 000,326,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\2c94ea3c69958dda179e3dc3e1212b7a\Vodafone.DataAccessor.ni.dll
MOD - [2012/07/12 20:06:39 | 002,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\e164cc0d1870f069fdc5fc611c7e3fb7\MobileBroadbandResources.ni.dll
MOD - [2012/07/12 20:06:38 | 000,673,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\8d6722713d001ca3d718acf2e075a73f\Vodafone.Data.ni.dll
MOD - [2012/07/12 20:06:38 | 000,158,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\cc28c84050892d50b271f75d46ffc4fc\Vodafone.Base.Contracts.ni.dll
MOD - [2012/07/12 20:06:36 | 001,368,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\6f3ccd540fe8d8cf3fb8139e152a6422\Vodafone.Platform.ni.dll
MOD - [2012/07/12 20:06:33 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\3b9c3d4a478d75f77af3958a041efc8a\MobileBroadband.ni.exe
MOD - [2012/07/12 20:00:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b7a7f9c607e09bfa03c07b5ff3a8ae3\System.ServiceProcess.ni.dll
MOD - [2012/07/12 19:59:39 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/07/12 19:59:30 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/07/12 19:59:24 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
MOD - [2012/05/15 19:41:05 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll
MOD - [2012/05/15 19:37:45 | 000,252,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\d875cb130701d0b90206efb48323ebc0\Interop.FNCClient11Lib.ni.dll
MOD - [2012/05/15 19:37:45 | 000,034,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\3c750543c407467308902915174e75c5\Vodafone.UpdateManager.ni.dll
MOD - [2012/05/15 19:37:44 | 000,192,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\cddf9e9419dd1c2d624ac06a831ad5fc\Vodafone.Model.Connection.ni.dll
MOD - [2012/05/15 19:37:39 | 000,084,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\a08c47f5faf939670b9ee3e44b344c87\Vodafone.Core.Remoting.ni.dll
MOD - [2012/05/15 19:37:38 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\b818bc9ebb6d64bce9a9141214bf9d62\Vodafone.Core.CoreInstanceProvider.ni.dll
MOD - [2012/05/15 19:37:37 | 000,055,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\da585a0e8fd730f9e2e02f023a6c527b\Vodafone.TrafficOptimiser.ni.dll
MOD - [2012/05/15 19:37:37 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\67923f65761c10f4eb601e4b18c0e8a8\Vodafone.DeviceAccess.Factory.ni.dll
MOD - [2012/05/15 19:37:36 | 000,108,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\71e9690f708adaaa465fa8b42128194e\Vodafone.LanWlanManager.ni.dll
MOD - [2012/05/15 19:37:35 | 000,119,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\c8b01d9f87fc374fb0e4339b5e0e2ff4\Interop.Shell32.ni.dll
MOD - [2012/05/15 19:37:35 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\d381c07b5443809baf258f298cf1553a\Vodafone.Vpn.ni.dll
MOD - [2012/05/15 19:37:34 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\fbcc880cc6dd77283e67af92c3871b97\Vodafone.MbbManagement.ni.dll
MOD - [2012/05/15 19:37:34 | 000,081,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MbnApi\994f7097ad179590040095c8cb139c8e\Interop.MbnApi.ni.dll
MOD - [2012/05/15 19:37:33 | 000,498,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\8318cc5a769d5706ef277ab6724cf9d6\Vodafone.DeviceAccess.Internals.ni.dll
MOD - [2012/05/15 19:37:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\a0447494ac1428c8a6408aeec6283346\Vodafone.DeviceAccess.Interfaces.ni.dll
MOD - [2012/05/15 19:37:32 | 000,733,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\2ff720d60a36b2eeb539be6e3d0cf135\Vodafone.WwanWrapper.ni.dll
MOD - [2012/05/15 19:37:31 | 000,673,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\e91f954c3c918f68ac7bf5b21dc78b74\Vodafone.ConnectionServices.ni.dll
MOD - [2012/05/15 19:37:30 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\11de210c0e4b51440933bad2154ec67b\Vodafone.Core.Interfaces.ni.dll
MOD - [2012/05/15 19:37:27 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\34f8b2f928fa5b8686082a43c53844c0\Common.Logging.ni.dll
MOD - [2012/05/15 19:37:24 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\f0c8f32b0b7be87778392900211c1860\Vodafone.InstanceProvider.Impl.ni.dll
MOD - [2012/05/15 19:36:53 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\8c3da5aecaf5ab7fd9ef5fadcff80ca3\Vodafone.DeviceAccess.Contracts.ni.dll
MOD - [2012/05/15 19:36:51 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\21ee4dd9d3f844d96c94abf19af8d28f\Vodafone.Base.Internals.ni.dll
MOD - [2012/05/15 19:36:51 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\8a6baf48f3ee80ffc6640d7bde79b8ac\Vodafone.Base.Factory.ni.dll
MOD - [2012/05/15 19:36:50 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\e277c95f687dd7aa3fed11d5656cde6c\Vodafone.ConnectionManagement.ni.dll
MOD - [2012/05/15 19:36:46 | 000,350,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\3dfd8a9926a38969e3661d8d820c0a2c\Vodafone.ReportingManager.ni.dll
MOD - [2012/05/15 19:36:46 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\b19c879356d0b73e8dc103f13c04608c\Vodafone.OutlookConnector.ni.dll
MOD - [2012/05/15 19:36:45 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\2d5550752acbe3af137e0e7c9ec234cd\Vodafone.SmsContactManager.ni.dll
MOD - [2012/05/15 19:36:41 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\938887f74b8aceca5c5fb19dbadd2d68\Vodafone.SettingsManager.ni.dll
MOD - [2012/05/15 19:36:39 | 000,074,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\e89d2535fdced323f089cc78cf0f2455\Vodafone.NtServiceMessaging.ni.dll
MOD - [2012/05/15 19:36:38 | 000,321,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\e2cc55b33a578ef6ce6011e45dd02fea\Vodafone.Base.Win32.ni.dll
MOD - [2012/05/15 19:36:37 | 000,181,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\2e0756b9dad381d55f34143a60ea115c\Vodafone.Common.ni.dll
MOD - [2012/05/15 19:36:37 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\d62f95eb50be59c66f0fdb403419d5c8\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2012/05/15 19:36:32 | 000,094,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\d0df2ffa13991dc97e847b7ef68a7b06\Vodafone.LogEngine.ni.dll
MOD - [2012/05/15 19:36:23 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll
MOD - [2012/05/15 19:33:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/15 19:33:52 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\61fbbd8bc7d76972115b292b132ff2d1\System.Transactions.ni.dll
MOD - [2012/05/15 19:33:50 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll
MOD - [2012/05/15 19:32:52 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\34f340b0c113f7216a55dd7c82a69cc2\Accessibility.ni.dll
MOD - [2012/05/15 19:32:36 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/15 19:32:32 | 000,680,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\61af058c2bc079f28397a29ed145fbc7\System.Security.ni.dll
MOD - [2012/05/15 19:32:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/15 19:32:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/15 19:32:22 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/15 19:32:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011/11/04 15:30:58 | 001,868,912 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wfvie12.dll
MOD - [2011/11/04 15:29:50 | 007,559,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wgui12.dll
MOD - [2011/11/04 15:29:24 | 001,370,224 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\mshaktuell.exe
MOD - [2011/11/04 15:29:02 | 004,278,896 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wauff12.dll
MOD - [2011/11/04 15:29:02 | 000,135,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsodbc47.dll
MOD - [2011/11/04 15:29:00 | 000,028,672 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsdcom47.dll
MOD - [2011/11/04 15:26:38 | 002,943,600 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wcore12.dll
MOD - [2011/11/04 15:26:36 | 001,607,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wreli12.dll
MOD - [2011/11/04 15:26:30 | 001,537,136 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wsteu12.dll
MOD - [2011/11/04 15:26:30 | 000,318,064 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsguiwinapi47.dll
MOD - [2011/11/04 15:26:28 | 000,261,232 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rscorewinapi47.dll
MOD - [2011/11/04 14:47:20 | 000,865,280 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtCLuceners47.dll
MOD - [2011/11/04 14:47:18 | 000,271,872 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\phononrs47.dll
MOD - [2011/11/04 14:47:16 | 011,163,648 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtWebKitrs47.dll
MOD - [2011/11/04 14:47:14 | 000,108,544 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtTestrs47.dll
MOD - [2011/11/04 14:47:12 | 001,340,416 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtScriptrs47.dll
MOD - [2011/11/04 14:47:12 | 000,704,000 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtSqlrs47.dll
MOD - [2011/11/04 14:47:12 | 000,281,088 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtSvgrs47.dll
MOD - [2011/11/04 14:47:10 | 008,934,400 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtGuirs47.dll
MOD - [2011/11/04 14:47:10 | 002,395,648 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\Qt3Supportrs47.dll
MOD - [2011/11/04 14:47:10 | 000,990,208 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtNetworkrs47.dll
MOD - [2011/11/04 14:47:10 | 000,358,400 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtXmlrs47.dll
MOD - [2011/11/04 14:47:08 | 002,356,736 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtCorers47.dll
MOD - [2011/04/19 16:12:12 | 000,308,736 | ---- | M] () -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
MOD - [2010/05/18 08:49:26 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/04/10 03:21:42 | 000,022,528 | ---- | M] () -- C:\PROGRA~1\WinTV\TVServer\HauppaugeTVServerps.dll
MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/06/10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/09/06 13:32:06 | 000,032,768 | ---- | M] () -- C:\Program Files\Tunebite\vorbisfile.dll
MOD - [2007/09/06 13:31:48 | 001,007,616 | ---- | M] () -- C:\Program Files\Tunebite\vorbis.dll
MOD - [2007/09/06 13:31:42 | 000,024,576 | ---- | M] () -- C:\Program Files\Tunebite\ogg.dll
MOD - [2007/03/22 15:27:20 | 001,740,800 | ---- | M] () -- C:\Program Files\Tunebite\dllMiniplayU.dll
MOD - [2006/10/05 15:15:24 | 000,172,032 | ---- | M] () -- C:\Program Files\Tunebite\iPodManager.dll
MOD - [2006/05/30 09:53:18 | 000,315,392 | ---- | M] () -- C:\Program Files\Tunebite\RapTra30U.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Users\Public\Programme\Spybot -- (SBSDWSCService)
SRV - [2012/09/13 19:52:02 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/03 10:52:56 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater)
SRV - [2012/08/25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/15 20:54:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/12 13:07:16 | 000,073,600 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/04/19 16:12:22 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010/03/29 17:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE -- (HauppaugeTVServer)
SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cmnsusbser.sys -- (cmnsusbser)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/08/21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/05/18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/04/18 15:43:26 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011/04/18 15:43:24 | 000,191,872 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/09/01 14:33:12 | 000,061,952 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010/05/24 15:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/03/11 09:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010/03/11 09:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2010/03/04 17:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/03/02 13:24:58 | 001,006,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/02/27 05:01:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/02/03 19:06:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010/01/27 20:56:48 | 000,054,016 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw17bda.sys -- (hcw17bda)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/09/18 04:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/08/18 14:06:44 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/09/06 13:40:26 | 000,026,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb128?a=6OyOvs5mY0&i=26
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=3412_1&babsrc=SP_ss&mntrId=947725b800000000000000262dc04d51
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=WBG&o=15132&src=kw&q={searchTerms}&locale=&apn_ptnrs=RN&apn_dtid=YYYYYYYYIT&apn_uid=FFB9F63B-4043-4AB5-86B0-E4024990941C&apn_sauid=98E81D55-8F4C-4CEB-91D4-F5B179AA68D2
IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyOvs5mY0&i=26
IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
IE - HKCU\..\SearchScopes\{F5C40006-0789-44AC-B709-3C1C69DBEAED}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb128?a=6OyOvs5mY0&i=26"
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.8
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&a=6OyOvs5mY0&&i=26&search="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2011/07/09 20:12:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/07/27 19:26:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/09/05 20:46:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012/09/18 17:37:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/10 18:43:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/10 18:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/07/27 19:26:14 | 000,000,000 | ---D | M]

[2012/09/05 19:05:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Extensions
[2012/09/18 17:37:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions
[2012/08/19 11:32:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/09/06 19:35:17 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011/08/20 14:56:36 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\ffxtlbr@babylon.com
[2012/09/18 17:37:55 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\ffxtlbr@incredibar.com
[2012/09/18 17:37:14 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\OneClickDownload@OneClickDownload.com
[2012/09/18 17:37:23 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\plugin@yontoo.com
[2012/09/05 18:58:10 | 000,002,400 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\askcom.xml
[2012/09/18 17:37:38 | 000,002,203 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\MyStart Search.xml
[2012/08/17 10:21:21 | 000,002,519 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\Search_Results.xml
[2011/09/06 19:35:10 | 000,003,915 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\sweetim.xml
[2012/09/10 18:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/08/24 13:03:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/10 18:42:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\distribution\extensions
[2012/09/10 18:42:53 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Program Files\mozilla firefox\distribution\extensions\toolbar@web.de
[2012/09/05 20:46:46 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2011/07/27 19:26:14 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2011/07/09 20:12:48 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON
[2012/08/25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/07/20 18:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll
[2012/08/25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/22 16:19:05 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/08/25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/08/25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/08/17 10:21:21 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/08/25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/08/25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Users\Public\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NapsterShell] C:\Users\Public\Programme\napster.exe (Napster)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Users\Public\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [tunebite.exe] C:\Program Files\Tunebite\tunebite.exe (RapidSolution Software AG)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube Download - C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Users\Public\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2D8900-E8AB-4BC1-9EEF-2C1F60ADF1E4}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{57500806-bcea-11df-924b-1c4bd6e50b25}\Shell - "" = AutoRun
O33 - MountPoints2\{57500806-bcea-11df-924b-1c4bd6e50b25}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{5750080c-bcea-11df-924b-1c4bd6e50b25}\Shell - "" = AutoRun
O33 - MountPoints2\{5750080c-bcea-11df-924b-1c4bd6e50b25}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{7154d752-c4ef-11e0-b5ae-00262dc04d51}\Shell - "" = AutoRun
O33 - MountPoints2\{7154d752-c4ef-11e0-b5ae-00262dc04d51}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{7154d754-c4ef-11e0-b5ae-00262dc04d51}\Shell - "" = AutoRun
O33 - MountPoints2\{7154d754-c4ef-11e0-b5ae-00262dc04d51}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{782a70b5-1729-11e0-9443-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{782a70b5-1729-11e0-9443-00a0c6000000}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{bda0c1c4-aa58-11e0-a4fe-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bda0c1c4-aa58-11e0-a4fe-806e6f6e6963}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe
O33 - MountPoints2\{f88cdc83-bcd1-11df-ac96-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f88cdc83-bcd1-11df-ac96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe /auto
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/20 19:04:02 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\Malwarebytes
[2012/09/20 19:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/20 19:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/20 19:03:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/20 19:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/18 17:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com
[2012/09/18 17:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\IB Updater
[2012/09/18 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/09/18 17:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/09/18 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\Desktop\Mario
[2012/09/18 17:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012/09/15 17:19:56 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Local\eMule
[2012/09/15 17:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
[2012/09/15 17:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\eMule
[2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\WinRAR
[2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/09/13 21:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/09/13 20:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/09/13 20:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/09/13 18:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/09/13 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\uTorrent
[2012/09/13 18:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2012/09/10 18:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/09/10 18:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/05 18:53:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/05 18:05:37 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\TuneUp Software
[2012/09/05 18:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/09/05 18:04:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/09/05 18:04:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/05 18:02:28 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\OpenCandy
[2012/08/22 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\YourFileDownloader
[2012/08/22 16:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\YourFileDownloader
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/20 19:53:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/20 19:48:18 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/20 19:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/20 19:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/20 19:27:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2012/09/20 19:27:34 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/09/20 19:27:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/20 19:27:19 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/20 18:44:07 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/20 18:44:07 | 000,616,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/20 18:44:07 | 000,130,424 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/20 18:44:07 | 000,106,806 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/19 18:54:51 | 000,000,000 | ---- | M] () -- C:\Users\Mama Heike\defogger_reenable
[2012/09/18 17:37:57 | 000,000,751 | ---- | M] () -- C:\user.js
[2012/09/15 17:20:06 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[2012/09/13 20:30:21 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/09/13 18:55:39 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/09/10 18:43:11 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/05 20:46:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/09/05 18:55:26 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/05 18:02:19 | 000,001,268 | ---- | M] () -- C:\Users\Mama Heike\Desktop\Free YouTube Download.lnk
[2012/09/05 18:02:19 | 000,001,205 | ---- | M] () -- C:\Users\Mama Heike\Desktop\DVDVideoSoft Free Studio.lnk
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/20 19:03:57 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/19 18:54:51 | 000,000,000 | ---- | C] () -- C:\Users\Mama Heike\defogger_reenable
[2012/09/19 18:53:41 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl
[2012/09/15 17:20:06 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2012/09/13 20:30:21 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/09/13 18:55:39 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/09/10 18:43:10 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/05 18:55:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/05 18:55:26 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/22 16:19:17 | 000,000,751 | ---- | C] () -- C:\user.js
[2012/07/25 06:25:27 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/06/07 22:24:59 | 000,073,600 | ---- | C] () -- C:\Windows\System32\ezGOSvc.dll
[2012/02/04 20:29:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012/02/04 20:29:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011/12/29 16:54:22 | 000,000,934 | ---- | C] () -- C:\Windows\wiso.ini
[2011/07/01 15:58:25 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/07/01 15:58:03 | 000,000,507 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/07/01 15:58:03 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/07/01 15:57:45 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2011/07/01 15:57:06 | 000,006,038 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2011/04/18 15:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010/09/10 20:28:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2011/08/20 14:56:12 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Babylon
[2011/12/29 16:59:06 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Buhl Data Service
[2011/01/09 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Bytemobile
[2012/09/05 18:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoft
[2012/08/19 11:32:47 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/04 20:29:02 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\FreePDF
[2011/07/06 18:59:01 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\go
[2010/09/10 20:25:21 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Gutscheinmieze
[2010/09/10 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\IObit
[2012/09/05 18:02:28 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\OpenCandy
[2011/01/22 22:16:18 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Opera
[2011/08/12 15:11:19 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\PC Suite
[2012/08/21 17:58:55 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Philipp Winterberg
[2012/02/05 02:08:23 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\SoftGrid Client
[2010/10/17 13:32:24 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\TP
[2012/08/05 13:06:10 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\tunebite
[2012/09/05 18:05:37 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\TuneUp Software
[2012/09/13 18:55:40 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\uTorrent
[2011/08/12 15:10:52 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone
[2011/08/12 15:31:29 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone Mobile Broadband
[2011/01/23 01:47:58 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone Mobile Connect
[2012/08/22 16:18:47 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\YourFileDownloader
[2012/09/20 19:27:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/11/12 18:12:53 | 000,000,214 | ---- | M] () -- C:\Windows\Tasks\CreateChoiceProcessTask.job
[2011/11/23 20:13:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

EXTRAS.TXT:
OTL Extras logfile created on: 9/19/2012 7:01:07 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Heike\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.87 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 60.45% Memory free
5.73 Gb Paging File | 4.53 Gb Available in Paging File | 79.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424.66 Gb Total Space | 142.88 Gb Free Space | 33.64% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 21.12 Gb Free Space | 52.80% Space Free | Partition Type: NTFS
Drive F: | 122.71 Mb Total Space | 91.79 Mb Free Space | 74.80% Space Free | Partition Type: FAT

Computer Name: MAMAHEIKE-PC | User Name: Mama Heike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Users\Public\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Users\Public\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Users\Public\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BD40123-A754-41DF-AF42-E62EBF5B32E1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{163ABDED-3096-46B4-9074-207513825BD7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E5F5766-B6BA-4C02-BBD0-5770E66C4598}" = rport=10243 | protocol=6 | dir=out | app=system |
"{20E43667-00A9-42BC-AA7E-9F4E6FF49C71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2393987C-6293-471B-B823-15ECCDDCF475}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{27635C4F-434E-4D26-BAD2-5235723F71FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DDB6786-BFDC-4CD0-A7A0-80AA5D41EB05}" = lport=137 | protocol=17 | dir=in | app=system |
"{32F70392-66F0-4971-A4F9-2C64FCFD07DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3510CF17-F5EF-4EA2-8EF8-E678271254EB}" = lport=138 | protocol=17 | dir=in | app=system |
"{38A370DC-77AA-4E32-B064-F88B5BB4F803}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A326454-F60A-4BE1-BB5B-ACBF230FD21F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3D73037A-4BAD-4805-9F09-A27E8FDA570B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3FD58A4F-1ADC-4392-B0ED-43FAAD1991E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42417AD5-A34F-461A-AA24-F80A85225349}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{430DEBA0-6C39-4D88-B3EB-75EE67C979DF}" = rport=139 | protocol=6 | dir=out | app=system |
"{4D92DBA6-9FF1-4445-99F0-30323D02CFED}" = lport=445 | protocol=6 | dir=in | app=system |
"{68CB6655-52A7-463A-912F-BA4E674D3931}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{72B804B1-3F04-4D63-BF11-EA9CD2530CE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78A4E5F3-9642-49DB-9504-28B754F1195C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7C929A39-3DEC-4A35-AC00-523A91C9D878}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B652B03-4F01-4E26-8C6E-7CB33A80401E}" = rport=137 | protocol=17 | dir=out | app=system |
"{918FFB1F-0516-4F3F-818C-724FCE1C4BA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C326B9D6-9599-4E1D-A402-C3BE06B5125C}" = rport=138 | protocol=17 | dir=out | app=system |
"{C3728858-23EA-4D83-804A-458C2B450B27}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0314FD2-8544-4127-B0CA-027DB4F3FFC7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F91ED3DE-4172-45EC-8D01-CBAB2CF27AB7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FC059C5D-8359-47F1-B88A-754536940B16}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FE0BCD-CDD0-4735-BD6F-61A8A19BC972}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{0B794838-A347-4E6C-AA53-072C9D738EE3}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{0D7CD169-ACB1-45A9-BD74-C65EB3148D0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0E76DAF7-687D-4F9F-9AF9-0DE2147095CF}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{1D61C07E-CDB5-4669-838B-D2BFED977D45}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{20027A54-C746-49FE-BBD7-E8E8EBB99DB4}" = protocol=17 | dir=in | app=c:\users\public\opera.exe |
"{20950152-D235-4D8A-90EE-0516AC1DB36B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{22048B06-DC71-473C-9926-93752AF2C740}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2C2C5EFE-5347-4E5D-942A-E21D50E60BED}" = dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"{41C69F19-1B2F-4A6E-A36A-4908B0D48105}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4353F046-37B8-4CB9-940F-B0A1AA47B94B}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{4DAB9FA0-80DA-4E79-9D24-F51C877803CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4EE0966F-9DB5-4148-B84D-825F0542B77D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{521FCF53-E996-4EC9-BBE5-D80087F23ABD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5DE8CAFD-3C74-48A2-B8AB-B2CA38A2635F}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{6385F0ED-7C7F-4AD4-A7B7-292D4DE2252D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{673BCAEC-570A-4D38-8778-23D5820B9F9A}" = protocol=17 | dir=in | app=c:\program files\tunebite\tunebitehelper.exe |
"{7154697D-C65B-471A-9BCC-92A15AAF8955}" = protocol=17 | dir=in | app=c:\users\public\opera.exe |
"{76FF6097-B33B-43CE-8BAF-935620B3BBA5}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{7BB6E3D1-73DE-45E8-9BE0-F12379443EAE}" = protocol=6 | dir=out | app=system |
"{8747F26B-9919-470B-B86B-2E7D77BC9A5A}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{9110BD73-3423-43DE-901B-1E28E9D68C67}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{9492F312-54CF-404D-AF7F-D7C26886720F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{96537734-59CF-4BC0-884A-D5E5F40F2CB7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{98E7C554-74AB-4D79-BF6D-D5006F1BB45E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9A9BE3AE-1B03-43C1-BC2C-2EB3F4D3AE4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D58BBB4-21E0-4D2C-A91E-782B030C5F51}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9DB92A7A-85DE-4846-965B-877D2803B999}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{A5F674D1-97BC-4782-897D-73B9D844F67A}" = protocol=6 | dir=in | app=c:\users\public\opera.exe |
"{AFAB3A58-0EC6-44A5-A646-87F59DB9F32C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2F1A00D-EF76-444C-99CA-2E668F0C2F81}" = protocol=6 | dir=in | app=c:\program files\tunebite\tunebitehelper.exe |
"{BF8B23DA-6D6D-49F4-83B9-E67BAE6ABA4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C22681ED-08CF-4CC5-BBA7-079219F6EE93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CFE9DDEE-EBFE-46A7-80E0-8B21E2BCB957}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E7CED772-6366-4A85-9902-0BB33BF040A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F051BC2B-CB22-4CF0-9A9A-2CD988416C1D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F3584771-34CA-4AD0-8001-5644EFEB95B0}" = protocol=6 | dir=in | app=c:\users\public\opera.exe |
"{FD9F4095-0299-4E1D-B640-F5B396909AD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{2BE78D59-CA80-4753-A376-B73170D9D76B}C:\users\public\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\public\programme\napster.exe |
"TCP Query User{54005B71-6D9E-4B46-AF36-FCBACB3C7A1D}C:\Program Files\eMule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{DB442CC4-1F16-47E5-8422-348BF919D255}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{E1891CAB-AD67-401F-A590-491886E7B212}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{6FBAB653-76D2-4715-B0BC-5F21ED8B6D9C}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{88ADD6E5-FD6D-4738-9B55-8280AA4D0D87}C:\Program Files\eMule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{B8074CD6-EAF9-4064-98BD-67DACAFC71D4}C:\users\public\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\public\programme\napster.exe |
"UDP Query User{DBF3B861-990E-4C68-A5CC-15D4637D278B}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1D9943F4-2568-6DE3-0F01-C4A5BC665703}" = Napster 5 Beta
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{30099004-43E8-A86D-E746-C3683CBD45C7}" = myphotobook.de
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.506
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"1&1 Mail & Media GmbH 1und1InternetExplorerAddon" = WEB.DE Internet Explorer Addon
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Snap_is1" = Ashampoo Snap
"avast" = avast! Free Antivirus
"com.Rhapsody.Napster5" = Napster 5 Beta
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Easy Video Joiner_is1" = Easy Video Joiner 5.21
"eMule" = eMule
"Free Studio_is1" = Free Studio version 4.8
"Free YouTube Download_is1" = Free YouTube Download version 3.1.35.903
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HaaliMkx" = Haali Media Splitter
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"iLivid" = iLivid
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Opera 12.02.1578" = Opera 12.02
"RarZilla Free Unrar" = RarZilla Free Unrar
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tunebite_is1" = Tunebite 4.1.0.35
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.20 (32-Bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"YourFileDownloader" = YourFileDownloader

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/11/2012 1:39:37 AM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 9/12/2012 6:53:36 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 9/12/2012 6:53:41 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 9/13/2012 12:22:49 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0
Description = GetLoggedOnUser

Error - 9/13/2012 3:21:09 PM | Computer Name = MamaHeike-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren
werden.

Error - 9/14/2012 7:41:36 AM | Computer Name = MamaHeike-PC | Source = System Restore | ID = 8193
Description =

Error - 9/14/2012 7:41:39 AM | Computer Name = MamaHeike-PC | Source = VSS | ID = 12289
Description =

Error - 9/14/2012 10:33:08 AM | Computer Name = MamaHeike-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Users\Public\programme\spybot
- search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\Users\Public\programme\spybot
- search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.

Error - 9/15/2012 1:49:43 PM | Computer Name = MamaHeike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecfb0e Ausnahmecode: 0xc0000005 Fehleroffset: 0x004009de ID des fehlerhaften
Prozesses: 0x10bc Startzeit der fehlerhaften Anwendung: 0x01cd93460b77884b Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: baca1781-ff5d-11e1-948f-00262dc04d51

Error - 9/16/2012 1:00:02 PM | Computer Name = MamaHeike-PC | Source = Windows Backup | ID = 4103
Description =

[ Media Center Events ]
Error - 8/24/2011 12:14:26 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 18:14:26 - Fehler beim Herstellen der Internetverbindung. 18:14:26
- Serververbindung konnte nicht hergestellt werden..

Error - 8/24/2011 12:14:43 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 18:14:31 - Fehler beim Herstellen der Internetverbindung. 18:14:31
- Serververbindung konnte nicht hergestellt werden..

Error - 8/24/2011 1:14:51 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 19:14:51 - Fehler beim Herstellen der Internetverbindung. 19:14:51
- Serververbindung konnte nicht hergestellt werden..

Error - 8/24/2011 1:15:05 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 19:14:56 - Fehler beim Herstellen der Internetverbindung. 19:14:56
- Serververbindung konnte nicht hergestellt werden..

Error - 9/1/2012 4:01:34 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 10:01:34 - Fehler beim Herstellen der Internetverbindung. 10:01:34
- Serververbindung konnte nicht hergestellt werden..

Error - 9/1/2012 4:01:49 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 10:01:39 - Fehler beim Herstellen der Internetverbindung. 10:01:39
- Serververbindung konnte nicht hergestellt werden..

Error - 9/14/2012 7:45:30 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 13:45:30 - Fehler beim Herstellen der Internetverbindung. 13:45:30
- Serververbindung konnte nicht hergestellt werden..

Error - 9/14/2012 7:45:51 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 13:45:39 - Fehler beim Herstellen der Internetverbindung. 13:45:39
- Serververbindung konnte nicht hergestellt werden..

Error - 9/19/2012 1:04:13 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 19:04:13 - Fehler beim Herstellen der Internetverbindung. 19:04:13
- Serververbindung konnte nicht hergestellt werden..

Error - 9/19/2012 1:05:17 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0
Description = 19:04:18 - Fehler beim Herstellen der Internetverbindung. 19:04:18
- Serververbindung konnte nicht hergestellt werden..

[ System Events ]
Error - 4/14/2012 3:17:17 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/14/2012 3:17:26 AM | Computer Name = MamaHeike-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?04.?2012 um 21:21:23 unerwartet heruntergefahren.

Error - 4/14/2012 3:17:28 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/14/2012 3:39:15 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/14/2012 3:39:24 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/15/2012 11:41:17 AM | Computer Name = MamaHeike-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?04.?2012 um 17:58:46 unerwartet heruntergefahren.

Error - 4/15/2012 11:41:08 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/15/2012 11:41:19 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/18/2012 11:50:06 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error - 4/18/2012 11:50:17 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


< End of report >

 

Themen zu Virenwarnung von web.de bekommen, daraufhin Login gesperrt
antivirus, autorun, bho, converter, error, excel, fehler, firefox, flash player, format, google, home, ib updater, iexplore.exe, incredibar toolbar, install.exe, internet, launch, logfile, microsoft office starter 2010, mozilla, mp3, oneclickdownloader, plug-in, realtek, registry, richtlinie, rundll, safer networking, software, svchost.exe, sweetim, systemcare, tarma, usb 2.0, virenwarnung, vodafone, warnung, web.de, windows, windows-explorer, wiso, wrapper, yontoo




Ähnliche Themen: Virenwarnung von web.de bekommen, daraufhin Login gesperrt


  1. Win 7, Login-Screen flackert, kein Login möglich
    Log-Analyse und Auswertung - 08.12.2014 (5)
  2. Win 7, Login-Screen flackert, kein Login möglich
    Log-Analyse und Auswertung - 06.12.2014 (3)
  3. Win 7 - Datensicherung nach Avira-Virenwarnung
    Log-Analyse und Auswertung - 16.11.2014 (1)
  4. Probleme mit einer Virenwarnung
    Log-Analyse und Auswertung - 01.03.2014 (21)
  5. GVU / Bunderstrojaner / Windows XP - kein abgesichertert Modus, nach Login sofort Bildschirm gesperrt...
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (6)
  6. Kaspersky gibt Virenwarnung, Malwarebyte zeigt keine Detektion
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (12)
  7. ZoneAlarm erschreckt Anwender mit "Virenwarnung"
    Nachrichten - 20.09.2010 (0)
  8. Virenwarnung in einem Forum!
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (1)
  9. Virenwarnung, bitte Logs überprüfen.
    Log-Analyse und Auswertung - 20.03.2009 (8)
  10. Trendmicro Virenwarnung, div. Popups in Firefox
    Log-Analyse und Auswertung - 14.01.2009 (11)
  11. ständige virenwarnung bei allen ausführenden aktionen!
    Log-Analyse und Auswertung - 30.12.2008 (1)
  12. Blauer Desktop mit Virenwarnung
    Mülltonne - 03.08.2008 (0)
  13. Pop-ups mit Virenwarnung, HJT-Starten unterbinden - vermute Trojaner
    Log-Analyse und Auswertung - 27.02.2008 (34)
  14. Angebliche Virenwarnung
    Plagegeister aller Art und deren Bekämpfung - 12.03.2007 (8)
  15. Bei google-suche nach .exe immer Virenwarnung
    Plagegeister aller Art und deren Bekämpfung - 11.02.2005 (3)
  16. NAV Virenwarnung, kein Virus gefunden
    Plagegeister aller Art und deren Bekämpfung - 29.01.2004 (3)
  17. Virenwarnung oder Fake?? ---->"jdbgmgr.exe"
    Plagegeister aller Art und deren Bekämpfung - 22.10.2003 (3)

Zum Thema Virenwarnung von web.de bekommen, daraufhin Login gesperrt - Einen schönen guten Morgen, vorgestern wurde mir mein Zugang zu web.de mit dem Hinweis "Virenwarnung" gesperrt, da ich plötzlich unendlich viele Spam-Mails bekommen habe. Daraufhin habe ich alles durchgescannt und - Virenwarnung von web.de bekommen, daraufhin Login gesperrt...
Archiv
Du betrachtest: Virenwarnung von web.de bekommen, daraufhin Login gesperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.