| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bundespolizei - Trojaner 1.13 - Window 7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.07.2012, 11:04
| #1 |
| |  Bundespolizei - Trojaner 1.13 - Window 7 Hi, ich habe seit heute auch den Trojaner, anscheinend Version 1.13. OS: Windows 7 64 Bit. Unten die Logs von Malwarebytes und OTL. Könnt ihr mir helfen? Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.24.03 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Tobi :: IBOT [Administrator] 24.07.2012 09:16:38 mbam-log-2012-07-24 (09-16-38).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 506381 Laufzeit: 15 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Tobi\0.7164734256573202.exe (Trojan.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter OTL logfile created on: 24.07.2012 11:53:02 - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Tobi\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.85 Gb Total Physical Memory | 6.59 Gb Available Physical Memory | 83.96% Memory free 15.70 Gb Paging File | 14.58 Gb Available in Paging File | 92.86% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111.79 Gb Total Space | 31.19 Gb Free Space | 27.90% Space Free | Partition Type: NTFS Computer Name: IBOT | User Name: Tobi | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobi\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Program Files (x86)\Gemalto\PKCS11 for .NET V2 smart cards\gtop11dotnet.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (DirMngr) -- C:\Program Files (x86)\GnuPG\dirmngr.exe () SRV - (tvnserver) -- C:\Programme\TightVNC\tvnserver.exe (GlavSoft LLC.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe () SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (niLXIDiscovery) -- C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation) SRV - (mxssvr) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation) SRV - (NITaggerService) -- C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation) SRV - (NIDomainService) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation) SRV - (lkTimeSync) -- C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) SRV - (lkClassAds) -- C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation) SRV - (NINetworkDiscovery) -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (nimDNSResponder) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) SRV - (niSvcLoc) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) SRV - (NIApplicationWebServer64) -- C:\Programme\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) SRV - (NIApplicationWebServer) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (EgisTec Service) -- C:\Program Files (x86)\Acer Bio Protection\EgisService.exe (Egis Technology Inc. ) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (LkCitadelServer) -- C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.) SRV - (NILM License Manager) -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation) SRV - (nipxirmu) -- C:\Windows\SysWOW64\nipxism.exe (National Instruments Corporation) SRV - (nidevldu) -- C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation) SRV - (ni488enumsvc) -- C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (OpcEnum) -- C:\Windows\SysWOW64\Opcenum.exe (OPC Foundation) SRV - (ANSYS, Inc. License Manager) -- C:\Programme\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe (ANSYS, Inc.) SRV - (GslShmSrvc) -- C:\Program Files (x86)\Gemalto\Classic Client\BIN\GslShmSrvc.exe (Gemalto) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (NiViPxiK) -- C:\Windows\SysNative\drivers\NiViPxiKl.sys (National Instruments Corporation) DRV:64bit: - (NiViPciK) -- C:\Windows\SysNative\drivers\NiViPciKl.sys (National Instruments Corporation) DRV:64bit: - (nipalfwedl) -- C:\Windows\SysNative\drivers\nipalfwedl.sys (National Instruments Corporation) DRV:64bit: - (nipalusbedl) -- C:\Windows\SysNative\drivers\nipalusbedl.sys (National Instruments Corporation) DRV:64bit: - (NIPALK) -- C:\Windows\SysNative\drivers\nipalk.sys (National Instruments Corporation) DRV:64bit: - (nifslk) -- C:\Windows\SysNative\drivers\nifslkl.sys (National Instruments Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (ni1065k) -- C:\Windows\SysNative\drivers\ni1065k.sys (National Instruments Corporation) DRV:64bit: - (ni1045k) -- C:\Windows\SysNative\drivers\ni1045kl.sys (National Instruments Corporation) DRV:64bit: - (nipxibrc) -- C:\Windows\SysNative\drivers\nipxibrc.sys (National Instruments Corporation) DRV:64bit: - (ni1006k) -- C:\Windows\SysNative\drivers\ni1006k.sys (National Instruments Corporation) DRV:64bit: - (nipxibaf) -- C:\Windows\SysNative\drivers\nipxibaf.sys (National Instruments Corporation) DRV:64bit: - (nicsrk) -- C:\Windows\SysNative\drivers\nicsrkl.sys (National Instruments Corporation) DRV:64bit: - (niraptrk) -- C:\Windows\SysNative\drivers\niraptrkl.sys (National Instruments Corporation) DRV:64bit: - (nicondrk) -- C:\Windows\SysNative\drivers\nicondrkl.sys (National Instruments Corporation) DRV:64bit: - (nicmrk) -- C:\Windows\SysNative\drivers\nicmrkl.sys (National Instruments Corporation) DRV:64bit: - (niswdk) -- C:\Windows\SysNative\drivers\niswdkl.sys (National Instruments Corporation) DRV:64bit: - (nidsark) -- C:\Windows\SysNative\drivers\nidsarkl.sys (National Instruments Corporation) DRV:64bit: - (niufurk) -- C:\Windows\SysNative\drivers\niufurkl.sys (National Instruments Corporation) DRV:64bit: - (nixsrk) -- C:\Windows\SysNative\drivers\nixsrkl.sys (National Instruments Corporation) DRV:64bit: - (niemrk) -- C:\Windows\SysNative\drivers\niemrkl.sys (National Instruments Corporation) DRV:64bit: - (niwfrk) -- C:\Windows\SysNative\drivers\niwfrkl.sys (National Instruments Corporation) DRV:64bit: - (nissrk) -- C:\Windows\SysNative\drivers\nissrkl.sys (National Instruments Corporation) DRV:64bit: - (niesrk) -- C:\Windows\SysNative\drivers\niesrkl.sys (National Instruments Corporation) DRV:64bit: - (nistc3rk) -- C:\Windows\SysNative\drivers\nistc3rkl.sys (National Instruments Corporation) DRV:64bit: - (nitiork) -- C:\Windows\SysNative\drivers\nitiorkl.sys (National Instruments Corporation) DRV:64bit: - (nimsdrk) -- C:\Windows\SysNative\drivers\nimsdrkl.sys (National Instruments Corporation) DRV:64bit: - (nidmxfk) -- C:\Windows\SysNative\drivers\nidmxfkl.sys (National Instruments Corporation) DRV:64bit: - (nimxpk) -- C:\Windows\SysNative\drivers\nimxpkl.sys (National Instruments Corporation) DRV:64bit: - (nimstsk) -- C:\Windows\SysNative\drivers\nimstskl.sys (National Instruments Corporation) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (FPSensor) -- C:\Windows\SysNative\drivers\FPSensor.sys (Egis Technology Inc.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (hhdspmc64) -- C:\Windows\SysNative\drivers\hhdspmc64.sys (HHD Software Ltd.) DRV:64bit: - (nisdigk) -- C:\Windows\SysNative\drivers\nisdigkl.sys (National Instruments Corporation) DRV:64bit: - (nicdrk) -- C:\Windows\SysNative\drivers\nicdrkl.sys (National Instruments Corporation) DRV:64bit: - (ni488lock) -- C:\Windows\SysNative\drivers\ni488lock.sys (National Instruments Corporation) DRV:64bit: - (nisftk) -- C:\Windows\SysNative\drivers\nisftkl.sys (National Instruments Corporation) DRV:64bit: - (ninshsdk) -- C:\Windows\SysNative\drivers\ninshsdkl.sys (National Instruments Corporation) DRV:64bit: - (nipxirmk) -- C:\Windows\SysNative\drivers\nipxirmkl.sys (National Instruments Corporation) DRV:64bit: - (nispdk) -- C:\Windows\SysNative\drivers\nispdkl.sys (National Instruments Corporation) DRV:64bit: - (niscdk) -- C:\Windows\SysNative\drivers\niscdkl.sys (National Instruments Corporation) DRV:64bit: - (nimxdfk) -- C:\Windows\SysNative\drivers\nimxdfkl.sys (National Instruments Corporation) DRV:64bit: - (NIEthernetDeviceEnumerator) -- C:\Windows\SysNative\drivers\niede.sys (National Instruments Corporation) DRV:64bit: - (nipxigpk) -- C:\Windows\SysNative\drivers\nipxigpk.sys (National Instruments Corporation) DRV:64bit: - (nidimk) -- C:\Windows\SysNative\drivers\nidimkl.sys (National Instruments Corporation) DRV:64bit: - (nimdbgk) -- C:\Windows\SysNative\drivers\nimdbgkl.sys (National Instruments Corporation) DRV:64bit: - (nipbcfk) -- C:\Windows\SysNative\drivers\nipbcfk.sys (National Instruments Corporation) DRV:64bit: - (nistcrk) -- C:\Windows\SysNative\drivers\nistcrkl.sys (National Instruments Corporation) DRV:64bit: - (nimru2k) -- C:\Windows\SysNative\drivers\nimru2kl.sys (National Instruments Corporation) DRV:64bit: - (GemCCID) -- C:\Windows\SysNative\drivers\GemCCID.sys (Gemalto) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (niorbk) -- C:\Windows\SysNative\drivers\niorbkl.sys (National Instruments Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (nistc2k) -- C:\Windows\SysNative\drivers\nistc2kl.sys (National Instruments Corporation) DRV:64bit: - (lvalarmk) -- C:\Windows\SysNative\drivers\lvalarmk.sys (National Instruments Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.funmoods.com/?f=1&a=ddrnw IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E2 FA C4 B7 47 29 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {C03BE1C2-5105-4E98-BDC0-3C437350A90F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{C03BE1C2-5105-4E98-BDC0-3C437350A90F}: "URL" = hxxp://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86 FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.7 FF - prefs.js..extensions.enabledItems: coc@ble.pl:2.2.0.3.7 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.1.30 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..network.proxy.autoconfig_url: "hxxp://proxy.fem.tu-ilmenau.de/proxy.pac" FF - prefs.js..network.proxy.backup.ftp: "141.24.53.249" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "141.24.53.249" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "141.24.53.249" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "141.24.53.249" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "www-proxy.t-online.de" FF - prefs.js..network.proxy.gopher_port: 80 FF - prefs.js..network.proxy.http: "141.24.53.249" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "141.24.53.249" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.socks_version: 4 FF - prefs.js..network.proxy.ssl: "141.24.53.249" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Acer Bio Protection\FFExt [2012.05.03 18:48:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.20 19:23:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.11 07:30:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.16 13:29:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.05.03 18:14:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Extensions [2012.07.14 22:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\vtifbk7n.default\extensions [2012.05.04 10:44:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\vtifbk7n.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2012.05.04 16:37:38 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\vtifbk7n.default\extensions\DeviceDetection@logitech.com [2012.05.06 22:16:34 | 000,001,799 | ---- | M] () -- C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vtifbk7n.default\searchplugins\funmoods.xml [2010.08.05 10:03:20 | 000,002,252 | ---- | M] () -- C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vtifbk7n.default\searchplugins\ipv6-google-search.xml [2009.09.23 16:21:50 | 000,000,952 | ---- | M] () -- C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vtifbk7n.default\searchplugins\youtube-videosuche.xml [2012.07.20 19:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.20 19:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2012.06.04 12:18:35 | 000,505,801 | ---- | M] () (No name found) -- C:\USERS\TOBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VTIFBK7N.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI [2012.06.24 12:26:25 | 000,344,664 | ---- | M] () (No name found) -- C:\USERS\TOBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VTIFBK7N.DEFAULT\EXTENSIONS\AUTOPAGER@MOZILLA.ORG.XPI [2012.02.14 01:26:20 | 000,131,094 | ---- | M] () (No name found) -- C:\USERS\TOBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VTIFBK7N.DEFAULT\EXTENSIONS\SOCIALFIXER@MATTKRUSE.COM.XPI [2012.07.17 23:15:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.06.09 18:05:10 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll [2011.06.22 11:43:54 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll [2009.10.22 09:28:40 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll [2008.12.10 14:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2010.10.19 18:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll [2012.07.17 23:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.17 23:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.17 23:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.17 23:52:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.17 23:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.17 23:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://start.funmoods.com/?f=1&a=ddrnw CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://start.funmoods.com/?f=1&a=ddrnw CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: SumatraPDF Browser Plugin (Enabled) = C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll CHR - plugin: Google Update (Enabled) = C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NI Update Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe (National Instruments) O4 - HKLM..\Run: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [RegTool] C:\Program Files (x86)\Gemalto\Classic Client\BIN\RegTool.exe () O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\Acer Bio Protection\EgisTSR.exe (Egis Technology Inc. ) O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Tobi\AppData\Local\Akamai\netsession_win.exe" File not found O4 - HKCU..\Run: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe () O4 - HKCU..\Run: [qdjwfoqfwctited] C:\ProgramData\qdjwfoqf.exe () O4 - HKCU..\Run: [StrokeIt] C:\Program Files (x86)\StrokeIt\StrokeIt.exe () O4 - Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Psi.lnk = C:\Program Files (x86)\Psi\Psi.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 141.24.53.248 141.24.53.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F08A7EE-2E62-4DA7-97F4-35E8590CDDF7}: DhcpNameServer = 141.24.53.248 141.24.53.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F1DC218-ED83-43D8-AA5D-553FC02B8E21}: DhcpNameServer = 141.24.53.248 141.24.53.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F1DC218-ED83-43D8-AA5D-553FC02B8E21}: Domain = fem.tu-ilmenau.de O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9B1F1B3-A96F-4184-A918-084C10E8C9C6}: DhcpNameServer = 141.24.53.248 141.24.53.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9B1F1B3-A96F-4184-A918-084C10E8C9C6}: Domain = fem.tu-ilmenau.de O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.24 11:39:36 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Tobi\Desktop\OTL.exe [2012.07.24 09:15:56 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Malwarebytes [2012.07.24 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.24 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.24 09:15:53 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.24 09:15:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.24 08:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\lqdenbynwxmheay [2012.07.19 17:29:18 | 000,000,000 | ---D | C] -- C:\Campus EM Griechenland [2012.07.19 17:27:09 | 000,000,000 | ---D | C] -- C:\Fotos Campus EM Dänemark [2012.07.19 15:34:56 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\MiKTeX [2012.07.19 15:34:55 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\MiKTeX [2012.07.19 15:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 [2012.07.19 15:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX [2012.07.19 15:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\MiKTeX 2.9 [2012.07.19 13:01:11 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\xm1 [2012.07.19 12:54:53 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker [2012.07.19 12:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker [2012.07.19 12:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Texmaker [2012.07.15 22:07:52 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\My Videos [2012.07.15 22:07:51 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\CyberLink [2012.07.15 22:05:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam [2012.07.15 22:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer [2012.07.15 00:14:43 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\MetaGeek,_LLC [2012.07.15 00:03:33 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek [2012.07.15 00:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek [2012.07.13 00:02:53 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Neuer Ordner [2012.07.11 22:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JKI [2012.07.11 22:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JKI [2012.07.11 22:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\JKI [2012.07.11 08:38:54 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\LabVIEW Data [2012.07.11 07:25:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cvirte [2012.07.11 07:25:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cvirte [2012.07.11 07:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\IVI Foundation [2012.07.11 07:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\IVI Foundation [2012.07.11 07:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IVI Foundation [2012.07.11 07:22:56 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software [2012.07.11 07:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HI-TECH Software [2012.07.11 07:22:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\National Instruments [2012.07.11 07:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments [2012.07.11 07:16:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules [2012.07.11 07:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\National Instruments [2012.07.11 07:15:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\National Instruments [2012.07.09 18:24:50 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\Arduino [2012.07.09 18:24:50 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Arduino [2012.07.09 18:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tera Term [2012.07.09 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\teraterm [2012.07.09 16:46:30 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CommFront [2012.07.09 16:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CommFront [2012.07.09 16:41:59 | 000,039,472 | ---- | C] (HHD Software Ltd.) -- C:\Windows\SysNative\drivers\hhdspmc64.sys [2012.07.09 16:41:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.07.09 16:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\HHD Software [2012.07.09 13:19:11 | 000,154,624 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysNative\drivers\ser2pl64.sys [2012.07.09 13:19:11 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysWow64\SER9PL.sys [2012.07.04 17:08:10 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\ElevatedDiagnostics [2012.06.24 12:29:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.06.24 12:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gemalto [2012.06.24 12:27:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GPinPad [2012.06.24 12:27:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\gpccard [2012.06.24 12:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Gemalto [2012.05.04 17:23:55 | 001,157,352 | ---- | C] (SoftPerfect Research) -- C:\Program Files\netscan.exe [2012.05.04 15:44:31 | 000,483,328 | ---- | C] (Simon Tatham) -- C:\Program Files\putty.exe ========== Files - Modified Within 30 Days ========== [2012.07.24 11:51:53 | 000,000,168 | ---- | M] () -- C:\Users\Tobi\defogger_reenable [2012.07.24 11:51:24 | 000,050,477 | ---- | M] () -- C:\Users\Tobi\Desktop\Defogger.exe [2012.07.24 11:40:57 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.24 11:40:57 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.24 11:40:57 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.24 11:40:57 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.24 11:40:57 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.24 11:39:37 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Tobi\Desktop\OTL.exe [2012.07.24 11:36:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.24 11:36:45 | 2028,212,223 | -HS- | M] () -- C:\hiberfil.sys [2012.07.24 09:16:13 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.24 08:59:25 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.24 08:59:25 | 000,020,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.24 08:47:33 | 000,000,051 | ---- | M] () -- C:\ProgramData\oizvggwsokvizxg [2012.07.24 08:47:29 | 000,057,344 | ---- | M] () -- C:\ProgramData\qdjwfoqf.exe [2012.07.24 08:32:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1075945210-3722903961-1690909599-1000UA.job [2012.07.23 19:32:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1075945210-3722903961-1690909599-1000Core.job [2012.07.23 15:15:05 | 000,000,600 | ---- | M] () -- C:\Users\Tobi\AppData\Local\PUTTY.RND [2012.07.22 20:18:54 | 002,185,425 | ---- | M] () -- C:\Users\Tobi\Desktop\test.jpg [2012.07.22 20:11:22 | 002,818,302 | ---- | M] () -- C:\Users\Tobi\Desktop\test.psd [2012.07.20 01:11:40 | 007,918,974 | ---- | M] () -- C:\Users\Tobi\Desktop\dsc_1461.jpg [2012.07.15 00:03:33 | 000,003,039 | ---- | M] () -- C:\Users\Tobi\Desktop\inSSIDer.lnk [2012.07.14 00:17:20 | 005,220,627 | ---- | M] () -- C:\Users\Tobi\Desktop\ilm1-2010200304.pdf [2012.07.12 13:24:34 | 000,095,920 | ---- | M] () -- C:\Users\Tobi\Desktop\Unbenannt-1.jpg [2012.07.11 08:27:50 | 000,459,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.11 08:26:10 | 000,167,878 | ---- | M] () -- C:\Windows\SysWow64\niorbmap [2012.07.11 07:20:26 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Measurement & Automation.lnk [2012.07.11 07:17:48 | 000,001,223 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2012.07.09 20:07:50 | 000,000,510 | ---- | M] () -- C:\Windows\SysNative\Simias.UninstallLog [2012.07.09 20:07:50 | 000,000,468 | ---- | M] () -- C:\Windows\SysNative\iFolderApp.UninstallLog [2012.07.09 20:07:32 | 000,000,024 | ---- | M] () -- C:\Users\Tobi\AppData\Local\domain.list [2012.07.09 18:04:07 | 000,001,889 | ---- | M] () -- C:\Users\Tobi\Desktop\Tera Term.lnk [2012.07.09 16:46:30 | 000,002,865 | ---- | M] () -- C:\Users\Tobi\Desktop\232Analyzer.lnk [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.29 14:49:27 | 000,004,764 | ---- | M] () -- C:\Users\Tobi\Desktop\Unbenannt 1.csv [2012.06.24 12:50:08 | 000,014,274 | ---- | M] () -- C:\Users\Tobi\Desktop\ImmatrikulationVS55362a74-fdfe-47a3-94e4-d68b9be99b6c.pdf [2012.06.24 12:49:50 | 000,014,271 | ---- | M] () -- C:\Users\Tobi\Desktop\Immatrikulationfc795f5c-22f9-4e7e-a1a3-b5b639381b9e.pdf ========== Files Created - No Company Name ========== [2012.07.24 11:51:53 | 000,000,168 | ---- | C] () -- C:\Users\Tobi\defogger_reenable [2012.07.24 11:51:24 | 000,050,477 | ---- | C] () -- C:\Users\Tobi\Desktop\Defogger.exe [2012.07.24 09:15:54 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.24 08:47:32 | 000,057,344 | ---- | C] () -- C:\ProgramData\qdjwfoqf.exe [2012.07.24 08:47:29 | 000,000,051 | ---- | C] () -- C:\ProgramData\oizvggwsokvizxg [2012.07.22 20:11:28 | 002,185,425 | ---- | C] () -- C:\Users\Tobi\Desktop\test.jpg [2012.07.22 20:06:52 | 002,818,302 | ---- | C] () -- C:\Users\Tobi\Desktop\test.psd [2012.07.20 01:11:39 | 007,918,974 | ---- | C] () -- C:\Users\Tobi\Desktop\dsc_1461.jpg [2012.07.15 00:03:33 | 000,003,039 | ---- | C] () -- C:\Users\Tobi\Desktop\inSSIDer.lnk [2012.07.14 00:17:20 | 005,220,627 | ---- | C] () -- C:\Users\Tobi\Desktop\ilm1-2010200304.pdf [2012.07.12 11:10:49 | 000,095,920 | ---- | C] () -- C:\Users\Tobi\Desktop\Unbenannt-1.jpg [2012.07.11 22:48:12 | 000,002,296 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LabVIEW Tools Network.lnk [2012.07.11 22:48:11 | 000,002,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VI Package Manager.lnk [2012.07.11 07:25:59 | 000,167,878 | ---- | C] () -- C:\Windows\SysWow64\niorbmap [2012.07.11 07:20:26 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Measurement & Automation.lnk [2012.07.11 07:18:34 | 000,001,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments LabVIEW 2011 (32 Bit).lnk [2012.07.11 07:17:48 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2012.07.09 20:07:50 | 000,000,510 | ---- | C] () -- C:\Windows\SysNative\Simias.UninstallLog [2012.07.09 20:07:50 | 000,000,468 | ---- | C] () -- C:\Windows\SysNative\iFolderApp.UninstallLog [2012.07.09 18:04:07 | 000,001,889 | ---- | C] () -- C:\Users\Tobi\Desktop\Tera Term.lnk [2012.07.09 16:46:30 | 000,002,865 | ---- | C] () -- C:\Users\Tobi\Desktop\232Analyzer.lnk [2012.07.09 13:19:11 | 000,026,719 | ---- | C] () -- C:\Windows\SysWow64\SERSPL.VXD [2012.06.29 14:26:09 | 000,004,764 | ---- | C] () -- C:\Users\Tobi\Desktop\Unbenannt 1.csv [2012.06.24 12:50:09 | 000,014,274 | ---- | C] () -- C:\Users\Tobi\Desktop\ImmatrikulationVS55362a74-fdfe-47a3-94e4-d68b9be99b6c.pdf [2012.06.24 12:49:55 | 000,014,271 | ---- | C] () -- C:\Users\Tobi\Desktop\Immatrikulationfc795f5c-22f9-4e7e-a1a3-b5b639381b9e.pdf [2012.06.18 15:17:16 | 000,871,424 | ---- | C] () -- C:\Program Files\Vorlesungsverzeichnis-v1.19.exe [2012.06.12 09:42:16 | 000,003,584 | ---- | C] () -- C:\Users\Tobi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.19 18:23:02 | 000,000,136 | ---- | C] () -- C:\Users\Tobi\file.err [2012.05.13 14:07:31 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2012.05.13 14:07:31 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2012.05.13 14:07:31 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2012.05.08 19:46:28 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.05.06 17:29:35 | 000,000,600 | ---- | C] () -- C:\Users\Tobi\AppData\Roaming\winscp.rnd [2012.05.05 09:37:10 | 000,000,024 | ---- | C] () -- C:\Users\Tobi\AppData\Local\domain.list [2012.05.04 15:46:06 | 000,000,600 | ---- | C] () -- C:\Users\Tobi\AppData\Local\PUTTY.RND [2012.05.03 21:53:48 | 000,007,605 | ---- | C] () -- C:\Users\Tobi\AppData\Local\Resmon.ResmonCfg [2012.05.03 18:43:58 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2012.03.19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.03.19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.03.19 23:31:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.03.19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.06.10 13:52:52 | 000,000,244 | ---- | C] () -- C:\Windows\SysWow64\nirpc.ini [2011.03.23 11:54:44 | 000,050,272 | ---- | C] () -- C:\Windows\SysWow64\nispdu.dll ========== LOP Check ========== [2012.05.08 20:39:42 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\.algor [2012.05.19 18:26:19 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Ansys [2012.07.09 18:24:50 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Arduino [2012.05.08 21:00:29 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Autodesk [2012.05.11 13:40:18 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\DAEMON Tools Lite [2012.05.08 17:33:21 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\DassaultSystemes [2012.05.05 09:33:47 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Downloaded Installations [2012.07.24 09:33:34 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Dropbox [2012.05.04 16:34:45 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\e-academy Inc [2012.05.08 19:38:11 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\EW4App [2012.05.25 23:10:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\FileZilla [2012.05.08 16:43:33 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\FreeCAD [2012.07.23 01:05:32 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\gnupg [2012.05.05 18:02:16 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\iFolder [2012.06.06 09:48:35 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\InfraRecorder [2012.06.01 16:56:20 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\IrfanView [2012.05.04 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Leadertech [2012.05.22 20:09:47 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\LibreOffice [2012.05.04 15:26:27 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Notepad++ [2012.05.04 10:06:46 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Psi+ [2012.05.05 09:36:59 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\simias [2012.05.05 09:36:35 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Subversion [2012.05.03 22:00:22 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\SumatraPDF [2012.05.04 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\TCB Networks [2012.05.04 11:03:26 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\Thunderbird [2012.05.26 12:07:13 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\TightVNC [2012.07.19 15:29:44 | 000,000,000 | ---D | M] -- C:\Users\Tobi\AppData\Roaming\xm1 [2009.07.14 07:08:49 | 000,015,750 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:1FB1CEE3 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A1EDB939 < End of report > Extras.txt: Code:
ATTFilter OTL Extras logfile created on: 24.07.2012 11:53:02 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Tobi\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.85 Gb Total Physical Memory | 6.59 Gb Available Physical Memory | 83.96% Memory free
15.70 Gb Paging File | 14.58 Gb Available in Paging File | 92.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 31.19 Gb Free Space | 27.90% Space Free | Partition Type: NTFS
Computer Name: IBOT | User Name: Tobi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{968E3142-D80F-4EA2-9168-DF8A05E9D62E}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{ECFB09EE-417F-48D0-A1E4-7380D5736BBD}" = lport=3389 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{7D1BFEA2-7EB6-428A-B92E-11B160B6DF3B}" = protocol=17 | dir=in | app=c:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe |
"{A1B3113F-9286-4EA1-BAA0-2168570E977B}" = dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |
"{D0E1BBB1-27FB-4791-AAB7-E3D6B6E1FD1B}" = protocol=6 | dir=in | app=c:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe |
"{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |
"{EA30D05A-9AE8-4D94-8273-CA755C3AE4CD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{0E99B79A-042B-4A52-8CBB-EE6687858FFB}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{1E087AE5-1BB1-438B-AEF5-8656882557D6}C:\program files (x86)\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"TCP Query User{29CB8122-EA18-4986-B32E-377056373A9E}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
"TCP Query User{2D7D562A-5637-49BE-9FA8-E427F5C95738}C:\users\tobi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\tobi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{3358AB32-3803-4E61-8C21-EB57BA0CEB06}C:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe |
"TCP Query User{338FEF44-12F7-4900-AC6B-41C43380836F}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe |
"TCP Query User{387674EA-0AB3-4630-B8B5-79BE6C8E0E79}C:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe |
"TCP Query User{62972858-9BA5-4176-9287-365969C041D6}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe |
"TCP Query User{65E5BC96-B0AB-446F-A765-947D3C63546C}C:\program files (x86)\psi+\psi-plus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\psi+\psi-plus.exe |
"TCP Query User{769339A7-75DA-4A44-85B3-F066C8EC244C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{78A457D3-AB89-4FB8-9DC5-7AD15C1E01CB}C:\program files\ansys inc\v120\commonfiles\jre\winx64\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\jre\winx64\bin\java.exe |
"TCP Query User{7A0EB05A-BC05-4816-84C8-596FE97485FD}C:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{846B335B-7ADC-45EF-B36E-CC4809FF110B}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{84F222B0-DED4-43C8-9D77-BCD8CD9A9AA7}C:\program files (x86)\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"TCP Query User{88EEB672-5F98-4A5F-ADDD-5C747AC97E1C}C:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe |
"TCP Query User{9130554A-FF6B-46D8-83F8-CED1042277EA}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe |
"TCP Query User{99A829CE-A001-49D0-AECC-22E32AADA3B7}C:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe |
"TCP Query User{A375F456-5763-447A-BADD-0B048CEAB687}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{A40856FC-353E-4845-A764-15E3318DA84E}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe |
"TCP Query User{A970DA90-1010-43DF-98A4-4DF918F4B4DE}C:\program files (x86)\national instruments\labview 2011\labview.exe" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\labview 2011\labview.exe |
"TCP Query User{B50E475B-0C61-4F33-8D2A-0663BD46D79C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{B6B1D14F-0152-4D17-B749-88D7FE4BF291}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe |
"TCP Query User{C3217CD8-DDED-4130-8EBA-CE6505FE58D6}C:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe |
"TCP Query User{C38201E2-7766-4E8E-8C3E-45CA78C4F21C}C:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe |
"TCP Query User{D2C680C4-BD16-4B31-AF06-9C01C19543F3}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe |
"TCP Query User{D820191C-5954-4142-8D55-DCF29567AFCF}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
"TCP Query User{DB62BB06-7553-4EF4-9C4D-E215AB826E85}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"TCP Query User{ED8A04DE-3AC9-4CD0-B6C3-CF529DDFB4EA}C:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe |
"TCP Query User{F0188D0F-60DD-4B3A-80C1-882E97A34E60}C:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe" = protocol=6 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe |
"TCP Query User{FA8BFBCC-E47E-41B3-9944-800603765F34}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"TCP Query User{FF1B2041-858E-4249-8565-FA30BEB6935B}C:\users\tobi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\tobi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{0BE82192-3B06-4F3D-8ABA-9686A50E2D89}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{0BEFB6CE-3E7F-49BF-B777-FB63CC202E7D}C:\program files (x86)\psi+\psi-plus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\psi+\psi-plus.exe |
"UDP Query User{0EDFD3C8-39DE-4857-9E80-CF8569A63EBF}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe |
"UDP Query User{1E8993AA-9381-40E5-A996-0D97E9213EAA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{1FB58EE1-8F90-475B-9465-E15A3ABF5B6F}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe |
"UDP Query User{21FAF04C-163F-4735-A4DE-4791B7AD8D76}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{3202F427-A592-4B31-97E1-BF34376897CB}C:\users\tobi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\tobi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{33E2DD11-E064-4B11-A1C2-C3841E7B42DC}C:\program files\ansys inc\v120\commonfiles\jre\winx64\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\jre\winx64\bin\java.exe |
"UDP Query User{3D52A538-C013-4864-8EF6-A267E8440A07}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.jmhost.exe |
"UDP Query User{49595CF0-68F6-4139-9985-509A883954CD}C:\program files (x86)\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"UDP Query User{5957B05B-8063-4AA8-9184-57C38593E46A}C:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe |
"UDP Query User{5CCBD879-4438-4FED-A87C-6DC4118E4788}C:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansys.solvermanager.exe |
"UDP Query User{6FE06232-195B-49DC-B177-102C31E22622}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe |
"UDP Query User{7392714C-DDDE-4997-82A3-2A3BCF21ABB9}C:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe |
"UDP Query User{7B0058D7-4703-440A-AC43-CC83FF0FF936}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe |
"UDP Query User{87DB5A61-986D-4521-9F8E-99F7ECE8EB6C}C:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\commonfiles\tcl\bin\winx64\wish.exe |
"UDP Query User{880D42AA-A2FB-4D24-9059-E2D55FABCFA6}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"UDP Query User{9596493A-2705-415E-B52C-8A255BB29458}C:\users\tobi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\tobi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A255568C-8A5A-47B2-A031-D5849A6C8519}C:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobi\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{AD52665C-E7E2-47C4-AA14-35C7A23F505A}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
"UDP Query User{B68F25FC-33BD-4418-8504-AE8311D2B694}C:\program files (x86)\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"UDP Query User{B7309AE0-4FD6-479B-9782-A34393C613EC}C:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe |
"UDP Query User{D6A20F15-ABC7-4533-9CF6-780A708531AD}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{DDE95222-0051-4862-83F9-2A372FECD8D9}C:\program files (x86)\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"UDP Query User{DEF20748-8130-4C10-8CF3-D7698ABE6C83}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{E6A4BAB7-F008-49B7-A3D8-0B38D67D174A}C:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe |
"UDP Query User{E7EADF3C-D947-4510-BD6D-A9F05E97752C}C:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\rsm\bin\ans.rsm.shhost.exe |
"UDP Query User{F60DCBB4-28AD-4AFE-A042-AC552828CDBA}C:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\framework\bin\win64\ansysfww.exe |
"UDP Query User{FBD10287-6FAB-4BED-A917-9F1F75C7C758}C:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe" = protocol=17 | dir=in | app=c:\program files\ansys inc\v120\aisol\bin\winx64\ansyswbu.exe |
"UDP Query User{FC357F0D-40DC-444E-A0D5-4B56773E34D2}C:\program files (x86)\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\openvpn\bin\openvpn.exe |
"UDP Query User{FDC42AD8-D97F-474F-ACDC-2C0D44F602F8}C:\program files (x86)\national instruments\labview 2011\labview.exe" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\labview 2011\labview.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020DFD6B-8032-4237-9B68-BC5B1E42A684}" = NI Ethernet Device Enumerator 64-Bit
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0548BBBB-0511-4EF0-93E5-1234B023CB09}" = NI-DAQmx Switch Core for 64 Bit Windows 2.2.0
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B7AFE8D-1265-4025-AD23-3624CEAD4F3C}" = NI Xalan Delay Load 1.10.1 64-bit
"{0B94017B-7924-4774-8444-16B992B4EA4E}" = NI STC for 64 Bit Windows 1.10.0
"{0D5534F6-AF96-489F-A69F-082199EE027F}" = NI Authentication 2.0 (64-bit)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{133458D4-55CA-4D3C-A83E-52156CCE3ACB}" = NI IVI Class Drivers (64-bit)
"{15707222-66D9-4053-B0B3-4F1071565E1A}" = NI-488.2 for Windows x64 version 2.8.1
"{1778742E-59D3-4090-AB8A-DAA281D66772}" = NI Assistant Framework 64-bit
"{1BA584C3-654B-4162-B1A3-386B05C3C2BC}" = NI IVI Compliance Package 4.4 (64-bit)
"{1C174277-CE5D-44A2-888F-2522A8B4739D}" = NI DataSocket 4.9 (64 Bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{253843AC-CF8F-4F4C-B942-59FE46BD7C84}" = NI PXI Platform Framework 1.3.2 64-bit
"{29D5C4E9-1956-4F06-AA30-88CAEA33E1C1}" = NI-DAQmx MAX Support 64-bit 2.2.0
"{2C304E7A-A1E0-4E56-8679-7B7FC80BE6BE}" = NI-RPC 4.2.2f0 for 64 Bit Windows
"{3268C8FE-AEA7-48A0-ACA5-776CF8A9852F}" = NI-MDBG 1.10.0f0 for 64 Bit Windows
"{33E1FE8C-739F-479C-BDB2-E4D3D6BC1C54}" = NI FSL Installer for 64-Bit Windows 1.13.0
"{36399014-1508-46F3-A31B-379C3B1FC451}" = NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5
"{36EA334E-C5A9-4A63-8C6C-0145A1242760}" = NI-MRU 2.11.1f0 for 64 Bit Windows
"{394E442A-637D-43EF-B402-4CFD88263CF0}" = Broadcom Gigabit Integrated Controller
"{3AFD5259-24B6-4332-8EEF-9947200DF693}" = NI GMP Windows 64-bit Installer 11.0.0
"{4168FF33-8D45-40B3-B2A8-FD91BB2A1BA0}" = NI mDNS Responder 1.6 for Windows 64-bit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E07E126-991F-4BA4-A0B9-35A54DAB3B33}" = NI-ORB 1.9.3f0 for 64 Bit Windows
"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)
"{4EE0B022-366F-432B-98C6-4EB27C87774E}" = NI Math Kernel Libraries (64-bit)
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{50B2D9D8-87B6-49EE-BC5C-874119FD6B7B}" = NI Xerces Delay Load 2.7.3 64-bit
"{53794485-921A-4C71-8E82-6F5A15E9ECBA}" = NI Network Discovery 5.0 for Windows 64-bit
"{55C0A3D4-E95F-4C7D-98CE-2A01353B06EF}" = NI Common Digital for 64 Bit Windows 1.13.0
"{5780B596-E0C0-4E78-8671-6C80D2913366}" = NI TDMS (64-bit)
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{59AEDF7C-0D51-48A1-8829-3B4343319B68}" = NI-MXDF 1.11.5f1 for 64 Bit Windows
"{5C720EE4-F6A5-4BAD-ABC4-745D3D720EC9}" = NI Timing for 64 Bit Windows 2.3.0
"{5E3886A4-EAFC-40F6-A03E-14E594B1037D}" = NI Curl 1.1 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{678EB05F-D317-48C9-9C67-E33AE7C0F900}" = NI MXS 5.0.0 for 64 Bit Windows
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{723DFC01-183D-40E9-AE2E-4314ABC558D7}" = NI-653x Installer for 64 Bit Windows 1.9.4
"{75DD2A7A-D54F-4C1F-AE1F-5F023EDCCB26}" = NI RTSI UI Provider for 64 Bit Windows 1.0.0
"{8011A67E-2702-4A4E-867E-F491EF8A04B3}" = TightVNC
"{803E7FD0-02FE-440E-990A-77B0E50EC30B}" = NI Web Application Server 2.0 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82DA2AE0-AC4B-4D34-BE7D-B4C720A1E7D2}" = NI VC2008MSMs x64
"{85B6FB54-339C-497E-80D5-1FC27E31CD27}" = NI-MX Expert Framework for 64 Bit Windows 2.8.0
"{86D21310-28DA-4843-83A8-17807E6A846B}" = NI MIO Device Drivers for 64 Bit Windows 2.6.0
"{88E18DCA-12DF-477F-9921-A804BC43AD3B}" = NI Calibration Provider Help for 64 Bit Windows
"{895C2A25-8CB1-4DFE-9816-030841464F74}" = NI-DIM 1.11.0f0 for 64 Bit Windows
"{899576E7-3569-417F-8EFE-EB881BE22EDE}" = NI MAX Remote Configuration 64-bit Installer 5.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D4DAF79-8A5A-4469-9AB6-FC8B411AD8F7}" = Classic Client 6.0 for 64 bits
"{8E245224-4496-44F3-8229-69AD3000BA28}" = NI RTSI Cable Core Installer for 64 Bit Windows 1.0.0
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{922317D8-F321-4F43-9D50-03399CECD597}" = NI MAX Support for 64 Bit Windows
"{93142995-F7F2-41A3-990C-0A9041E8A788}" = NI-DAQmx Documentation for 64 bit Windows 9.3.5
"{974391A4-9358-4122-951C-CE73EF490A40}" = NI System Configuration Runtime 5.0.0 for Windows 64-bit
"{9852ECEE-C1A0-4D3B-9702-00097BD8BE80}" = NI System State Publisher (64-bit)
"{99ACA06A-648E-4045-BF5C-A79EC35DBEE9}" = NI Trace Engine (64-bit)
"{9CE96256-FAF1-4E48-9CA1-02F7ED80A2E6}" = NI Logos64 5.3.0
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{A2B07F9D-69FA-4BE8-A6B0-C0F13B5EDE62}" = NI USI 1.9.0 64-Bit
"{A336BF29-66E7-429E-A879-90B63A597496}" = NI IVI Engine (64-bit)
"{AC4088C0-E5F7-45F1-ACAB-0FB1C78AFA3F}" = NI Variable Engine (64-bit)
"{ACDE2A50-97CF-47FE-B92C-ED8147F85A9D}" = NI VC2005MSMs x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0E1F009-F570-4114-AA2D-95788A3E3EAA}" = NI-APAL 2.1 64-Bit Error Files
"{B262144E-0AD8-44DF-A733-82409F88A3C8}" = NI IVI Class Simulation Drivers (64-bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.83
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3ACDAEB-08E0-41F8-8789-D0A333AE4964}" = NI System Web Server Base 2.0 (64-bit)
"{B8F5F1F7-0A7B-4265-AAD5-AACFC4EA8E73}" = NI Dynamic Signal Acquisition for 64 Bit Windows 2.2.0
"{B9254715-D10D-4B4B-B002-54CBA61E6F64}" = NI LabVIEW Broker (64 bit)
"{C8786BF1-0278-4DAF-8015-EAF94CDF2F0C}" = NI-MXLC LabVIEW 2011 Support
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{CCD7A659-74D4-4577-A3FE-4E5C8C3AEF14}" = NI-PAL 2.7.0f0 for 64 Bit Windows
"{CFCC7864-15DB-46AB-96A2-69F716E7D963}" = NI Logos64 XT Support
"{CFE1A50A-762C-4802-82F0-AD3F2B08CF7A}" = NI-VISA 5.1.0 64-bit Support
"{D198B514-B24E-43FC-AE19-E634F48B928C}" = NI System API Windows 64-bit 5.0.0
"{D2D22BEE-B7F1-49D0-9ED6-86D0B2CEDFAD}" = TortoiseSVN 1.7.6.22632 (64 bit)
"{D5D8BFCD-C9F4-488A-B660-8876D02AA572}" = NI Portable Configuration for 64 Bit Windows 5.0.0
"{D6B2A074-836C-47C2-88B0-270C29192F3D}" = NI RTSI PAL Device Library Installer for 64 Bit Windows 1.0.0
"{D7CCDF1B-6819-4003-87BB-F6F1BDC48C2E}" = NI-MXLC LabVIEW 2009 Support
"{D91ACEAA-C14F-4172-8AF1-AD40FEE8E325}" = NI-MXLC Core (64-bit)
"{D9F81649-D7A6-4FA0-856C-76CDB1120F9D}" = NI Spy Windows 64 Support 3.0.0
"{DA798CB8-D760-47CC-BC55-AA864E8D22F1}" = NI DAQ Assistant 64-bit 2.0.0
"{DD9D1FE4-43FC-4FE2-940A-33A95F2AB348}" = NI LabWindows/CVI 2009 Run-Time Engine (64-bit)
"{E3867DF9-81D4-40BC-880C-1F134FECF995}" = NI Help Assistant (64bit)
"{E45B7F5F-A814-4C15-A0D6-14CEE02AD72D}" = NI SSL Support (64-bit)
"{E6819B9C-7279-4EFC-8426-968DB116F545}" = NI-VISA 5.1.0 Provider 64-bit Support
"{E807BDD0-9A9F-453B-992A-927F9499B668}" = NI PXI Hardware 64-bit Support 2.6.2
"{E9F226A6-A0FB-4077-B47E-DFB44825C659}" = NI-MXLC LabVIEW 2010 Support
"{EDC7187A-CA7C-472E-81CD-84806FDB1B6F}" = NI Math Kernel Libraries (64-bit)
"{F35499BF-B4E7-4C3F-8769-229D9DE3E07E}" = IVI Shared Component 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F63D3568-80A4-47AB-B97D-8988DF18BD0C}" = NI TDM Excel Add-In 3.3 64-bit
"{F71335BF-CF6B-4ACC-ABCE-BA9DF2031DB8}" = VISA Shared Components 64-Bit
"{F9F02D3A-2CF2-496A-B6BF-C63BD11738A2}" = NI SCXI for 64 Bit Windows 1.15.0
"{FB585470-EFFC-461E-9302-27CA43DD3A74}" = NI PXI SystemAPI Expert 64-bit 2.6.2
"{FDA5F940-CC93-4F8C-9316-A0E887A6FDAD}" = NI-VISA x64 support 5.1.1
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"sp6" = Logitech SetPoint 6.32
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0093CF58-3A00-46E0-A3E2-3E684E20C6A6}" = NI Instrument I/O Assistant
"{010A2C18-0830-45A0-BE2B-DD37A2D8A2FE}" = NI LabVIEW Run-Time Engine Interop 2011
"{0123C12C-3DEC-4428-ACE3-2E6676BAB894}" = NI STC 1.10.0
"{01415FEA-D7D9-40CF-9370-AF74ABC1AE39}" = NI System API Web-Servce 32-bit 5.0.0
"{01AC4D6A-05F0-4158-95E7-FC299961B50A}" = NI Math Kernel Libraries
"{033F0FD6-07E0-414A-8367-51EB862EFE12}" = Runtime für den NI-Systemkonfigurator 5.0.0
"{043955AD-7E11-4B6D-A317-B72F7BB87736}" = NI Assistant Framework LabVIEW 2011 Support
"{05617B99-0727-4FFB-AC8E-8F6427799C8F}" = NI-DAQmx/LabVIEW shared documentation 1.9.5
"{05C030B8-DC4F-489D-B86B-FC6B7DB3F607}" = NI SSL LabVIEW 2011 Support
"{0605BA5B-7041-482E-A7DC-C1B55DB6046A}" = NI-MXLC LabVIEW 2011 Support
"{066F687E-1CA0-4D94-A2C9-F8E6E817F4CB}" = NI LabVIEW Run-Time Engine 2011
"{070E052E-8D36-4B7E-B640-C75F12B2A76E}" = NI LabVIEW SignalExpress 2011 Licenses
"{08B760EF-E028-45B1-80E2-624F9C54F4CE}" = NI-MXLC Core (32-bit)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0B851303-5BA7-4C49-A9E1-59AAE27F663C}" = NI Ethernet Device Enumerator
"{0BD06981-453D-4336-9A47-5A0231B5CB22}" = NI-Netzwerkbrowser 5.0.0
"{0F49F0AC-B14D-40B7-9848-EBA6B3A5C123}" = NI LabWindows/CVI 2009 Run-Time Engine
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{105271B2-81E8-4C84-B820-590BFBC5F958}" = NI IVI Compliance Package 4.4
"{112FE5D5-EB7A-4795-B906-79FB08E936C6}" = NI-RPC 4.2.0f0 for Phar Lap ETS
"{126A258A-DF8C-4EF2-9780-0EEA4C76CE6D}" = NI Logos LabVIEW 2011 Support
"{1534B787-736A-404A-9983-B6952846E057}" = NI-DAQmx Documentation 9.3.5
"{16AE16D2-8895-4E4A-A6D5-7EB9055B6517}" = NI I/O Trace API LV2011
"{16DF18C7-7F56-48A4-9CDE-CB699DBB5B16}" = NI IVI Class Driver LabVIEW 2011 Support
"{1848995E-B449-4549-A914-2CEBC0BA27F2}" = NI IVI Online Help
"{1A609A84-71AF-4D96-962B-E060D34FD4AB}" = NI MetaSuite Installer
"{1B5ABB51-8AAB-4FBA-8987-9A8820756E2B}" = NI USI 1.9.0
"{1C6CED43-A5C1-4291-AA5C-912F26B90150}" = NI RTSI Cable Core Installer 1.0.0
"{1CC6055C-CF22-4FF3-A92E-2B8F7B505173}" = NI-MDBG 1.10.0f0
"{1D4843A4-5AE6-4CDF-BBC6-62DB47F5B381}" = NI RTSI PAL Device Library Installer 1.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{21816DDC-3737-4CD2-914A-82567EF6B928}" = NI-DAQ C and VB6 API 2.3.0
"{22923F17-B592-4A7F-84A8-18F3BFC13B94}" = NI Microsoft Silverlight Wrapper
"{22940D8E-2DE3-4A0E-A75C-1F1A9F5C5190}" = NI-MXLC LabVIEW 2010 Support
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24EEDE86-3CB5-485D-91E3-F630273A08FF}" = NI LabVIEW SignalExpress 2011 Core LabVIEW Support
"{268B0789-E2BF-4836-BF05-A6140B4983CA}" = NI MAX Remote Configuration Installer 5.0
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{27111B7A-97FE-46BD-81F9-4E87737DF803}" = NI LabVIEW 2011 MeasAppChm File
"{27286309-2433-4B7E-93AA-95C6D25DA08A}" = NI-MX Expert Framework 2.8.0
"{28C70D19-6DE9-43EF-BFA3-342F4A11B727}" = LibreOffice 3.5
"{292382C0-61F7-458A-9008-55F272A4DD9C}" = NI Logos 5.3.0
"{298008B1-AD82-4791-9BB8-863AD1408492}" = NI Uninstaller
"{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant
"{2BC9B2CE-D569-4ADC-A8A0-170F2FD57139}" = NI LabVIEW 2010 Real-Time NBFifo
"{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses
"{326913E3-E0AF-42A0-8860-BC4B9026DFA3}" = NI System Configuration 5.0.0 LabVIEW Support
"{32C26756-A756-43D2-900D-92CB44316602}" = NI Calibration Provider for MAX 5.0.0
"{3363E5BE-7FBF-424B-B26C-0041CE837DD0}" = NI LabVIEW SignalExpress 2011 Core LabVIEW 2011 Support
"{33AAA123-A24A-46A7-8CD6-F03C5B375033}" = NI TDM Excel Add-In 3.3
"{397E268E-FB51-4C23-A496-1031B8F1CCEE}" = NI AFW UI Assemblies
"{3A1504FB-7067-4E46-9AFA-A3C29C95E4DC}" = NI LabVIEW Run-Time Engine 8.2.1
"{3AC01660-F640-4AFB-A25E-082B260C025C}" = WIF Core Dependencies Windows 5.0.0
"{3AE9153C-1E52-4B6B-9405-FE403342A3C8}" = NI-Update-Dienst 2.0
"{3B12BE74-0FE6-4296-9ACC-C909CEAD8BB9}" = NI-DAQmx ADE Support 9.3.5
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CF95105-5857-4852-BF20-764B69C1881D}" = NI LabVIEW 2011
"{3D1F6E51-C98C-4C01-8170-D2DBF2837F13}" = NI LabVIEW Merge Utility 11.0.0
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4067DBF1-91AF-445E-A34E-00707F214B49}" = NI IVI Class Simulation Drivers
"{40A3EF24-FBB9-4261-84BF-D1C312680C5B}" = NI FSL Installer 1.13.0
"{415780C0-4A19-4567-AAAE-10CCB9832B13}" = NI-RPC 4.2.2f0 for Phar Lap ETS
"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor
"{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML
"{45C5DE6E-85AB-466E-9A6F-8BAB11EE0EDD}" = NI Web Interface Framework 2.0
"{46ADBF7F-868A-4625-9546-14355105AC50}" = NI IVI Provider for MAX
"{46BF7707-A511-47E7-B118-0E53DCA1A0EA}" = NI Remote PXI Provider for MAX 5.0.0
"{4967DB4F-07FC-4443-8287-C9C1B0D1C8FA}" = NI Variable Engine LabVIEW 2011 Support
"{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA402A7-4547-4E1A-A034-1DF609A6CCA9}" = NI LabVIEW SignalExpress 2011 Datatypes LabVIEW 2011 Support
"{4BDAF6F8-8C28-49FD-8FA7-CEE3E9E9BAD4}" = NI LabVIEW 2011 Simulation
"{4BEFB7C6-F103-42FB-9482-861C6D9690A0}" = NI LabVIEW Compare Utility 11.0.0
"{4C16AC07-1EEE-48E5-8DAE-CCB1BA9F90E9}" = NI-DAQmx Switch Core 2.2.0
"{4C6F8199-E1B2-4F60-9099-A9298D8EA4D6}" = NI-MXDF 1.11.5f1
"{501DACFF-9399-4DBC-AA59-F35C9C6970D2}" = NI-DIM 1.11.0f0
"{502F10D2-9096-4D2E-BC71-4DFF995159F3}" = NI-DAQ Document Set 9.3.5
"{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52252F5C-58CD-48ED-8C88-9AAD6FE887B4}" = NI Trace Engine
"{523B5D39-C209-41C8-9075-F6C14C2394D2}" = NI LabVIEW 2011 Search
"{523F21B6-D325-4515-9416-04A166437C43}" = NI LabVIEW SignalExpress 2011 Steps
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{555B2ADE-B3CB-4C95-A789-8A7C03A004B7}" = NI LabVIEW 2011 Deployment Framework
"{578A6214-6CC6-4043-A9A8-C045DDAE2B39}" = NI Remote Provider for MAX 5.0.0
"{580FB2E4-A159-4F9B-82C8-1ACE179686B9}" = NI-653x Installer 1.9.4
"{5866AEFB-0037-49DA-8F2C-ED7E7E21636E}" = NI LabVIEW 2011
"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo
"{5C468B0A-6DB3-402E-B4C0-6CA4CEFAE0AF}" = NI Sound and Vibration Frequency Analysis 2010
"{5F123C21-A5E2-4CFB-A6A7-034C9087099F}" = NI Logos XT Support
"{63BB51BB-C078-4960-B624-087651E8D526}" = NI LabVIEW 2011
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67A00571-3985-4051-97D1-5EA81F9F1319}" = NI LabVIEW SignalExpress 2011 LabVIEW 2011 Support
"{68DE7BF6-AFA9-4609-9C96-8C15E46E2093}" = NI Example Finder 11.0
"{69FAF7E0-6E43-4845-9BB7-A9D9F7440084}" = NI PXI Platform Services 2.6.2 Expert
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core
"{6CAADA3B-2513-4BEC-96EE-A7DF908E5B1E}" = NI PXI Platform Framework 1.3.2
"{6E84AECC-91B8-4738-97D2-0E8083A093F2}" = NI Measurement Studio Common .NET Assemblies for .NET 2.0
"{70BA7761-629A-4118-BFE0-02753B9019C8}" = NI MXS 5.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712723FB-BF99-4406-8F91-A2DB766AB2C9}" = NI VC2008MSMs x86
"{71355055-64A7-44AB-8C4C-9E893AC4FA40}" = NI-488.2 Provider for MAX version 2.8.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73854BF9-E78E-4D6F-B8C2-A7A3CD855124}" = NI LabVIEW 2011 Help File
"{75C812EE-06B8-4A47-B37D-9777BE9A644C}" = NI SSL Support
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7A29AA0C-202A-467E-9257-DE2E8DBC60B3}" = NI LabVIEW 2011 License
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1
"{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo
"{7D64A463-C3C9-40B6-BC46-4DD7D0DE2BFD}" = NI Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2011.
"{7D826D95-7FEE-4FC6-A3CC-BE4A53810441}" = NI IVI Engine
"{7D89ECEB-7E27-4898-812E-80862E91AB94}" = NI Portable Configuration 5.0.0
"{7E3668CB-1228-416E-B721-C2FA3247B985}" = NI LabVIEW Real-Time FIFO for Runtime
"{80C792E1-78BC-4F4A-839E-BCD107770938}" = NI System API Windows 32-bit 5.0.0
"{8283E8AC-3CF9-4712-B56D-FFE9D47F88E1}" = NI LabVIEW 2011
"{82D29FE9-9F5A-4EF7-BBA1-EF107DDB2E64}" = NI Certificates Deployment Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A4DBE2-1AAA-42F1-BAB3-C873C2F5DD81}" = NI System Configuration LV2011 Support 5.0.0
"{886C3E95-4032-45C8-92F6-57861871635A}" = NI Software Provider for MAX 5.0.0
"{89089F33-94D7-4E9C-918F-75CC933FC88F}" = NI DataSocket 4.9
"{8923D179-24D1-475D-A381-0B8C1AF1A206}" = NI LabVIEW 2011 Web Server
"{896849EE-EEE6-4E45-B20B-9F4DDCF805DA}" = NI Assistant Framework
"{8B3E6AA0-992F-4957-A1DB-CC2CA521F790}" = NI LabVIEW SignalExpress 2011 Core
"{8B88204E-6446-4F7F-9379-F1A982C9D07C}" = NI LabVIEW 2011
"{8D9F6EFD-6EAF-4327-AD59-92DEA050BDAF}" = NI Instrument IO Assistant for LabVIEW 2011 32-bit
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F1B9FE1-5777-4118-B982-B50B030101FF}" = NI LabVIEW 2011
"{90120000-0016-0000-0000-0000000FF1CE}" = Microsoft Office Excel 2007
"{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
"{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_POWERPOINT_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_WORD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_EXCEL_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_POWERPOINT_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_WORD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_POWERPOINT_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_EXCEL_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_POWERPOINT_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_EXCEL_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_POWERPOINT_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_WORD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_EXCEL_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_POWERPOINT_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_WORD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_EXCEL_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_POWERPOINT_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_WORD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_EXCEL_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_POWERPOINT_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_WORD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PRJPROR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{9320E1F0-31CB-4095-B430-017A35406E40}" = NI LabVIEW SignalExpress 2011 Datatypes
"{9492A5F3-FDA5-4CE9-9B96-AB5881046CB6}" = NI LabVIEW 2011 Help
"{95C26FA7-5FDD-4C6D-AD6F-3D4B3FEB0D70}" = NI AFW Custom UI Assemblies
"{975F2F8A-CB6C-48CB-AF02-CEA55B194DDA}" = NI MIO Device Drivers 2.6.0
"{98B874D4-D8A4-40BE-B82A-36E902C84289}" = NI-ORB 1.9.3f0
"{98F4DC3F-958E-4DE5-BE1D-DBD72B05A204}" = NI Search Shared
"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF9F0A2-2CF9-4165-9A36-639381F54BE3}" = NI IO Trace 3.0.0
"{9C2113B6-30DC-4827-9166-E6F4889D7594}" = NI LabVIEW 2011 Deployable License
"{9D500758-F84E-4B0D-85CC-579DD1F579ED}" = NI PXI Platform Services 2.6.2
"{9EEA4977-878D-4ECA-8DF2-7C8BF37AE5B9}" = NI-488.2 2.8.1
"{9FCEDDD0-4FEA-41CE-9739-565F39B2F607}" = NI MDF Support
"{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"{A0A20C35-FA6C-471D-ADA6-FFB1604157BD}" = NI-PAL 2.7.0f0
"{A108E5C1-C45E-4EA4-A395-CF61F959AC82}" = NI-DAQmx MAX Configuration Support 9.3.5
"{A11A542A-37BF-4943-9810-3F1DC0AD4A1C}" = NI LabWindows/CVI 2010 Code Generator
"{A1A3C998-7D53-4BE2-A4DC-57A115DB0AD3}" = NI DAQ Assistant 2.0.0
"{A1B35B59-B8B4-47C8-B4D6-3F90FB1997CC}" = NI LabVIEW 2011
"{A29EC1AF-7077-4E6E-B4EB-30A719117268}" = NI System Web Server 2.0
"{A363C314-2242-4BBE-9ADE-B427AF646EFF}" = NI mDNS Responder 1.6.0
"{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5FB6F3A-2120-45C8-B5E5-476BD5580BD6}" = NI LabVIEW EWB DeviceHandler 2010
"{A736A59D-FFAD-4EE5-962F-510DE151D6AA}" = NI AFW Channel Configuration Tool
"{A7B1ABA8-E2A2-4565-A8AF-F01657FF5CEA}" = NI LabVIEW Web Services Runtime
"{A98841B5-69CF-4D81-9BF1-5EA8968B3A1E}" = 232Analyzer
"{AB47630B-C1BF-4A0A-93EF-3492A59A4704}" = NI LabVIEW Run-Time Engine Interop 2010
"{AB55A100-AAC9-43EA-845E-2DCDC0D4D2B8}" = NI Math Kernel Libraries
"{AB9BBC2E-83F6-47A9-9FA3-08D3774F8E45}" = NI-RPC 4.2.2f0
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AD118C09-CD56-4676-80D3-25221BA9A3E9}" = NI IVI Class Drivers
"{AD3F600F-EF24-4145-9514-B4F8A685F944}" = NI PXI Platform Services 2.6.2 Configuration Support
"{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = ES603 WDM Driver
"{AE593237-3C8E-44F2-A9AA-2DDE0A472CDE}" = NI LabVIEW Web Server for Run-Time Engine
"{AFFE41B4-6FB6-4E64-811C-5F57D05DF70F}" = NI Sound and Vibration Frequency Analysis LabVIEW 2011 Support
"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009
"{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}" = Secure Download Manager
"{B179B6ED-5D5B-49B8-8929-5144738B81C3}" = NI LabVIEW SignalExpress 2011 Tools
"{B1DCBBC7-8ECE-497F-926F-02FE4E42216B}" = NI-DSM 2011
"{B1EE55C1-F98B-40AB-AF0C-422ECCC88454}" = NI Measurement & Automation Explorer 5.0.0
"{B2BDA3BC-29BE-49C1-A30E-15DA8D041601}" = NI License Manager
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B96A1127-96B8-403A-BD57-0C4CD008A434}" = NI-DAQmx support for LabVIEW 2.1.0
"{BA0C74BC-3CE2-4BDE-BEC8-C330EAB9A3B1}" = NI-MRU 2.11.1f0
"{BB3EBB9E-1CA1-4B7F-9E67-09540CCE9F45}" = NI Assistant Framework LabVIEW Code Generator 2011
"{BD2BD62A-444B-4838-8931-B3E9679144AB}" = NI LabVIEW SignalExpress 2011 LabVIEW Support
"{C0DE25AE-B0E5-4D4B-96CE-EE757066D0BA}" = NI Network Discovery 5.0
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C462AA63-FD78-485B-9FA8-F66ED2248DE1}" = NI SCXI 1.15.0
"{C673968D-BBC5-4A5E-AFF4-60F538388775}" = NI-VISA 5.1.0 MAX Provider
"{C856BC45-C56B-43B5-BFBE-0AEE1035C370}" = NI System Configuration CVI Support 5.0.0
"{C9A91453-88C1-49A0-A719-86DA2D463734}" = NI-VISA Server 5.1.0
"{CAC9188C-83A0-4F9F-858A-DA430DC2E401}" = NI AFW Custom UI
"{CC17CE69-4AB6-4434-ADB4-27DB49D36080}" = NI Curl 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CF30E2B5-A7A7-47AD-8B03-22A27D4E9971}" = NI LabVIEW 2011 Real-Time Error Dialog
"{D30CB7A9-2B45-4C90-9D6B-A2DDED7AAF9B}" = NI Timing Installer 2.3.0
"{D35F1304-4FA0-40AB-9EEF-13F15EFC207D}" = NI-VISA Runtime 5.1.1
"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services
"{D3D8A298-9C08-43DD-A9C0-7D32BF68CAC9}" = NI-VISA 5.1.0
"{D5BB7AAE-62F4-4C4F-B272-F27AEE16BA7F}" = NI TDMS
"{D5EE063C-12BF-4D36-BFD1-D7E2AC1E2566}" = NI-APAL 2.1 Error Files
"{D6D68ABC-954B-4373-92A2-0FE7FA59AC1A}" = NI EulaDepot
"{D7CC49D5-FC42-4082-8F2D-CCAAF9390E7F}" = NI LabVIEW 2011
"{DB0D5AFF-0B60-4287-9BC2-F4AE797B02F4}" = NI Authentication 2.0
"{DB29F1F4-113E-45E0-B1E9-90A188DAF0AD}" = NI-APAL 2.1 Error Files for LabVIEW RT
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB68B420-5382-48EE-9A2A-CB984FEBB192}" = NI LabVIEW Web Server for Run-Time Engine
"{DBAF9288-7503-48AC-A43F-B00B4EA0F145}" = NI PXI SystemAPI Expert 2.6.2
"{DC7F8117-3D5A-4848-AA4F-2A61BE4A5094}" = NI-MXLC LabVIEW 2009 Support
"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface
"{E0D8CD4E-4771-4848-A09D-60A31D883883}" = NI VC2005MSMs x86
"{E125DE33-5564-4531-A4EF-BBC7C78031BA}" = NI LabVIEW SignalExpress 2011
"{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5102348-951B-4375-A582-2E0675180517}" = NI LabVIEW 2011
"{E5C8FBCD-F2F1-4FD0-9FA1-EF9F277400D7}" = NI-DAQmx 9.3.5
"{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3
"{E648AF0B-A340-4AEE-8275-D47688D25613}" = NI RTSI UI Provider 1.0.0
"{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard
"{E7BDC0BC-583B-4193-9460-BDF51D131695}" = NI LabVIEW 2011
"{E8550330-7EAF-46CC-AE68-25A3AC6B1AE4}" = NI LabVIEW 2011 Manuals
"{E91960AA-EB6A-418C-B6C3-6FDF7C166B59}" = NI Dynamic Signal Acquisition Installer 2.2.0
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EA37AB72-EC8C-432C-A1C6-186850FB0559}" = NI System State Publisher
"{EA903EDC-4358-4F98-AFB2-14991144DE1D}" = NI Common Digital 1.13.0
"{EB708DAB-CD04-46E4-88C9-E3BC80595982}" = NI System Web Server Base 2.0
"{EB8D0A82-E02A-437C-A7C4-90516F1CFB39}" = NI Web Application Server 2.0
"{EC45867D-83A8-4ECF-911A-154CD98BD592}" = NI Measurement Studio 8.6 Enterprise RunTime for VS2005
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EDFC39D7-B782-4B43-BF9C-D1B80ADEA863}" = NI LabVIEW Runtime Engine 2010 SP1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF1B1A68-988E-4A68-8504-774373A4651C}" = NI OPC Support
"{F04A89CB-A185-4263-85ED-4BAD766F7DAE}" = NI Error Reporting 2011
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder
"{F6C682B6-7714-41CC-80B6-3288364910AF}" = NI GMP Windows 32-bit Installer 11.0.0
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"{F97CB7B0-28D2-4E33-A806-9475EB134DC7}" = NI-DAQ INF Files 19.3.5
"{F9A74F70-7597-47B8-B04C-044824C23B15}" = NI LabVIEW 2011 VIPM Helper
"{F9E0880D-B263-48F9-B8E5-BAFCAE9BE150}" = NI System API Client for WIF 5.0.0
"{FA7E1ADB-CEB4-4710-A1FA-8CFF4025AAB0}" = NI-MXLC LabVIEW 8.6 Support
"{FD588AD4-9150-4A41-83E8-61596E0954E4}" = Fingerprint Solution
"{FDED748C-432B-4B44-BB33-3BB8550A2AD2}" = NI Variable Engine 2.5.0
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FE7EA637-9C65-4D57-9342-DDD98315AA58}" = Gemalto PKCS#11 For .NET Smart Cards V2+
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"EXCEL" = Microsoft Office Excel 2007
"FileZilla Client" = FileZilla Client 3.5.3
"GPG4Win" = Gpg4win (2.1.1-34299-beta)
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"InfraRecorder" = InfraRecorder
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = EgisTec ES603 WDM Driver
"InstallShield_{FD588AD4-9150-4A41-83E8-61596E0954E4}" = Acer Bio Protection
"IviSharedComponent" = IVI Shared Components 2.2.1
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NI Uninstaller" = National Instruments - Software
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OpenVPN" = OpenVPN 2.2.2
"Picasa 3" = Picasa 3
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"POWERPOINT" = Microsoft Office PowerPoint 2007
"Psi" = Psi (remove only)
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"StrokeIt" = StrokeIt
"SumatraPDF" = SumatraPDF
"Tera Term_is1" = Tera Term 4.74
"Texmaker" = Texmaker
"VI Package Manager" = VI Package Manager
"VISASharedComponents" = VISA Shared Components 64-Bit
"winscp3_is1" = WinSCP 4.3.7
"WORD" = Microsoft Office Word 2007
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.07.2012 13:23:56 | Computer Name = ibot | Source = LabVIEW | ID = 3299
Description = LabVIEW information: Error: 404 "Not Found" for "national instruments/ni-rpc/interface/eadfc80d-1e6f-425b-8986-12ccef98f646",
file "c:/program files (x86)/national instruments/shared/ni webserver/www/national
instruments/ni-rpc/interface/eadfc80d-1e6f-425b-8986-12ccef98f646": Can't access
URL .
Error - 20.07.2012 13:23:56 | Computer Name = ibot | Source = LabVIEW | ID = 3299
Description = LabVIEW information: Error: 404 "Not Found" for "national instruments/ni-rpc/interface/eadfc80d-1e6f-425b-8986-12ccef98f646",
file "c:/program files (x86)/national instruments/shared/ni webserver/www/national
instruments/ni-rpc/interface/eadfc80d-1e6f-425b-8986-12ccef98f646": Can't access
URL .
Error - 20.07.2012 13:24:00 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 22.07.2012 12:32:21 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 02:52:36 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 03:12:23 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 03:15:10 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 03:33:33 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 03:36:51 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2012 05:38:42 | Computer Name = ibot | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24.07.2012 05:36:52 | Computer Name = ibot | Source = DCOM | ID = 10005
Description =
Error - 24.07.2012 05:36:57 | Computer Name = ibot | Source = DCOM | ID = 10005
Description =
Error - 24.07.2012 05:36:58 | Computer Name = ibot | Source = DCOM | ID = 10005
Description =
Error - 24.07.2012 05:36:58 | Computer Name = ibot | Source = DCOM | ID = 10005
Description =
Error - 24.07.2012 05:37:08 | Computer Name = ibot | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\System32\bcmihvsrv64.dll Fehlercode: 21
Error - 24.07.2012 05:37:24 | Computer Name = ibot | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.07.2012 05:37:25 | Computer Name = ibot | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.07.2012 05:37:25 | Computer Name = ibot | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.07.2012 05:37:27 | Computer Name = ibot | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.07.2012 05:37:27 | Computer Name = ibot | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
| Themen zu Bundespolizei - Trojaner 1.13 - Window 7 |
| 32 bit, 7-zip, akamai, autorun, avira, bho, compare, document, error, firefox, flash player, format, google, helper, install.exe, jdownloader, langs, launch, logfile, microsoft office word, mozilla, national, nvidia update, nvpciflt.sys, office 2007, photoshop, plug-in, pmmupdate.exe, port, realtek, registry, rundll, scan, searchscopes, security, server, software, svchost.exe, trojan.agent.ge, trojaner, tvnserver, udp, usb 3.0, win64, window 7, windows |
Baum-Darstellung