|  | 
| 
 | |||||||
| Log-Analyse und Auswertung: Virenwarnung von web.de bekommen, daraufhin Login gesperrtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. | 
|  | 
|  | 
|  21.09.2012, 08:18 | #1 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Einen schönen guten Morgen, vorgestern wurde mir mein Zugang zu web.de mit dem Hinweis "Virenwarnung" gesperrt, da ich plötzlich unendlich viele Spam-Mails bekommen habe. Daraufhin habe ich alles durchgescannt und es wurden auch Viren gefunden. Diese habe ich leider bereits gelöscht bevor ich auf dieses Forum gestoßen bin. Nun habe ich Bedenken, dass mein Rechner noch nicht sauber sein könnte. Ich habe OTL und GMER durchgeführt. Kann mir jemand dabei helfen? Ich traue mich nicht ins Internet (bin jetzt an einem anderen Rechner). Vielen Dank vorab für die Hilfe. OTL.TXT: OTL logfile created on: 9/20/2012 8:00:54 PM - Run 3 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Heike\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.87 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 58.40% Memory free 5.73 Gb Paging File | 4.25 Gb Available in Paging File | 74.19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 424.66 Gb Total Space | 142.51 Gb Free Space | 33.56% Space Free | Partition Type: NTFS Drive D: | 40.00 Gb Total Space | 21.12 Gb Free Space | 52.80% Space Free | Partition Type: NTFS Drive F: | 122.71 Mb Total Space | 91.79 Mb Free Space | 74.80% Space Free | Partition Type: FAT Computer Name: MAMAHEIKE-PC | User Name: Mama Heike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/19 09:56:32 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Heike\Desktop\OTL.exe PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/09/07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/09/03 10:52:56 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/11/04 15:29:24 | 001,370,224 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\mshaktuell.exe PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2011/04/19 16:12:22 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe PRC - [2011/04/19 16:12:18 | 000,408,576 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011/02/23 23:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files\FreePDF_XP\fpassist.exe PRC - [2010/10/13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe PRC - [2010/07/20 18:21:40 | 000,323,280 | ---- | M] (Napster) -- C:\Users\Public\Programme\napster.exe PRC - [2010/04/23 16:53:10 | 001,423,904 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe PRC - [2010/04/20 17:57:18 | 000,083,456 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe PRC - [2010/03/29 17:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) -- C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/01/13 19:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WButton.exe PRC - [2009/12/14 20:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe PRC - [2009/12/12 00:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\OSD.exe PRC - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files\Launch Manager\WisLMSvc.exe PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Users\Public\Programme\Spybot - Search & Destroy\SDWinSec.exe PRC - [2007/09/13 16:47:08 | 002,846,720 | ---- | M] (RapidSolution Software AG) -- C:\Program Files\Tunebite\tunebite.exe PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe ========== Modules (No Company Name) ========== MOD - [2012/07/12 20:07:26 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\d0981ac2a5c158f32ae5126437b5a537\Vodafone.View.ManagedToolTip.ni.dll MOD - [2012/07/12 20:07:25 | 000,876,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\47bb1dd545cfa7cc24333695b8326098\Vodafone.View.Shared.ni.dll MOD - [2012/07/12 20:07:24 | 000,607,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\452f2c794296bc3c4d76ddbc746a1d2c\Vodafone.View.SecondaryWindows.ni.dll MOD - [2012/07/12 20:07:22 | 000,943,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\2e862d5fb7ea288c3e6f038a98837f80\Vodafone.BusinessLogic.ni.dll MOD - [2012/07/12 20:07:20 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\36ade0bd561894700538d476a039864a\Vodafone.Contracts.Adapter.ni.dll MOD - [2012/07/12 20:07:19 | 002,104,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\01bc6715d9fd6e74a4e2f3a74c73ff61\Spring.Core.ni.dll MOD - [2012/07/12 20:07:14 | 001,303,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\68e45643116190979faac529c7e746db\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll MOD - [2012/07/12 20:07:12 | 003,346,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\eb3bfe4332deefed3bf42fac4ec2c13a\Infragistics2.Win.Misc.v9.2.ni.dll MOD - [2012/07/12 20:07:08 | 011,050,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\99d7d0e3f5d380da3c5d920ccf2db21e\Infragistics2.Win.v9.2.ni.dll MOD - [2012/07/12 20:06:59 | 000,871,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\ab508eb66f0918950878416de02e0657\Infragistics2.Shared.v9.2.ni.dll MOD - [2012/07/12 20:06:57 | 007,135,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\e162a49f9e823a32e3cb53f7b821c629\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll MOD - [2012/07/12 20:06:49 | 000,100,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\c24df5833933258fad9319f1a649c9e9\Vodafone.Core.Contracts.ni.dll MOD - [2012/07/12 20:06:49 | 000,037,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\282c1e89e125dcc264f8d6b6d769d6dd\Vodafone.Contracts.Presenter.ni.dll MOD - [2012/07/12 20:06:48 | 000,132,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\41b1fe111b3e4c76028f496c86ff0292\Vodafone.Contracts.Model.ni.dll MOD - [2012/07/12 20:06:47 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\2a340f9e6c26b35cd2c8c879cf981276\Vodafone.Contracts.View.ni.dll MOD - [2012/07/12 20:06:47 | 000,094,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\7d8cf231ee57d0809fd3f4ddff5efcbc\Vodafone.Contracts.Common.ni.dll MOD - [2012/07/12 20:06:44 | 000,341,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\78546a6db6f085acff1f662f76566395\Vodafone.CommonDialogs.ni.dll MOD - [2012/07/12 20:06:43 | 000,947,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\e2c356ca25c2115b5029a14e6f2b4824\Vodafone.ApplicationHost.Impl.ni.dll MOD - [2012/07/12 20:06:41 | 000,080,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\ff9620d99525adfbcdf796bc7b1f6681\Vodafone.SmsProfileManager.ni.dll MOD - [2012/07/12 20:06:40 | 000,326,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\2c94ea3c69958dda179e3dc3e1212b7a\Vodafone.DataAccessor.ni.dll MOD - [2012/07/12 20:06:39 | 002,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\e164cc0d1870f069fdc5fc611c7e3fb7\MobileBroadbandResources.ni.dll MOD - [2012/07/12 20:06:38 | 000,673,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\8d6722713d001ca3d718acf2e075a73f\Vodafone.Data.ni.dll MOD - [2012/07/12 20:06:38 | 000,158,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\cc28c84050892d50b271f75d46ffc4fc\Vodafone.Base.Contracts.ni.dll MOD - [2012/07/12 20:06:36 | 001,368,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\6f3ccd540fe8d8cf3fb8139e152a6422\Vodafone.Platform.ni.dll MOD - [2012/07/12 20:06:33 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\3b9c3d4a478d75f77af3958a041efc8a\MobileBroadband.ni.exe MOD - [2012/07/12 20:00:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b7a7f9c607e09bfa03c07b5ff3a8ae3\System.ServiceProcess.ni.dll MOD - [2012/07/12 19:59:39 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll MOD - [2012/07/12 19:59:30 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll MOD - [2012/07/12 19:59:24 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll MOD - [2012/05/15 19:41:05 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll MOD - [2012/05/15 19:37:45 | 000,252,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\d875cb130701d0b90206efb48323ebc0\Interop.FNCClient11Lib.ni.dll MOD - [2012/05/15 19:37:45 | 000,034,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\3c750543c407467308902915174e75c5\Vodafone.UpdateManager.ni.dll MOD - [2012/05/15 19:37:44 | 000,192,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\cddf9e9419dd1c2d624ac06a831ad5fc\Vodafone.Model.Connection.ni.dll MOD - [2012/05/15 19:37:39 | 000,084,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\a08c47f5faf939670b9ee3e44b344c87\Vodafone.Core.Remoting.ni.dll MOD - [2012/05/15 19:37:38 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\b818bc9ebb6d64bce9a9141214bf9d62\Vodafone.Core.CoreInstanceProvider.ni.dll MOD - [2012/05/15 19:37:37 | 000,055,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\da585a0e8fd730f9e2e02f023a6c527b\Vodafone.TrafficOptimiser.ni.dll MOD - [2012/05/15 19:37:37 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\67923f65761c10f4eb601e4b18c0e8a8\Vodafone.DeviceAccess.Factory.ni.dll MOD - [2012/05/15 19:37:36 | 000,108,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\71e9690f708adaaa465fa8b42128194e\Vodafone.LanWlanManager.ni.dll MOD - [2012/05/15 19:37:35 | 000,119,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\c8b01d9f87fc374fb0e4339b5e0e2ff4\Interop.Shell32.ni.dll MOD - [2012/05/15 19:37:35 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\d381c07b5443809baf258f298cf1553a\Vodafone.Vpn.ni.dll MOD - [2012/05/15 19:37:34 | 000,392,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\fbcc880cc6dd77283e67af92c3871b97\Vodafone.MbbManagement.ni.dll MOD - [2012/05/15 19:37:34 | 000,081,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MbnApi\994f7097ad179590040095c8cb139c8e\Interop.MbnApi.ni.dll MOD - [2012/05/15 19:37:33 | 000,498,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\8318cc5a769d5706ef277ab6724cf9d6\Vodafone.DeviceAccess.Internals.ni.dll MOD - [2012/05/15 19:37:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\a0447494ac1428c8a6408aeec6283346\Vodafone.DeviceAccess.Interfaces.ni.dll MOD - [2012/05/15 19:37:32 | 000,733,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\2ff720d60a36b2eeb539be6e3d0cf135\Vodafone.WwanWrapper.ni.dll MOD - [2012/05/15 19:37:31 | 000,673,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\e91f954c3c918f68ac7bf5b21dc78b74\Vodafone.ConnectionServices.ni.dll MOD - [2012/05/15 19:37:30 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\11de210c0e4b51440933bad2154ec67b\Vodafone.Core.Interfaces.ni.dll MOD - [2012/05/15 19:37:27 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\34f8b2f928fa5b8686082a43c53844c0\Common.Logging.ni.dll MOD - [2012/05/15 19:37:24 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\f0c8f32b0b7be87778392900211c1860\Vodafone.InstanceProvider.Impl.ni.dll MOD - [2012/05/15 19:36:53 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\8c3da5aecaf5ab7fd9ef5fadcff80ca3\Vodafone.DeviceAccess.Contracts.ni.dll MOD - [2012/05/15 19:36:51 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\21ee4dd9d3f844d96c94abf19af8d28f\Vodafone.Base.Internals.ni.dll MOD - [2012/05/15 19:36:51 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\8a6baf48f3ee80ffc6640d7bde79b8ac\Vodafone.Base.Factory.ni.dll MOD - [2012/05/15 19:36:50 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\e277c95f687dd7aa3fed11d5656cde6c\Vodafone.ConnectionManagement.ni.dll MOD - [2012/05/15 19:36:46 | 000,350,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\3dfd8a9926a38969e3661d8d820c0a2c\Vodafone.ReportingManager.ni.dll MOD - [2012/05/15 19:36:46 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\b19c879356d0b73e8dc103f13c04608c\Vodafone.OutlookConnector.ni.dll MOD - [2012/05/15 19:36:45 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\2d5550752acbe3af137e0e7c9ec234cd\Vodafone.SmsContactManager.ni.dll MOD - [2012/05/15 19:36:41 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\938887f74b8aceca5c5fb19dbadd2d68\Vodafone.SettingsManager.ni.dll MOD - [2012/05/15 19:36:39 | 000,074,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\e89d2535fdced323f089cc78cf0f2455\Vodafone.NtServiceMessaging.ni.dll MOD - [2012/05/15 19:36:38 | 000,321,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\e2cc55b33a578ef6ce6011e45dd02fea\Vodafone.Base.Win32.ni.dll MOD - [2012/05/15 19:36:37 | 000,181,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\2e0756b9dad381d55f34143a60ea115c\Vodafone.Common.ni.dll MOD - [2012/05/15 19:36:37 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\d62f95eb50be59c66f0fdb403419d5c8\Vodafone.MobileBroadband.CallbackHandler.ni.dll MOD - [2012/05/15 19:36:32 | 000,094,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\d0df2ffa13991dc97e847b7ef68a7b06\Vodafone.LogEngine.ni.dll MOD - [2012/05/15 19:36:23 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3f9dee1ce0ccb42145293a5bfcbe7205\System.Management.ni.dll MOD - [2012/05/15 19:33:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll MOD - [2012/05/15 19:33:52 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\61fbbd8bc7d76972115b292b132ff2d1\System.Transactions.ni.dll MOD - [2012/05/15 19:33:50 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\294d439cfe959b5528ca81d37d3d502f\System.Data.ni.dll MOD - [2012/05/15 19:32:52 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\34f340b0c113f7216a55dd7c82a69cc2\Accessibility.ni.dll MOD - [2012/05/15 19:32:36 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll MOD - [2012/05/15 19:32:32 | 000,680,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\61af058c2bc079f28397a29ed145fbc7\System.Security.ni.dll MOD - [2012/05/15 19:32:27 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll MOD - [2012/05/15 19:32:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll MOD - [2012/05/15 19:32:22 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll MOD - [2012/05/15 19:32:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll MOD - [2011/11/04 15:30:58 | 001,868,912 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wfvie12.dll MOD - [2011/11/04 15:29:50 | 007,559,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wgui12.dll MOD - [2011/11/04 15:29:24 | 001,370,224 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\mshaktuell.exe MOD - [2011/11/04 15:29:02 | 004,278,896 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wauff12.dll MOD - [2011/11/04 15:29:02 | 000,135,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsodbc47.dll MOD - [2011/11/04 15:29:00 | 000,028,672 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsdcom47.dll MOD - [2011/11/04 15:26:38 | 002,943,600 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wcore12.dll MOD - [2011/11/04 15:26:36 | 001,607,792 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wreli12.dll MOD - [2011/11/04 15:26:30 | 001,537,136 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\wsteu12.dll MOD - [2011/11/04 15:26:30 | 000,318,064 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rsguiwinapi47.dll MOD - [2011/11/04 15:26:28 | 000,261,232 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\rscorewinapi47.dll MOD - [2011/11/04 14:47:20 | 000,865,280 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtCLuceners47.dll MOD - [2011/11/04 14:47:18 | 000,271,872 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\phononrs47.dll MOD - [2011/11/04 14:47:16 | 011,163,648 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtWebKitrs47.dll MOD - [2011/11/04 14:47:14 | 000,108,544 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtTestrs47.dll MOD - [2011/11/04 14:47:12 | 001,340,416 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtScriptrs47.dll MOD - [2011/11/04 14:47:12 | 000,704,000 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtSqlrs47.dll MOD - [2011/11/04 14:47:12 | 000,281,088 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtSvgrs47.dll MOD - [2011/11/04 14:47:10 | 008,934,400 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtGuirs47.dll MOD - [2011/11/04 14:47:10 | 002,395,648 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\Qt3Supportrs47.dll MOD - [2011/11/04 14:47:10 | 000,990,208 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtNetworkrs47.dll MOD - [2011/11/04 14:47:10 | 000,358,400 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtXmlrs47.dll MOD - [2011/11/04 14:47:08 | 002,356,736 | ---- | M] () -- C:\Program Files\WISO\Steuersoftware 2012\QtCorers47.dll MOD - [2011/04/19 16:12:12 | 000,308,736 | ---- | M] () -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll MOD - [2010/05/18 08:49:26 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/04/10 03:21:42 | 000,022,528 | ---- | M] () -- C:\PROGRA~1\WinTV\TVServer\HauppaugeTVServerps.dll MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll MOD - [2009/06/10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2009/06/10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2007/09/06 13:32:06 | 000,032,768 | ---- | M] () -- C:\Program Files\Tunebite\vorbisfile.dll MOD - [2007/09/06 13:31:48 | 001,007,616 | ---- | M] () -- C:\Program Files\Tunebite\vorbis.dll MOD - [2007/09/06 13:31:42 | 000,024,576 | ---- | M] () -- C:\Program Files\Tunebite\ogg.dll MOD - [2007/03/22 15:27:20 | 001,740,800 | ---- | M] () -- C:\Program Files\Tunebite\dllMiniplayU.dll MOD - [2006/10/05 15:15:24 | 000,172,032 | ---- | M] () -- C:\Program Files\Tunebite\iPodManager.dll MOD - [2006/05/30 09:53:18 | 000,315,392 | ---- | M] () -- C:\Program Files\Tunebite\RapTra30U.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Users\Public\Programme\Spybot -- (SBSDWSCService) SRV - [2012/09/13 19:52:02 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/09/03 10:52:56 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater Updater) SRV - [2012/08/25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012/08/15 20:54:43 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/06/12 13:07:16 | 000,073,600 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ezGOSvc.dll -- (ezGOSvc) SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011/04/19 16:12:22 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2010/03/29 17:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE -- (HauppaugeTVServer) SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009/12/10 08:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/12/10 08:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cmnsusbser.sys -- (cmnsusbser) DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/08/21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/08/21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/08/21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/08/21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012/08/21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2012/08/21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2011/05/18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011/05/18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011/05/18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011/05/18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011/04/18 15:43:26 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2011/04/18 15:43:24 | 000,191,872 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010/09/01 14:33:12 | 000,061,952 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV - [2010/05/24 15:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2010/03/11 09:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2010/03/11 09:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2010/03/04 17:53:08 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2010/03/02 13:24:58 | 001,006,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) DRV - [2010/02/27 05:01:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd) DRV - [2010/02/03 19:06:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) DRV - [2010/01/27 20:56:48 | 000,054,016 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw17bda.sys -- (hcw17bda) DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2009/09/18 04:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) DRV - [2009/08/18 14:06:44 | 000,114,688 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet) DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice) DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009/08/18 14:06:44 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007/09/06 13:40:26 | 000,026,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb128?a=6OyOvs5mY0&i=26 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=3412_1&babsrc=SP_ss&mntrId=947725b800000000000000262dc04d51 IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=WBG&o=15132&src=kw&q={searchTerms}&locale=&apn_ptnrs=RN&apn_dtid=YYYYYYYYIT&apn_uid=FFB9F63B-4043-4AB5-86B0-E4024990941C&apn_sauid=98E81D55-8F4C-4CEB-91D4-F5B179AA68D2 IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms} IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyOvs5mY0&i=26 IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms} IE - HKCU\..\SearchScopes\{F5C40006-0789-44AC-B709-3C1C69DBEAED}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "MyStart Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb128?a=6OyOvs5mY0&i=26" FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.8 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2 FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10 FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb128/?loc=IB_DS&a=6OyOvs5mY0&&i=26&search=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2011/07/09 20:12:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/07/27 19:26:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/09/05 20:46:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012/09/18 17:37:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/10 18:43:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/10 18:42:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/07/27 19:26:14 | 000,000,000 | ---D | M] [2012/09/05 19:05:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Extensions [2012/09/18 17:37:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions [2012/08/19 11:32:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/09/06 19:35:17 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011/08/20 14:56:36 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\ffxtlbr@babylon.com [2012/09/18 17:37:55 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\ffxtlbr@incredibar.com [2012/09/18 17:37:14 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\OneClickDownload@OneClickDownload.com [2012/09/18 17:37:23 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Mama Heike\AppData\Roaming\mozilla\Firefox\Profiles\jypnab52.default\extensions\plugin@yontoo.com [2012/09/05 18:58:10 | 000,002,400 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\askcom.xml [2012/09/18 17:37:38 | 000,002,203 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\MyStart Search.xml [2012/08/17 10:21:21 | 000,002,519 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\Search_Results.xml [2011/09/06 19:35:10 | 000,003,915 | ---- | M] () -- C:\Users\Mama Heike\AppData\Roaming\Mozilla\Firefox\Profiles\jypnab52.default\searchplugins\sweetim.xml [2012/09/10 18:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/08/24 13:03:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/09/10 18:42:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\distribution\extensions [2012/09/10 18:42:53 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Program Files\mozilla firefox\distribution\extensions\toolbar@web.de [2012/09/05 20:46:46 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2011/07/27 19:26:14 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2011/07/09 20:12:48 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON [2012/08/25 04:00:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/07/20 18:21:40 | 000,106,192 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npstrlnk.dll [2012/08/25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/08/22 16:19:05 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012/08/25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/08/25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/08/25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012/08/17 10:21:21 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2012/08/25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/08/25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH) O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Users\Public\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) O4 - HKLM..\Run: [NapsterShell] C:\Users\Public\Programme\napster.exe (Napster) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.) O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Users\Public\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [tunebite.exe] C:\Program Files\Tunebite\tunebite.exe (RapidSolution Software AG) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube Download - C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Users\Public\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2D8900-E8AB-4BC1-9EEF-2C1F60ADF1E4}: DhcpNameServer = 192.168.42.129 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{57500806-bcea-11df-924b-1c4bd6e50b25}\Shell - "" = AutoRun O33 - MountPoints2\{57500806-bcea-11df-924b-1c4bd6e50b25}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{5750080c-bcea-11df-924b-1c4bd6e50b25}\Shell - "" = AutoRun O33 - MountPoints2\{5750080c-bcea-11df-924b-1c4bd6e50b25}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{7154d752-c4ef-11e0-b5ae-00262dc04d51}\Shell - "" = AutoRun O33 - MountPoints2\{7154d752-c4ef-11e0-b5ae-00262dc04d51}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{7154d754-c4ef-11e0-b5ae-00262dc04d51}\Shell - "" = AutoRun O33 - MountPoints2\{7154d754-c4ef-11e0-b5ae-00262dc04d51}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{782a70b5-1729-11e0-9443-00a0c6000000}\Shell - "" = AutoRun O33 - MountPoints2\{782a70b5-1729-11e0-9443-00a0c6000000}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{bda0c1c4-aa58-11e0-a4fe-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{bda0c1c4-aa58-11e0-a4fe-806e6f6e6963}\Shell\AutoRun\command - "" = F:\StartVMCLite.exe O33 - MountPoints2\{f88cdc83-bcd1-11df-ac96-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f88cdc83-bcd1-11df-ac96-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe /auto O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/09/20 19:04:02 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\Malwarebytes [2012/09/20 19:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/09/20 19:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/09/20 19:03:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/09/20 19:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/09/18 17:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com [2012/09/18 17:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\IB Updater [2012/09/18 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo [2012/09/18 17:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012/09/18 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\Desktop\Mario [2012/09/18 17:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload [2012/09/15 17:19:56 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Local\eMule [2012/09/15 17:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule [2012/09/15 17:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\eMule [2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\WinRAR [2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/09/13 21:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/09/13 21:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012/09/13 20:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012/09/13 20:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2012/09/13 18:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2012/09/13 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\uTorrent [2012/09/13 18:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule [2012/09/10 18:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/09/10 18:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012/09/05 18:53:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/09/05 18:05:37 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\TuneUp Software [2012/09/05 18:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012/09/05 18:04:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012/09/05 18:04:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/09/05 18:02:28 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\OpenCandy [2012/08/22 16:18:47 | 000,000,000 | ---D | C] -- C:\Users\Mama Heike\AppData\Roaming\YourFileDownloader [2012/08/22 16:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\YourFileDownloader [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/09/20 19:53:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/20 19:48:18 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/09/20 19:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/20 19:35:29 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/20 19:27:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job [2012/09/20 19:27:34 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012/09/20 19:27:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/20 19:27:19 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys [2012/09/20 18:44:07 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012/09/20 18:44:07 | 000,616,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/09/20 18:44:07 | 000,130,424 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012/09/20 18:44:07 | 000,106,806 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/09/19 18:54:51 | 000,000,000 | ---- | M] () -- C:\Users\Mama Heike\defogger_reenable [2012/09/18 17:37:57 | 000,000,751 | ---- | M] () -- C:\user.js [2012/09/15 17:20:06 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk [2012/09/13 20:30:21 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012/09/13 18:55:39 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012/09/10 18:43:11 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/09/05 20:46:47 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012/09/05 18:55:26 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012/09/05 18:02:19 | 000,001,268 | ---- | M] () -- C:\Users\Mama Heike\Desktop\Free YouTube Download.lnk [2012/09/05 18:02:19 | 000,001,205 | ---- | M] () -- C:\Users\Mama Heike\Desktop\DVDVideoSoft Free Studio.lnk [3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/09/20 19:03:57 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/09/19 18:54:51 | 000,000,000 | ---- | C] () -- C:\Users\Mama Heike\defogger_reenable [2012/09/19 18:53:41 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl [2012/09/15 17:20:06 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk [2012/09/13 20:30:21 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012/09/13 18:55:39 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012/09/10 18:43:10 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/09/05 18:55:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/09/05 18:55:26 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012/08/22 16:19:17 | 000,000,751 | ---- | C] () -- C:\user.js [2012/07/25 06:25:27 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012/06/07 22:24:59 | 000,073,600 | ---- | C] () -- C:\Windows\System32\ezGOSvc.dll [2012/02/04 20:29:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2012/02/04 20:29:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2011/12/29 16:54:22 | 000,000,934 | ---- | C] () -- C:\Windows\wiso.ini [2011/07/01 15:58:25 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini [2011/07/01 15:58:03 | 000,000,507 | ---- | C] () -- C:\Windows\ODBC.INI [2011/07/01 15:58:03 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011/07/01 15:57:45 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe [2011/07/01 15:57:06 | 000,006,038 | ---- | C] () -- C:\Windows\HCWPNP.INI [2011/04/18 15:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010/09/10 20:28:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== LOP Check ========== [2011/08/20 14:56:12 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Babylon [2011/12/29 16:59:06 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Buhl Data Service [2011/01/09 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Bytemobile [2012/09/05 18:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoft [2012/08/19 11:32:47 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\DVDVideoSoftIEHelpers [2012/02/04 20:29:02 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\FreePDF [2011/07/06 18:59:01 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\go [2010/09/10 20:25:21 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Gutscheinmieze [2010/09/10 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\IObit [2012/09/05 18:02:28 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\OpenCandy [2011/01/22 22:16:18 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Opera [2011/08/12 15:11:19 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\PC Suite [2012/08/21 17:58:55 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Philipp Winterberg [2012/02/05 02:08:23 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\SoftGrid Client [2010/10/17 13:32:24 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\TP [2012/08/05 13:06:10 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\tunebite [2012/09/05 18:05:37 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\TuneUp Software [2012/09/13 18:55:40 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\uTorrent [2011/08/12 15:10:52 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone [2011/08/12 15:31:29 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone Mobile Broadband [2011/01/23 01:47:58 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\Vodafone Mobile Connect [2012/08/22 16:18:47 | 000,000,000 | ---D | M] -- C:\Users\Mama Heike\AppData\Roaming\YourFileDownloader [2012/09/20 19:27:59 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job [2010/11/12 18:12:53 | 000,000,214 | ---- | M] () -- C:\Windows\Tasks\CreateChoiceProcessTask.job [2011/11/23 20:13:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > EXTRAS.TXT: OTL Extras logfile created on: 9/19/2012 7:01:07 PM - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Heike\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.87 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 60.45% Memory free 5.73 Gb Paging File | 4.53 Gb Available in Paging File | 79.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 424.66 Gb Total Space | 142.88 Gb Free Space | 33.64% Space Free | Partition Type: NTFS Drive D: | 40.00 Gb Total Space | 21.12 Gb Free Space | 52.80% Space Free | Partition Type: NTFS Drive F: | 122.71 Mb Total Space | 91.79 Mb Free Space | 74.80% Space Free | Partition Type: FAT Computer Name: MAMAHEIKE-PC | User Name: Mama Heike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Users\Public\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Users\Public\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Users\Public\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BD40123-A754-41DF-AF42-E62EBF5B32E1}" = lport=10243 | protocol=6 | dir=in | app=system | "{163ABDED-3096-46B4-9074-207513825BD7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E5F5766-B6BA-4C02-BBD0-5770E66C4598}" = rport=10243 | protocol=6 | dir=out | app=system | "{20E43667-00A9-42BC-AA7E-9F4E6FF49C71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2393987C-6293-471B-B823-15ECCDDCF475}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{27635C4F-434E-4D26-BAD2-5235723F71FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2DDB6786-BFDC-4CD0-A7A0-80AA5D41EB05}" = lport=137 | protocol=17 | dir=in | app=system | "{32F70392-66F0-4971-A4F9-2C64FCFD07DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3510CF17-F5EF-4EA2-8EF8-E678271254EB}" = lport=138 | protocol=17 | dir=in | app=system | "{38A370DC-77AA-4E32-B064-F88B5BB4F803}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3A326454-F60A-4BE1-BB5B-ACBF230FD21F}" = lport=139 | protocol=6 | dir=in | app=system | "{3D73037A-4BAD-4805-9F09-A27E8FDA570B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{3FD58A4F-1ADC-4392-B0ED-43FAAD1991E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{42417AD5-A34F-461A-AA24-F80A85225349}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{430DEBA0-6C39-4D88-B3EB-75EE67C979DF}" = rport=139 | protocol=6 | dir=out | app=system | "{4D92DBA6-9FF1-4445-99F0-30323D02CFED}" = lport=445 | protocol=6 | dir=in | app=system | "{68CB6655-52A7-463A-912F-BA4E674D3931}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{72B804B1-3F04-4D63-BF11-EA9CD2530CE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{78A4E5F3-9642-49DB-9504-28B754F1195C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7C929A39-3DEC-4A35-AC00-523A91C9D878}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8B652B03-4F01-4E26-8C6E-7CB33A80401E}" = rport=137 | protocol=17 | dir=out | app=system | "{918FFB1F-0516-4F3F-818C-724FCE1C4BA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C326B9D6-9599-4E1D-A402-C3BE06B5125C}" = rport=138 | protocol=17 | dir=out | app=system | "{C3728858-23EA-4D83-804A-458C2B450B27}" = rport=445 | protocol=6 | dir=out | app=system | "{F0314FD2-8544-4127-B0CA-027DB4F3FFC7}" = lport=2869 | protocol=6 | dir=in | app=system | "{F91ED3DE-4172-45EC-8D01-CBAB2CF27AB7}" = lport=2869 | protocol=6 | dir=in | app=system | "{FC059C5D-8359-47F1-B88A-754536940B16}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06FE0BCD-CDD0-4735-BD6F-61A8A19BC972}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{0B794838-A347-4E6C-AA53-072C9D738EE3}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | "{0D7CD169-ACB1-45A9-BD74-C65EB3148D0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0E76DAF7-687D-4F9F-9AF9-0DE2147095CF}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{1D61C07E-CDB5-4669-838B-D2BFED977D45}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{20027A54-C746-49FE-BBD7-E8E8EBB99DB4}" = protocol=17 | dir=in | app=c:\users\public\opera.exe | "{20950152-D235-4D8A-90EE-0516AC1DB36B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{22048B06-DC71-473C-9926-93752AF2C740}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2C2C5EFE-5347-4E5D-942A-E21D50E60BED}" = dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | "{41C69F19-1B2F-4A6E-A36A-4908B0D48105}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4353F046-37B8-4CB9-940F-B0A1AA47B94B}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{4DAB9FA0-80DA-4E79-9D24-F51C877803CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4EE0966F-9DB5-4148-B84D-825F0542B77D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{521FCF53-E996-4EC9-BBE5-D80087F23ABD}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5DE8CAFD-3C74-48A2-B8AB-B2CA38A2635F}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{6385F0ED-7C7F-4AD4-A7B7-292D4DE2252D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{673BCAEC-570A-4D38-8778-23D5820B9F9A}" = protocol=17 | dir=in | app=c:\program files\tunebite\tunebitehelper.exe | "{7154697D-C65B-471A-9BCC-92A15AAF8955}" = protocol=17 | dir=in | app=c:\users\public\opera.exe | "{76FF6097-B33B-43CE-8BAF-935620B3BBA5}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe | "{7BB6E3D1-73DE-45E8-9BE0-F12379443EAE}" = protocol=6 | dir=out | app=system | "{8747F26B-9919-470B-B86B-2E7D77BC9A5A}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | "{9110BD73-3423-43DE-901B-1E28E9D68C67}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | "{9492F312-54CF-404D-AF7F-D7C26886720F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{96537734-59CF-4BC0-884A-D5E5F40F2CB7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{98E7C554-74AB-4D79-BF6D-D5006F1BB45E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{9A9BE3AE-1B03-43C1-BC2C-2EB3F4D3AE4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9D58BBB4-21E0-4D2C-A91E-782B030C5F51}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9DB92A7A-85DE-4846-965B-877D2803B999}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe | "{A5F674D1-97BC-4782-897D-73B9D844F67A}" = protocol=6 | dir=in | app=c:\users\public\opera.exe | "{AFAB3A58-0EC6-44A5-A646-87F59DB9F32C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B2F1A00D-EF76-444C-99CA-2E668F0C2F81}" = protocol=6 | dir=in | app=c:\program files\tunebite\tunebitehelper.exe | "{BF8B23DA-6D6D-49F4-83B9-E67BAE6ABA4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C22681ED-08CF-4CC5-BBA7-079219F6EE93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{CFE9DDEE-EBFE-46A7-80E0-8B21E2BCB957}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E7CED772-6366-4A85-9902-0BB33BF040A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F051BC2B-CB22-4CF0-9A9A-2CD988416C1D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{F3584771-34CA-4AD0-8001-5644EFEB95B0}" = protocol=6 | dir=in | app=c:\users\public\opera.exe | "{FD9F4095-0299-4E1D-B640-F5B396909AD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{2BE78D59-CA80-4753-A376-B73170D9D76B}C:\users\public\programme\napster.exe" = protocol=6 | dir=in | app=c:\users\public\programme\napster.exe | "TCP Query User{54005B71-6D9E-4B46-AF36-FCBACB3C7A1D}C:\Program Files\eMule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{DB442CC4-1F16-47E5-8422-348BF919D255}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{E1891CAB-AD67-401F-A590-491886E7B212}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | "UDP Query User{6FBAB653-76D2-4715-B0BC-5F21ED8B6D9C}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{88ADD6E5-FD6D-4738-9B55-8280AA4D0D87}C:\Program Files\eMule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{B8074CD6-EAF9-4064-98BD-67DACAFC71D4}C:\users\public\programme\napster.exe" = protocol=17 | dir=in | app=c:\users\public\programme\napster.exe | "UDP Query User{DBF3B861-990E-4C68-A5CC-15D4637D278B}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 "_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources "{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011 "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT "{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012 "{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE "{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3 "{1D9943F4-2568-6DE3-0F01-C4A5BC665703}" = Napster 5 Beta "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine "{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver "{30099004-43E8-A86D-E746-C3683CBD45C7}" = myphotobook.de "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.506 "{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN "{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety "{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw "{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR "{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU] "{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster "{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety "{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86 "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension "{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.5.0.8 "{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "1&1 Mail & Media GmbH 1und1InternetExplorerAddon" = WEB.DE Internet Explorer Addon "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung "1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer "504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced SystemCare 3_is1" = Advanced SystemCare 3 "Ashampoo Burning Studio_is1" = Ashampoo Burning Studio "Ashampoo Photo Commander_is1" = Ashampoo Photo Commander "Ashampoo Snap_is1" = Ashampoo Snap "avast" = avast! Free Antivirus "com.Rhapsody.Napster5" = Napster 5 Beta "de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de "Easy Video Joiner_is1" = Easy Video Joiner 5.21 "eMule" = eMule "Free Studio_is1" = Free Studio version 4.8 "Free YouTube Download_is1" = Free YouTube Download version 3.1.35.903 "FreePDF_XP" = FreePDF (Remove only) "GPL Ghostscript 9.04" = GPL Ghostscript "HaaliMkx" = Haali Media Splitter "Hauppauge WinTV 7" = Hauppauge WinTV 7 "Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote "iLivid" = iLivid "incredibar" = Incredibar Toolbar on IE "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9 "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso "InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nokia Ovi Suite" = Nokia Ovi Suite "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Opera 12.02.1578" = Opera 12.02 "RarZilla Free Unrar" = RarZilla Free Unrar "Redirection Port Monitor" = RedMon - Redirection Port Monitor "SynTPDeinstKey" = Synaptics Pointing Device Driver "Tunebite_is1" = Tunebite 4.1.0.35 "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 2.0.2 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = WinRAR 4.20 (32-Bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "YourFileDownloader" = YourFileDownloader ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 9/11/2012 1:39:37 AM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0 Description = GetLoggedOnUser Error - 9/12/2012 6:53:36 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0 Description = GetLoggedOnUser Error - 9/12/2012 6:53:41 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0 Description = GetLoggedOnUser Error - 9/13/2012 12:22:49 PM | Computer Name = MamaHeike-PC | Source = VmbService | ID = 0 Description = GetLoggedOnUser Error - 9/13/2012 3:21:09 PM | Computer Name = MamaHeike-PC | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren werden. Error - 9/14/2012 7:41:36 AM | Computer Name = MamaHeike-PC | Source = System Restore | ID = 8193 Description = Error - 9/14/2012 7:41:39 AM | Computer Name = MamaHeike-PC | Source = VSS | ID = 12289 Description = Error - 9/14/2012 10:33:08 AM | Computer Name = MamaHeike-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Users\Public\programme\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\Users\Public\programme\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 9/15/2012 1:49:43 PM | Computer Name = MamaHeike-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448, Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.8112.16448, Zeitstempel: 0x4fecfb0e Ausnahmecode: 0xc0000005 Fehleroffset: 0x004009de ID des fehlerhaften Prozesses: 0x10bc Startzeit der fehlerhaften Anwendung: 0x01cd93460b77884b Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: baca1781-ff5d-11e1-948f-00262dc04d51 Error - 9/16/2012 1:00:02 PM | Computer Name = MamaHeike-PC | Source = Windows Backup | ID = 4103 Description = [ Media Center Events ] Error - 8/24/2011 12:14:26 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 18:14:26 - Fehler beim Herstellen der Internetverbindung. 18:14:26 - Serververbindung konnte nicht hergestellt werden.. Error - 8/24/2011 12:14:43 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 18:14:31 - Fehler beim Herstellen der Internetverbindung. 18:14:31 - Serververbindung konnte nicht hergestellt werden.. Error - 8/24/2011 1:14:51 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 19:14:51 - Fehler beim Herstellen der Internetverbindung. 19:14:51 - Serververbindung konnte nicht hergestellt werden.. Error - 8/24/2011 1:15:05 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 19:14:56 - Fehler beim Herstellen der Internetverbindung. 19:14:56 - Serververbindung konnte nicht hergestellt werden.. Error - 9/1/2012 4:01:34 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 10:01:34 - Fehler beim Herstellen der Internetverbindung. 10:01:34 - Serververbindung konnte nicht hergestellt werden.. Error - 9/1/2012 4:01:49 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 10:01:39 - Fehler beim Herstellen der Internetverbindung. 10:01:39 - Serververbindung konnte nicht hergestellt werden.. Error - 9/14/2012 7:45:30 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 13:45:30 - Fehler beim Herstellen der Internetverbindung. 13:45:30 - Serververbindung konnte nicht hergestellt werden.. Error - 9/14/2012 7:45:51 AM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 13:45:39 - Fehler beim Herstellen der Internetverbindung. 13:45:39 - Serververbindung konnte nicht hergestellt werden.. Error - 9/19/2012 1:04:13 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 19:04:13 - Fehler beim Herstellen der Internetverbindung. 19:04:13 - Serververbindung konnte nicht hergestellt werden.. Error - 9/19/2012 1:05:17 PM | Computer Name = MamaHeike-PC | Source = MCUpdate | ID = 0 Description = 19:04:18 - Fehler beim Herstellen der Internetverbindung. 19:04:18 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 4/14/2012 3:17:17 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/14/2012 3:17:26 AM | Computer Name = MamaHeike-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?11.?04.?2012 um 21:21:23 unerwartet heruntergefahren. Error - 4/14/2012 3:17:28 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/14/2012 3:39:15 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/14/2012 3:39:24 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/15/2012 11:41:17 AM | Computer Name = MamaHeike-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?14.?04.?2012 um 17:58:46 unerwartet heruntergefahren. Error - 4/15/2012 11:41:08 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/15/2012 11:41:19 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/18/2012 11:50:06 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error - 4/18/2012 11:50:17 AM | Computer Name = MamaHeike-PC | Source = volmgr | ID = 262190 Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen. < End of report > | 
|  21.09.2012, 09:57 | #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrtZitat: 
 Poste die Logs mit den entsprechend protokollierten Funden dazu. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: 
  ATTFilter  hier steht das Log
         
				__________________ | 
|  21.09.2012, 10:37 | #3 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Entschuldigung, ich bin neu hier, ich hoffe ich lerne noch dazu. Die Viren hatte ich bereits gelöscht, bevor ich das Forum hier gefunden habe. Was kann ich denn jetzt machen? Soll ich die Log's noch einmal schicken? __________________ | 
|  21.09.2012, 19:21 | #4 | 
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Ob die Viren schon gelöscht sind ist ja für die Frage irrelevant, ich will die Logs sehen wo das protokolliert wurde, was gefunden und gelöscht ist    
				__________________ Logfiles bitte immer in CODE-Tags posten   | 
|  21.09.2012, 19:40 | #5 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Wo finde ich die?  | 
|  21.09.2012, 22:00 | #6 | 
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt AVAST Logfile?   :x Fehler in den avast! Log Dateien suchen und finden Log Dateien avast! 7 / 6: C:\ProgramData\AVAST Software\Avast\log Log Dateien avast! 7 / 6 / 5 (bei Update von 5 auf 7 oder 6): C:\ProgramData\Alwil Software\Avast5\log Log Dateien avast! 4: C:\Programme\Alwil Software\avast4\Log 
				__________________ --> Virenwarnung von web.de bekommen, daraufhin Login gesperrt | 
|  21.09.2012, 22:13 | #7 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Ok, was soll ich machen? Tut mir leid, dass ich mich so blöd anstelle...  | 
|  22.09.2012, 16:43 | #8 | 
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Log von Avast posten  
				__________________ Logfiles bitte immer in CODE-Tags posten   | 
|  23.09.2012, 11:50 | #9 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Ich wünsche einen schönen Sonntag. Hier habe ich zwei logs, ich weiß aber nicht, ob es die richtigen sind. In diesem Ordner sind sehr viele logs. Ich habe die aktuellsten genommen. Übrigens gingen diese Nacht wieder in meinem Postfach E-Mails ein. Alle unter : Kein Absender, Mail delivery failed, returning message to sender. Meine Virenprogramme finden aber nichts. Bin am verzweifeln | 
|  23.09.2012, 17:40 | #10 | 
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Die Logs solltest du doch direkt posten in CODE-Tags, nicht als Anhang!  
				__________________ Logfiles bitte immer in CODE-Tags posten   | 
|  24.09.2012, 10:32 | #11 | 
|  |   Virenwarnung von web.de bekommen, daraufhin Login gesperrtCode: 
  ATTFilter avast! Antirootkit, version 1.0
Scan started: Sonntag, 23. September 2012 12:18:34
Process  [0] 
Process  [4] 
Process C:\Windows\System32\smss.exe [424] 
Process C:\Windows\System32\csrss.exe [608] 
Process C:\Windows\System32\wininit.exe [648] 
Process C:\Windows\System32\csrss.exe [660] 
Process C:\Windows\System32\services.exe [712] 
Process C:\Windows\System32\lsass.exe [724] 
Process C:\Windows\System32\lsm.exe [732] 
Process C:\Windows\System32\svchost.exe [840] 
Process C:\Windows\System32\svchost.exe [932] 
Process C:\Windows\System32\svchost.exe [992] 
Process C:\Windows\System32\svchost.exe [1028] 
Process C:\Windows\System32\svchost.exe [1056] 
Process C:\Windows\System32\audiodg.exe [1132] 
Process C:\Windows\System32\winlogon.exe [1148] 
Process C:\Windows\servicing\TrustedInstaller.exe [1384] 
Process C:\Windows\System32\svchost.exe [1404] 
Process C:\Windows\System32\svchost.exe [1488] 
Process C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [1548] 
Process C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [1872] 
Process C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [616] 
Process C:\Windows\System32\taskeng.exe [1508] 
Process C:\Windows\System32\spoolsv.exe [1692] 
Process C:\Windows\System32\svchost.exe [1368] 
Process C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2080] 
Process C:\Windows\System32\svchost.exe [2108] 
Process C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE [2144] 
Process C:\IDrive\IDriveE Service.exe [2492] 
Process C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2516] 
Process C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2596] 
Process C:\Program Files\CyberLink\Shared files\RichVideo.exe [2624] 
Process C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2884] 
Process C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2912] 
Process C:\Windows\System32\svchost.exe [2980] 
Process C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [3020] 
Process C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [3080] 
Process C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [3344] 
Process C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE [3368] 
Process C:\Users\Public\Programme\Spybot - Search & Destroy\SDWinSec.exe [3444] 
Process C:\Windows\System32\wbem\WmiPrvSE.exe [2280] 
Process C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2424] 
Process C:\Windows\System32\SearchIndexer.exe [3224] 
Process C:\Windows\System32\svchost.exe [4272] 
Process C:\Windows\System32\svchost.exe [4360] 
Process C:\Windows\System32\taskhost.exe [5032] 
Process C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [5164] 
Process C:\Windows\System32\dwm.exe [5208] 
Process C:\Windows\explorer.exe [5364] 
Process C:\Windows\System32\SearchProtocolHost.exe [5568] 
Process C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [4300] 
Process C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [4536] 
Process C:\Windows\System32\igfxtray.exe [4704] 
Process C:\Windows\System32\hkcmd.exe [800] 
Process C:\Windows\System32\igfxpers.exe [4796] 
Process C:\Program Files\Launch Manager\HotkeyApp.exe [5196] 
Process C:\Program Files\Launch Manager\OSD.exe [5280] 
Process C:\Program Files\Launch Manager\WisLMSvc.exe [5340] 
Process C:\Program Files\Launch Manager\WButton.exe [5460] 
Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4732] 
Process C:\Windows\System32\wbem\WmiPrvSE.exe [5640] 
Process C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [5408] 
Process C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5992] 
Process C:\Users\Public\Programme\napster.exe [2764] 
Process C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [4460] 
Process C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe [1344] 
Process C:\Program Files\SweetIM\Messenger\SweetIM.exe [1268] 
Process C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [3792] 
Process C:\Program Files\FreePDF_XP\fpassist.exe [5336] 
Process C:\Windows\System32\svchost.exe [1292] 
Process C:\Program Files\Windows Media Player\wmpnetwk.exe [1196] 
Process C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [1264] 
Process C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [5416] 
Process C:\Program Files\Windows Sidebar\sidebar.exe [5544] 
Process C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [5840] 
Process C:\Program Files\Tunebite\tunebite.exe [5668] 
Process C:\Program Files\WinTV\WinTV7\WinTVTray.exe [5892] 
Process C:\Program Files\WISO\Steuersoftware 2012\mshaktuell.exe [4048] 
Process C:\Program Files\Internet Explorer\iexplore.exe [3732] 
Process C:\Program Files\Internet Explorer\iexplore.exe [6376] 
Process C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7884] 
Process C:\Windows\System32\sppsvc.exe [7984] 
Process C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [8056] 
Process C:\Windows\System32\svchost.exe [5440] 
Process C:\Windows\System32\svchost.exe [4188] 
Process C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe [6860] 
Process C:\Windows\System32\SearchFilterHost.exe [7148] 
Disk 0 MBR
Service .NET CLR Data [???] 
Service .NET CLR Networking [???] 
Service .NET CLR Networking 4.0.0.0 [???] 
Service .NET Data Provider for Oracle [???] 
Service .NET Data Provider for SqlServer [???] 
Service .NETFramework [???] 
Service 1394ohci [C:\Windows\system32\DRIVERS\1394ohci.sys] 
Service ACPI [C:\Windows\system32\DRIVERS\ACPI.sys] 
Service AcpiPmi [C:\Windows\system32\DRIVERS\acpipmi.sys] 
Service AdobeARMservice [C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe] 
Service AdobeFlashPlayerUpdateSvc [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] 
Service adp94xx [C:\Windows\system32\DRIVERS\adp94xx.sys] 
Service adpahci [C:\Windows\system32\DRIVERS\adpahci.sys] 
Service adpu320 [C:\Windows\system32\DRIVERS\adpu320.sys] 
Service adsi [???] 
Service AeLookupSvc [C:\Windows\System32\aelupsvc.dll] 
Service AFD [C:\Windows\system32\drivers\afd.sys] 
Service agp440 [C:\Windows\system32\DRIVERS\agp440.sys] 
Service aic78xx [C:\Windows\system32\DRIVERS\djsvs.sys] 
Service ALG [C:\Windows\System32\alg.exe] 
Service aliide [C:\Windows\system32\DRIVERS\aliide.sys] 
Service amdagp [C:\Windows\system32\DRIVERS\amdagp.sys] 
Service amdide [C:\Windows\system32\DRIVERS\amdide.sys] 
Service AmdK8 [C:\Windows\system32\DRIVERS\amdk8.sys] 
Service AmdPPM [C:\Windows\system32\DRIVERS\amdppm.sys] 
Service amdsata [C:\Windows\system32\drivers\amdsata.sys] 
Service amdsbs [C:\Windows\system32\DRIVERS\amdsbs.sys] 
Service amdxata [C:\Windows\system32\drivers\amdxata.sys] 
Service androidusb [C:\Windows\System32\Drivers\ssadadb.sys] 
Service AppID [C:\Windows\system32\drivers\appid.sys] 
Service AppIDSvc [C:\Windows\System32\appidsvc.dll] 
Service Appinfo [C:\Windows\System32\appinfo.dll] 
Service AppMgmt [???] 
Service arc [C:\Windows\system32\DRIVERS\arc.sys] 
Service arcsas [C:\Windows\system32\DRIVERS\arcsas.sys] 
Service aswFsBlk [C:\Windows\System32\Drivers\aswFsBlk.sys] 
Service aswMonFlt [C:\Windows\system32\drivers\aswMonFlt.sys] 
Service aswRdr [C:\Windows\System32\Drivers\aswrdr2.sys] 
Service aswSnx [C:\Windows\System32\Drivers\aswSnx.sys] 
Service aswSP [C:\Windows\System32\Drivers\aswSP.sys] 
Service aswTdi [C:\Windows\System32\Drivers\aswTdi.sys] 
Service AsyncMac [C:\Windows\system32\DRIVERS\asyncmac.sys] 
Service atapi [C:\Windows\system32\DRIVERS\atapi.sys] 
Service AudioEndpointBuilder [C:\Windows\System32\Audiosrv.dll] 
Service Audiosrv [C:\Windows\System32\Audiosrv.dll] 
Service avast! Antivirus [C:\Program Files\Alwil Software\Avast5\AvastSvc.exe] 
Service AxInstSV [C:\Windows\System32\AxInstSV.dll] 
Service b06bdrv [C:\Windows\system32\DRIVERS\bxvbdx.sys] 
Service b57nd60x [C:\Windows\system32\DRIVERS\b57nd60x.sys] 
Service BattC [???] 
Service BDESVC [C:\Windows\System32\bdesvc.dll] 
Service Beep [C:\Windows\System32\Drivers\Beep.sys] 
Service BFE [C:\Windows\System32\bfe.dll] 
Service BITS [C:\Windows\System32\qmgr.dll] 
Service blbdrive [C:\Windows\system32\DRIVERS\blbdrive.sys] 
Service BMLoad [C:\Windows\system32\drivers\BMLoad.sys] 
Service bowser [C:\Windows\system32\DRIVERS\bowser.sys] 
Service BrFiltLo [C:\Windows\system32\DRIVERS\BrFiltLo.sys] 
Service BrFiltUp [C:\Windows\system32\DRIVERS\BrFiltUp.sys] 
Service Browser [C:\Windows\System32\browser.dll] 
Service Brserid [C:\Windows\System32\Drivers\Brserid.sys] 
Service BrSerWdm [C:\Windows\System32\Drivers\BrSerWdm.sys] 
Service BrUsbMdm [C:\Windows\System32\Drivers\BrUsbMdm.sys] 
Service BrUsbSer [C:\Windows\System32\Drivers\BrUsbSer.sys] 
Service BthEnum [C:\Windows\system32\DRIVERS\BthEnum.sys] 
Service BTHMODEM [C:\Windows\system32\DRIVERS\bthmodem.sys] 
Service BthPan [C:\Windows\system32\DRIVERS\bthpan.sys] 
Service BTHPORT [C:\Windows\System32\Drivers\BTHport.sys] 
Service bthserv [C:\Windows\system32\bthserv.dll] 
Service BTHUSB [C:\Windows\System32\Drivers\BTHUSB.sys] 
Service cdfs [C:\Windows\system32\DRIVERS\cdfs.sys] 
Service cdrom [C:\Windows\system32\DRIVERS\cdrom.sys] 
Service CertPropSvc [C:\Windows\System32\certprop.dll] 
Service circlass [C:\Windows\system32\DRIVERS\circlass.sys] 
Service CLFS [C:\Windows\System32\CLFS.sys] 
Service clr_optimization_v2.0.50727_32 [C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe] 
Service clr_optimization_v4.0.30319_32 [C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe] 
Service CmBatt [C:\Windows\system32\DRIVERS\CmBatt.sys] 
Service cmdide [C:\Windows\system32\DRIVERS\cmdide.sys] 
Service cmnsusbser [C:\Windows\system32\DRIVERS\cmnsusbser.sys] 
Service CNG [C:\Windows\System32\Drivers\cng.sys] 
Service Compbatt [C:\Windows\system32\DRIVERS\compbatt.sys] 
Service CompositeBus [C:\Windows\system32\DRIVERS\CompositeBus.sys] 
Service COMSysApp [C:\Windows\system32\dllhost.exe] 
Service crcdisk [C:\Windows\system32\DRIVERS\crcdisk.sys] 
Service crypt32 [???] 
Service CryptSvc [C:\Windows\system32\cryptsvc.dll] 
Service cvhsvc [C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE] 
Service DCLocator [???] 
Service DcomLaunch [C:\Windows\system32\rpcss.dll] 
Service defragsvc [C:\Windows\System32\defragsvc.dll] 
Service DfsC [C:\Windows\System32\Drivers\dfsc.sys] 
Service Dhcp [C:\Windows\system32\dhcpcore.dll] 
Service discache [C:\Windows\System32\drivers\discache.sys] 
Service Disk [C:\Windows\system32\DRIVERS\disk.sys] 
Service Dnscache [C:\Windows\System32\dnsrslvr.dll] 
Service dot3svc [C:\Windows\System32\dot3svc.dll] 
Service DPS [C:\Windows\system32\dps.dll] 
Service drmkaud [C:\Windows\system32\drivers\drmkaud.sys] 
Service DXGKrnl [C:\Windows\System32\drivers\dxgkrnl.sys] 
Service EapHost [C:\Windows\System32\eapsvc.dll] 
Service ebdrv [C:\Windows\system32\DRIVERS\evbdx.sys] 
Service EFS [C:\Windows\System32\lsass.exe] 
Service ehRecvr [C:\Windows\ehome\ehRecvr.exe] 
Service ehSched [C:\Windows\ehome\ehsched.exe] 
Service elxstor [C:\Windows\system32\DRIVERS\elxstor.sys] 
Service ErrDev [C:\Windows\system32\DRIVERS\errdev.sys] 
Service ESENT [???] 
Service eventlog [C:\Windows\System32\wevtsvc.dll] 
Service EventSystem [C:\Windows\system32\es.dll] 
Service exfat [C:\Windows\System32\Drivers\exfat.sys] 
Service ezGOSvc [C:\Windows\system32\ezGOSvc.dll] 
Service fastfat [C:\Windows\System32\Drivers\fastfat.sys] 
Service Fax [C:\Windows\system32\fxssvc.exe] 
Service fdc [C:\Windows\system32\DRIVERS\fdc.sys] 
Service fdPHost [C:\Windows\system32\fdPHost.dll] 
Service FDResPub [C:\Windows\system32\fdrespub.dll] 
Service FileInfo [C:\Windows\system32\drivers\fileinfo.sys] 
Service Filetrace [C:\Windows\system32\drivers\filetrace.sys] 
Service flpydisk [C:\Windows\system32\DRIVERS\flpydisk.sys] 
Service FltMgr [C:\Windows\system32\drivers\fltmgr.sys] 
Service FontCache [C:\Windows\system32\FntCache.dll] 
Service FontCache3.0.0.0 [C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe] 
Service FsDepends [C:\Windows\System32\drivers\FsDepends.sys] 
Service fssfltr [C:\Windows\system32\DRIVERS\fssfltr.sys] 
Service fsssvc [C:\Program Files\Windows Live\Family Safety\fsssvc.exe] 
Service Fs_Rec [C:\Windows\System32\Drivers\Fs_Rec.sys] 
Service fvevol [C:\Windows\System32\DRIVERS\fvevol.sys] 
Service gagp30kx [C:\Windows\system32\DRIVERS\gagp30kx.sys] 
Service gpsvc [C:\Windows\System32\gpsvc.dll] 
Service HauppaugeTVServer [C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE] 
Service hcw17bda [C:\Windows\system32\drivers\hcw17bda.sys] 
Service hcw89 [???] 
Service HdAudAddService [C:\Windows\system32\drivers\HdAudio.sys] 
Service HDAudBus [C:\Windows\system32\DRIVERS\HDAudBus.sys] 
Service HECI [C:\Windows\system32\DRIVERS\HECI.sys] 
Service HidBatt [C:\Windows\system32\DRIVERS\HidBatt.sys] 
Service HidBth [C:\Windows\system32\DRIVERS\hidbth.sys] 
Service HidIr [C:\Windows\system32\DRIVERS\hidir.sys] 
Service hidserv [C:\Windows\system32\hidserv.dll] 
Service HidUsb [C:\Windows\system32\DRIVERS\hidusb.sys] 
Service hkmsvc [C:\Windows\system32\kmsvc.dll] 
Service HomeGroupListener [C:\Windows\system32\ListSvc.dll] 
Service HomeGroupProvider [C:\Windows\system32\provsvc.dll] 
Service HpSAMD [C:\Windows\system32\DRIVERS\HpSAMD.sys] 
Service HTTP [C:\Windows\system32\drivers\HTTP.sys] 
Service huawei_enumerator [C:\Windows\system32\DRIVERS\ew_jubusenum.sys] 
Service hwdatacard [C:\Windows\system32\DRIVERS\ewusbmdm.sys] 
Service hwpolicy [C:\Windows\System32\drivers\hwpolicy.sys] 
Service i8042prt [C:\Windows\system32\DRIVERS\i8042prt.sys] 
Service ialm [???] 
Service iaStor [C:\Windows\system32\DRIVERS\iaStor.sys] 
Service IAStorDataMgrSvc [C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe] 
Service iaStorV [C:\Windows\system32\drivers\iaStorV.sys] 
Service IB Updater Updater [C:\Program Files\IB Updater\ExtensionUpdaterService.exe] 
Service IDriveE Service [C:\IDrive\IDriveE Service.exe] 
Service idsvc [C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe] 
Service igfx [C:\Windows\system32\DRIVERS\igdkmd32.sys] 
Service iirsp [C:\Windows\system32\DRIVERS\iirsp.sys] 
Service IKEEXT [C:\Windows\System32\ikeext.dll] 
Service Impcd [C:\Windows\system32\DRIVERS\Impcd.sys] 
Service inetaccs [???] 
Service IntcAzAudAddService [C:\Windows\system32\drivers\RTKVHDA.sys] 
Service IntcDAud [C:\Windows\system32\DRIVERS\IntcDAud.sys] 
Service intelide [C:\Windows\system32\DRIVERS\intelide.sys] 
Service intelppm [C:\Windows\system32\DRIVERS\intelppm.sys] 
Service IPBusEnum [C:\Windows\system32\ipbusenum.dll] 
Service IpFilterDriver [C:\Windows\system32\DRIVERS\ipfltdrv.sys] 
Service iphlpsvc [C:\Windows\System32\iphlpsvc.dll] 
Service IPMIDRV [C:\Windows\system32\DRIVERS\IPMIDrv.sys] 
Service IPNAT [C:\Windows\System32\drivers\ipnat.sys] 
Service IRENUM [C:\Windows\system32\drivers\irenum.sys] 
Service isapnp [C:\Windows\system32\DRIVERS\isapnp.sys] 
Service iScsiPrt [C:\Windows\system32\DRIVERS\msiscsi.sys] 
Service ISWKL [C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys] 
Service IswSvc [C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe] 
Service kbdclass [C:\Windows\system32\DRIVERS\kbdclass.sys] 
Service kbdhid [C:\Windows\system32\DRIVERS\kbdhid.sys] 
Service KeyIso [C:\Windows\system32\lsass.exe] 
Service KL1 [C:\Windows\system32\DRIVERS\kl1.sys] 
Service kl2 [C:\Windows\system32\DRIVERS\kl2.sys] 
Service KLIF [C:\Windows\system32\DRIVERS\klif.sys] 
Service KSecDD [C:\Windows\System32\Drivers\ksecdd.sys] 
Service KSecPkg [C:\Windows\System32\Drivers\ksecpkg.sys] 
Service KtmRm [C:\Windows\system32\msdtckrm.dll] 
Service L1C [C:\Windows\system32\DRIVERS\L1C62x86.sys] 
Service LanmanServer [C:\Windows\system32\srvsvc.dll] 
Service LanmanWorkstation [C:\Windows\System32\wkssvc.dll] 
Service ldap [???] 
Service lltdio [C:\Windows\system32\DRIVERS\lltdio.sys] 
Service lltdsvc [C:\Windows\System32\lltdsvc.dll] 
Service lmhosts [C:\Windows\System32\lmhsvc.dll] 
Service LMS [C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe] 
Service Lsa [???] 
Service LSI_FC [C:\Windows\system32\DRIVERS\lsi_fc.sys] 
Service LSI_SAS [C:\Windows\system32\DRIVERS\lsi_sas.sys] 
Service LSI_SAS2 [C:\Windows\system32\DRIVERS\lsi_sas2.sys] 
Service LSI_SCSI [C:\Windows\system32\DRIVERS\lsi_scsi.sys] 
Service luafv [C:\Windows\system32\drivers\luafv.sys] 
Service MAV Client PerfMon Provider [???] 
Service Mcx2Svc [C:\Windows\system32\Mcx2Svc.dll] 
Service megasas [C:\Windows\system32\DRIVERS\megasas.sys] 
Service MegaSR [C:\Windows\system32\DRIVERS\MegaSR.sys] 
Service MMCSS [C:\Windows\system32\mmcss.dll] 
Service Modem [C:\Windows\system32\drivers\modem.sys] 
Service monitor [C:\Windows\system32\DRIVERS\monitor.sys] 
Service mouclass [C:\Windows\system32\DRIVERS\mouclass.sys] 
Service mouhid [C:\Windows\system32\DRIVERS\mouhid.sys] 
Service mountmgr [C:\Windows\System32\drivers\mountmgr.sys] 
Service MozillaMaintenance [C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe] 
Service mpio [C:\Windows\system32\DRIVERS\mpio.sys] 
Service mpsdrv [C:\Windows\System32\drivers\mpsdrv.sys] 
Service MpsSvc [C:\Windows\system32\mpssvc.dll] 
Service MRxDAV [C:\Windows\system32\drivers\mrxdav.sys] 
Service mrxsmb [C:\Windows\system32\DRIVERS\mrxsmb.sys] 
Service mrxsmb10 [C:\Windows\system32\DRIVERS\mrxsmb10.sys] 
Service mrxsmb20 [C:\Windows\system32\DRIVERS\mrxsmb20.sys] 
Service msahci [C:\Windows\system32\DRIVERS\msahci.sys] 
Service msdsm [C:\Windows\system32\DRIVERS\msdsm.sys] 
Service MSDTC [C:\Windows\System32\msdtc.exe] 
Service MSDTC Bridge 3.0.0.0 [???] 
Service MSDTC Bridge 4.0.0.0 [???] 
Service Msfs [C:\Windows\System32\Drivers\Msfs.sys] 
Service mshidkmdf [C:\Windows\System32\drivers\mshidkmdf.sys] 
Service msisadrv [C:\Windows\system32\DRIVERS\msisadrv.sys] 
Service MSiSCSI [C:\Windows\system32\iscsiexe.dll] 
Service msiserver [C:\Windows\system32\msiexec.exe] 
Service MSKSSRV [C:\Windows\system32\drivers\MSKSSRV.sys] 
Service MSPCLOCK [C:\Windows\system32\drivers\MSPCLOCK.sys] 
Service MSPQM [C:\Windows\system32\drivers\MSPQM.sys] 
Service MsRPC [C:\Windows\System32\Drivers\MsRPC.sys] 
Service MSSCNTRS [???] 
Service mssmbios [C:\Windows\system32\DRIVERS\mssmbios.sys] 
Service MSTEE [C:\Windows\system32\drivers\MSTEE.sys] 
Service MTConfig [C:\Windows\system32\DRIVERS\MTConfig.sys] 
Service Mup [C:\Windows\System32\Drivers\mup.sys] 
Service napagent [C:\Windows\system32\qagentRT.dll] 
Service NativeWifiP [C:\Windows\system32\DRIVERS\nwifi.sys] 
Service NDIS [C:\Windows\system32\drivers\ndis.sys] 
Service NdisCap [C:\Windows\system32\DRIVERS\ndiscap.sys] 
Service NdisTapi [C:\Windows\system32\DRIVERS\ndistapi.sys] 
Service Ndisuio [C:\Windows\system32\DRIVERS\ndisuio.sys] 
Service NdisWan [C:\Windows\system32\DRIVERS\ndiswan.sys] 
Service NDProxy [C:\Windows\System32\Drivers\NDProxy.sys] 
Service NetBIOS [C:\Windows\system32\DRIVERS\netbios.sys] 
Service NetBT [C:\Windows\System32\DRIVERS\netbt.sys] 
Service Netlogon [C:\Windows\system32\lsass.exe] 
Service Netman [C:\Windows\System32\netman.dll] 
Service netprofm [C:\Windows\System32\netprofm.dll] 
Service NetTcpPortSharing [C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe] 
Service nfrd960 [C:\Windows\system32\DRIVERS\nfrd960.sys] 
Service NlaSvc [C:\Windows\System32\nlasvc.dll] 
Service nmwcd [C:\Windows\system32\drivers\ccdcmb.sys] 
Service nmwcdc [C:\Windows\system32\drivers\ccdcmbo.sys] 
Service npf [C:\Windows\system32\drivers\npf.sys] 
Service Npfs [C:\Windows\System32\Drivers\Npfs.sys] 
Service nsi [C:\Windows\system32\nsisvc.dll] 
Service nsiproxy [C:\Windows\system32\drivers\nsiproxy.sys] 
Service NTDS [???] 
Service Ntfs [C:\Windows\System32\Drivers\Ntfs.sys] 
Service Null [C:\Windows\System32\Drivers\Null.sys] 
Service nvraid [C:\Windows\system32\drivers\nvraid.sys] 
Service nvstor [C:\Windows\system32\drivers\nvstor.sys] 
Service nv_agp [C:\Windows\system32\DRIVERS\nv_agp.sys] 
Service ohci1394 [C:\Windows\system32\DRIVERS\ohci1394.sys] 
Service ose [C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE] 
Service osppsvc [C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE] 
Service Outlook [???] 
Service p2pimsvc [C:\Windows\system32\pnrpsvc.dll] 
Service p2psvc [C:\Windows\system32\p2psvc.dll] 
Service Parport [C:\Windows\system32\DRIVERS\parport.sys] 
Service partmgr [C:\Windows\System32\drivers\partmgr.sys] 
Service Parvdm [C:\Windows\system32\DRIVERS\parvdm.sys] 
Service PcaSvc [C:\Windows\System32\pcasvc.dll] 
Service pccsmcfd [C:\Windows\system32\DRIVERS\pccsmcfd.sys] 
Service pci [C:\Windows\system32\DRIVERS\pci.sys] 
Service pciide [C:\Windows\system32\DRIVERS\pciide.sys] 
Service pcmcia [C:\Windows\system32\DRIVERS\pcmcia.sys] 
Service pcw [C:\Windows\System32\drivers\pcw.sys] 
Service PEAUTH [C:\Windows\system32\drivers\peauth.sys] 
Service PerfDisk [???] 
Service PerfNet [???] 
Service PerfOS [???] 
Service PerfProc [???] 
Service pla [C:\Windows\system32\pla.dll] 
Service PlugPlay [C:\Windows\system32\umpnpmgr.dll] 
Service PNRPAutoReg [C:\Windows\system32\pnrpauto.dll] 
Service PNRPsvc [C:\Windows\system32\pnrpsvc.dll] 
Service PolicyAgent [C:\Windows\System32\ipsecsvc.dll] 
Service PortProxy [???] 
Service Power [C:\Windows\system32\umpo.dll] 
Service PptpMiniport [C:\Windows\system32\DRIVERS\raspptp.sys] 
Service Processor [C:\Windows\system32\DRIVERS\processr.sys] 
Service ProfSvc [C:\Windows\system32\profsvc.dll] 
Service ProtectedStorage [C:\Windows\system32\lsass.exe] 
Service Psched [C:\Windows\system32\DRIVERS\pacer.sys] 
Service PSI_SVC_2 [c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe] 
Service PxHelp20 [C:\Windows\System32\Drivers\PxHelp20.sys] 
Service ql2300 [C:\Windows\system32\DRIVERS\ql2300.sys] 
Service ql40xx [C:\Windows\system32\DRIVERS\ql40xx.sys] 
Service QWAVE [C:\Windows\system32\qwave.dll] 
Service QWAVEdrv [C:\Windows\system32\drivers\qwavedrv.sys] 
Service RasAcd [C:\Windows\System32\DRIVERS\rasacd.sys] 
Service RasAgileVpn [C:\Windows\system32\DRIVERS\AgileVpn.sys] 
Service RasAuto [C:\Windows\System32\rasauto.dll] 
Service Rasl2tp [C:\Windows\system32\DRIVERS\rasl2tp.sys] 
Service RasMan [C:\Windows\System32\rasmans.dll] 
Service RasPppoe [C:\Windows\system32\DRIVERS\raspppoe.sys] 
Service RasSstp [C:\Windows\system32\DRIVERS\rassstp.sys] 
Service rdbss [C:\Windows\system32\DRIVERS\rdbss.sys] 
Service rdpbus [C:\Windows\system32\DRIVERS\rdpbus.sys] 
Service RDPCDD [C:\Windows\System32\DRIVERS\RDPCDD.sys] 
Service RDPDD [???] 
Service RDPENCDD [C:\Windows\system32\drivers\rdpencdd.sys] 
Service RDPNP [???] 
Service RDPREFMP [C:\Windows\system32\drivers\rdprefmp.sys] 
Service RDPWD [C:\Windows\System32\Drivers\RDPWD.sys] 
Service rdyboost [C:\Windows\System32\drivers\rdyboost.sys] 
Service RemoteAccess [C:\Windows\System32\mprdim.dll] 
Service RemoteRegistry [C:\Windows\system32\regsvc.dll] 
Service RFCOMM [C:\Windows\system32\DRIVERS\rfcomm.sys] 
Service RichVideo [C:\Program Files\CyberLink\Shared files\RichVideo.exe] 
Service RpcEptMapper [C:\Windows\System32\RpcEpMap.dll] 
Service RpcLocator [C:\Windows\system32\locator.exe] 
Service RpcSs [C:\Windows\system32\rpcss.dll] 
Service rspndr [C:\Windows\system32\DRIVERS\rspndr.sys] 
Service RSUSBSTOR [C:\Windows\System32\Drivers\RtsUStor.sys] 
Service rtl8192se [C:\Windows\system32\DRIVERS\rtl8192se.sys] 
Service SamSs [C:\Windows\system32\lsass.exe] 
Service sbp2port [C:\Windows\system32\DRIVERS\sbp2port.sys] 
Service SBSDWSCService [C:\Users\Public\Programme\Spybot - Search & Destroy\SDWinSec.exe] 
Service SCardSvr [C:\Windows\System32\SCardSvr.dll] 
Service scfilter [C:\Windows\System32\DRIVERS\scfilter.sys] 
Service Schedule [C:\Windows\system32\schedsvc.dll] 
Service SCPolicySvc [C:\Windows\System32\certprop.dll] 
Service SDRSVC [C:\Windows\System32\SDRSVC.dll] 
Service secdrv [C:\Windows\System32\Drivers\secdrv.sys] 
Service seclogon [C:\Windows\system32\seclogon.dll] 
Service SENS [C:\Windows\System32\sens.dll] 
Service SensrSvc [C:\Windows\system32\sensrsvc.dll] 
Service Serenum [C:\Windows\system32\DRIVERS\serenum.sys] 
Service Serial [C:\Windows\system32\DRIVERS\serial.sys] 
Service sermouse [C:\Windows\system32\DRIVERS\sermouse.sys] 
Service ServiceLayer [C:\Program Files\PC Connectivity Solution\ServiceLayer.exe] 
Service ServiceModelEndpoint 3.0.0.0 [???] 
Service ServiceModelOperation 3.0.0.0 [???] 
Service ServiceModelService 3.0.0.0 [???] 
Service SessionEnv [C:\Windows\system32\sessenv.dll] 
Service sffdisk [C:\Windows\system32\DRIVERS\sffdisk.sys] 
Service sffp_mmc [C:\Windows\system32\DRIVERS\sffp_mmc.sys] 
Service sffp_sd [C:\Windows\system32\DRIVERS\sffp_sd.sys] 
Service sfloppy [C:\Windows\system32\DRIVERS\sfloppy.sys] 
Service Sftfs [C:\Windows\system32\DRIVERS\Sftfslh.sys] 
Service sftlist [C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe] 
Service Sftplay [C:\Windows\system32\DRIVERS\Sftplaylh.sys] 
Service Sftredir [C:\Windows\system32\DRIVERS\Sftredirlh.sys] 
Service Sftvol [C:\Windows\system32\DRIVERS\Sftvollh.sys] 
Service sftvsa [C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe] 
Service SharedAccess [C:\Windows\System32\ipnathlp.dll] 
Service ShellHWDetection [C:\Windows\System32\shsvcs.dll] 
Service sisagp [C:\Windows\system32\DRIVERS\sisagp.sys] 
Service SiSRaid2 [C:\Windows\system32\DRIVERS\SiSRaid2.sys] 
Service SiSRaid4 [C:\Windows\system32\DRIVERS\sisraid4.sys] 
Service Skype C2C Service [C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe] 
Service SkypeUpdate [C:\Program Files\Skype\Updater\Updater.exe] 
Service Smb [C:\Windows\system32\DRIVERS\smb.sys] 
Service SMSvcHost 3.0.0.0 [???] 
Service SMSvcHost 4.0.0.0 [???] 
Service SNMPTRAP [C:\Windows\System32\snmptrap.exe] 
Service spldr [C:\Windows\System32\Drivers\spldr.sys] 
Service Spooler [C:\Windows\System32\spoolsv.exe] 
Service sppsvc [C:\Windows\system32\sppsvc.exe] 
Service sppuinotify [C:\Windows\system32\sppuinotify.dll] 
Service srv [C:\Windows\System32\DRIVERS\srv.sys] 
Service srv2 [C:\Windows\System32\DRIVERS\srv2.sys] 
Service srvnet [C:\Windows\System32\DRIVERS\srvnet.sys] 
Service ssadbus [C:\Windows\system32\DRIVERS\ssadbus.sys] 
Service ssadmdfl [C:\Windows\system32\DRIVERS\ssadmdfl.sys] 
Service ssadmdm [C:\Windows\system32\DRIVERS\ssadmdm.sys] 
Service ssadserd [C:\Windows\system32\DRIVERS\ssadserd.sys] 
Service SSDPSRV [C:\Windows\System32\ssdpsrv.dll] 
Service SstpSvc [C:\Windows\system32\sstpsvc.dll] 
Service stexstor [C:\Windows\system32\DRIVERS\stexstor.sys] 
Service StiSvc [C:\Windows\System32\wiaservc.dll] 
Service swenum [C:\Windows\system32\DRIVERS\swenum.sys] 
Service swprv [C:\Windows\System32\swprv.dll] 
Service SynTP [C:\Windows\system32\DRIVERS\SynTP.sys] 
Service SysMain [C:\Windows\system32\sysmain.dll] 
Service TabletInputService [C:\Windows\System32\TabSvc.dll] 
Service TapiSrv [C:\Windows\System32\tapisrv.dll] 
Service tbhsd [C:\Windows\system32\drivers\tbhsd.sys] 
Service TBS [C:\Windows\System32\tbssvc.dll] 
Service Tcpip [C:\Windows\System32\drivers\tcpip.sys] 
Service TCPIP6 [C:\Windows\system32\DRIVERS\tcpip.sys] 
Service TCPIP6TUNNEL [???] 
Service tcpipBM [C:\Windows\system32\drivers\tcpipBM.sys] 
Service tcpipreg [C:\Windows\System32\drivers\tcpipreg.sys] 
Service TCPIPTUNNEL [???] 
Service TDPIPE [C:\Windows\system32\drivers\tdpipe.sys] 
Service TDTCP [C:\Windows\system32\drivers\tdtcp.sys] 
Service tdx [C:\Windows\system32\DRIVERS\tdx.sys] 
Service TermDD [C:\Windows\system32\DRIVERS\termdd.sys] 
Service TermService [C:\Windows\System32\termsrv.dll] 
Service Themes [C:\Windows\system32\themeservice.dll] 
Service THREADORDER [C:\Windows\system32\mmcss.dll] 
Service TrkWks [C:\Windows\System32\trkwks.dll] 
Service TrustedInstaller [C:\Windows\servicing\TrustedInstaller.exe] 
Service TSDDD [???] 
Service tssecsrv [C:\Windows\System32\DRIVERS\tssecsrv.sys] 
Service tunnel [C:\Windows\system32\DRIVERS\tunnel.sys] 
Service uagp35 [C:\Windows\system32\DRIVERS\uagp35.sys] 
Service udfs [C:\Windows\system32\DRIVERS\udfs.sys] 
Service UGatherer [???] 
Service UGTHRSVC [???] 
Service UI0Detect [C:\Windows\system32\UI0Detect.exe] 
Service uliagpkx [C:\Windows\system32\DRIVERS\uliagpkx.sys] 
Service umbus [C:\Windows\system32\DRIVERS\umbus.sys] 
Service UmPass [C:\Windows\system32\DRIVERS\umpass.sys] 
Service UNS [C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe] 
Service upnphost [C:\Windows\System32\upnphost.dll] 
Service upperdev [C:\Windows\system32\DRIVERS\usbser_lowerflt.sys] 
Service usbccgp [C:\Windows\system32\DRIVERS\usbccgp.sys] 
Service usbcir [C:\Windows\system32\DRIVERS\usbcir.sys] 
Service usbehci [C:\Windows\system32\drivers\usbehci.sys] 
Service usbhub [C:\Windows\system32\DRIVERS\usbhub.sys] 
Service usbohci [C:\Windows\system32\drivers\usbohci.sys] 
Service usbprint [C:\Windows\system32\DRIVERS\usbprint.sys] 
Service usbscan [C:\Windows\system32\DRIVERS\usbscan.sys] 
Service usbser [C:\Windows\system32\drivers\usbser.sys] 
Service UsbserFilt [C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys] 
Service USBSTOR [C:\Windows\system32\DRIVERS\USBSTOR.SYS] 
Service usbuhci [C:\Windows\system32\drivers\usbuhci.sys] 
Service usbvideo [C:\Windows\System32\Drivers\usbvideo.sys] 
Service usb_rndisx [C:\Windows\system32\DRIVERS\usb8023x.sys] 
Service UxSms [C:\Windows\System32\uxsms.dll] 
Service VaultSvc [C:\Windows\system32\lsass.exe] 
Service vdrvroot [C:\Windows\system32\DRIVERS\vdrvroot.sys] 
Service vds [C:\Windows\System32\vds.exe] 
Service vga [C:\Windows\system32\DRIVERS\vgapnp.sys] 
Service VgaSave [C:\Windows\System32\drivers\vga.sys] 
Service vhdmp [C:\Windows\system32\DRIVERS\vhdmp.sys] 
Service viaagp [C:\Windows\system32\DRIVERS\viaagp.sys] 
Service ViaC7 [C:\Windows\system32\DRIVERS\viac7.sys] 
Service viaide [C:\Windows\system32\DRIVERS\viaide.sys] 
Service VmbService [C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe] 
Service vodafone_K3805-z_dc_enum [C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys] 
Service volmgr [C:\Windows\system32\DRIVERS\volmgr.sys] 
Service volmgrx [C:\Windows\System32\drivers\volmgrx.sys] 
Service volsnap [C:\Windows\system32\DRIVERS\volsnap.sys] 
Service Vsdatant [C:\Windows\system32\DRIVERS\vsdatant.sys] 
Service vsmon [C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe] 
Service vsmraid [C:\Windows\system32\DRIVERS\vsmraid.sys] 
Service VSS [C:\Windows\system32\vssvc.exe] 
Service vwifibus [C:\Windows\system32\DRIVERS\vwifibus.sys] 
Service vwififlt [C:\Windows\system32\DRIVERS\vwififlt.sys] 
Service W32Time [C:\Windows\system32\w32time.dll] 
Service W3SVC [???] 
Service WacomPen [C:\Windows\system32\DRIVERS\wacompen.sys] 
Service WANARP [C:\Windows\system32\DRIVERS\wanarp.sys] 
Service Wanarpv6 [C:\Windows\system32\DRIVERS\wanarp.sys] 
Service WatAdminSvc [C:\Windows\system32\Wat\WatAdminSvc.exe] 
Service wbengine [C:\Windows\system32\wbengine.exe] 
Service WbioSrvc [C:\Windows\System32\wbiosrvc.dll] 
Service wcncsvc [C:\Windows\System32\wcncsvc.dll] 
Service WcsPlugInService [C:\Windows\System32\WcsPlugInService.dll] 
Service Wd [C:\Windows\system32\DRIVERS\wd.sys] 
Service Wdf01000 [C:\Windows\system32\drivers\Wdf01000.sys] 
Service WdiServiceHost [C:\Windows\system32\wdi.dll] 
Service WdiSystemHost [C:\Windows\system32\wdi.dll] 
Service WebClient [C:\Windows\System32\webclnt.dll] 
Service Wecsvc [C:\Windows\system32\wecsvc.dll] 
Service wercplsupport [C:\Windows\System32\wercplsupport.dll] 
Service WerSvc [C:\Windows\System32\WerSvc.dll] 
Service WfpLwf [C:\Windows\system32\DRIVERS\wfplwf.sys] 
Service WIMMount [C:\Windows\system32\drivers\wimmount.sys] 
Service WinDefend [C:\Program Files\Windows Defender\mpsvc.dll] 
Service Windows Workflow Foundation 3.0.0.0 [???] 
Service WinHttpAutoProxySvc [C:\Windows\system32\winhttp.dll] 
Service Winmgmt [C:\Windows\system32\wbem\WMIsvc.dll] 
Service WinRM [C:\Windows\system32\WsmSvc.dll] 
Service Winsock [C:\Windows\System32\Drivers\Winsock.sys] 
Service WinSock2 [???] 
Service WinUsb [C:\Windows\system32\DRIVERS\WinUsb.sys] 
Service WisLMSvc [C:\Program Files\Launch Manager\WisLMSvc.exe] 
Service Wlansvc [C:\Windows\System32\wlansvc.dll] 
Service wlcrasvc [C:\Program Files\Windows Live\Mesh\wlcrasvc.exe] 
Service wlidsvc [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE] 
Service WmiAcpi [C:\Windows\system32\DRIVERS\wmiacpi.sys] 
Service WmiApRpl [???] 
Service wmiApSrv [C:\Windows\system32\wbem\WmiApSrv.exe] 
Service WMPNetworkSvc [C:\Program Files\Windows Media Player\wmpnetwk.exe] 
Service WPCSvc [C:\Windows\System32\wpcsvc.dll] 
Service WPDBusEnum [C:\Windows\system32\wpdbusenum.dll] 
Service ws2ifsl [C:\Windows\system32\drivers\ws2ifsl.sys] 
Service wscsvc [C:\Windows\System32\wscsvc.dll] 
Service WSearch [C:\Windows\system32\SearchIndexer.exe] 
Service WSearchIdxPi [???] 
Service wuauserv [C:\Windows\system32\wuaueng.dll] 
Service WudfPf [C:\Windows\system32\drivers\WudfPf.sys] 
Service WUDFRd [C:\Windows\system32\DRIVERS\WUDFRd.sys] 
Service wudfsvc [C:\Windows\System32\WUDFSvc.dll] 
Service WwanSvc [C:\Windows\System32\wwansvc.dll] 
Service xmlprov [???] 
Service ZTEusbmdm6k [C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys] 
Service ZTEusbnet [C:\Windows\system32\DRIVERS\ZTEusbnet.sys] 
Service ZTEusbnmea [C:\Windows\system32\DRIVERS\ZTEusbnmea.sys] 
Service ZTEusbser6k [C:\Windows\system32\DRIVERS\ZTEusbser6k.sys] 
Service ZTEusbvoice [C:\Windows\system32\DRIVERS\ZTEusbvoice.sys] 
Service {010B9879-A692-401A-AE4C-02616152CCA3} [???] 
Service {04055E65-14F7-454D-9876-4A98A93048EA} [???] 
Service {57DCCCA3-54D7-43B8-A0D2-C365CA1878B6} [???] 
Service {7F8EF2D5-B4B5-4A56-9FC4-6C3DC1AEA36D} [???] 
Service {8DEC1CFC-C630-46AF-A809-0EEE083611EC} [???] 
Service {A6BF3346-F30C-479B-86FC-072EA1338162} [???] 
Service {AA2D8900-E8AB-4BC1-9EEF-2C1F60ADF1E4} [???] 
Scan finished: Sonntag, 23. September 2012 12:19:27
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0
----------
          | 
|  24.09.2012, 18:03 | #12 | 
| /// Winkelfunktion /// TB-Süch-Tiger™       |   Virenwarnung von web.de bekommen, daraufhin Login gesperrt Das sind aber nicht die Logs, nach denen ich gefragt hatte!  Ich wollte die von Avast protokollierten Funde sehen, warum zeigst du mir da Logs vom Avast-Rootkitscanner? 
				__________________ Logfiles bitte immer in CODE-Tags posten   | 
|  | 
| Themen zu Virenwarnung von web.de bekommen, daraufhin Login gesperrt | 
| antivirus, autorun, bho, converter, error, excel, fehler, firefox, flash player, format, google, home, ib updater, iexplore.exe, incredibar toolbar, install.exe, internet, launch, logfile, microsoft office starter 2010, mozilla, mp3, oneclickdownloader, plug-in, realtek, registry, richtlinie, rundll, safer networking, software, svchost.exe, sweetim, systemcare, tarma, usb 2.0, virenwarnung, vodafone, warnung, web.de, windows, windows-explorer, wiso, wrapper, yontoo |