Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.06.2013, 15:05   #1
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Hallo,
ich habe leider in einem schwachen moment die Datei
Anwaltschaft... .com ausgeführt.

Direkt nach dem ich meinen Fehler bemerkt habe, sicherte ich den Anhang auf einen USB Stick und habe den Rechner heruntergefahren.
Der PC ist nun aus.
Hier ist das Ergebnis von Virustotal (USB Stick anderer PC, Datei nichts ausgeführt):
https://www.virustotal.com/de/file/d21b391d59d3db0ef01f2786fe6152abbf8977500ac6f0a2a13bbfed5203b96c/analysis/1372168320/

Mein Virenscanner (Kaspersky) erkennt ihn leider noch nicht, dieser ist auf beiden PCs instaliert.

Ich habe die "infizierte" Festplatte an einen anderen Rechner angeschlossen und zwei seltsame Dateien unter: X:\Windows\system32 gefunden:
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0


Was soll ich nun tun?

Alt 25.06.2013, 15:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 25.06.2013, 15:34   #3
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Hallo,

hier die First,txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-06-2013 01
Ran by ******** (administrator) on 25-06-2013 16:25:55
Running from F:\
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) ===================

(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: []  [x]
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe [x]
HKLM\...\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe [x]
HKLM\...\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13535776 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [311680 2010-03-12] (Kaspersky Lab)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide [190808 2011-03-01] (Logitech Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-10] (Microsoft Corporation)
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe" [7283072 2013-04-26] (Binary Fortress Software)
HKCU\...\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2540 Series" [249440 2012-02-27] (SEIKO EPSON CORPORATION)
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: J - J:\LaunchU3.exe -a
MountPoints2: {2601d36e-06b8-11e1-a1cb-001c231428ef} - F:\pushinst.exe
MountPoints2: {4b979d05-566a-11de-b374-001c231428ef} - F:\LaunchU3.exe -a
MountPoints2: {4eab0e8b-6ccb-11df-b0cb-001c231428ef} - J:\LaunchU3.exe -a
MountPoints2: {63390b51-6074-11e2-859b-001c231428ef} - F:\setup.exe AUTORUN=1
MountPoints2: {cf61bb13-5870-11e1-862d-001c231428ef} - J:\AutoRun.exe
MountPoints2: {cf61bb3f-5870-11e1-862d-001c231428ef} - J:\AutoRun.exe
HKU\bec\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\bec\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\Sam\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2009-05-26] (Apple Inc.)
HKU\Sam\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\Sam\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\User\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe [ 2008-03-25] (Adobe Systems, Inc.)
Startup: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://companyweb
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://companyweb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: haufereader - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.250

FireFox:
========
FF ProfilePath: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi

========================== Services (Whitelisted) =================

S2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
S4 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
S2 CorGigEServer; C:\Windows\System32\CorGigEServer.exe [55808 2007-11-29] (DALSA)
S2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
S2 DSCameraControlWinService; C:\Program Files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe [88064 2011-07-18] (IDS Imaging Development Systems GmbH)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
S2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
S2 GtDetectSc; C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [204915 2007-11-05] (Option)
S2 LkCitadelServer; C:\Windows\system32\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S2 lkClassAds; C:\Windows\system32\lkads.exe [50328 2012-11-28] (National Instruments Corporation)
S2 lkTimeSync; C:\Windows\system32\lktsrv.exe [60568 2012-11-28] (National Instruments Corporation)
S2 mxssvr; C:\Program Files\National Instruments\MAX\nimxs.exe [51360 2012-11-21] (National Instruments Corporation)
S2 ni488enumsvc; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S2 NIApplicationWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [54472 2012-11-30] (National Instruments Corporation)
S4 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
S2 nidevldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [371352 2012-11-28] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-11-07] (National Instruments Corporation)
S2 nimcdldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-09-26] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [172344 2012-12-19] (National Instruments Corporation)
S2 nipxirmu; C:\Windows\system32\nipxism.exe [19056 2013-01-17] (National Instruments Corporation)
S3 NiRioRpc; C:\Windows\system32\NiRioRpc.exe [31880 2011-01-13] (National Instruments Corporation)
S2 niSvcLoc; C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe [54464 2012-11-30] (National Instruments Corporation)
S2 NITaggerService; C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe [680624 2012-06-07] (National Instruments Corporation)
S2 nitsuu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S3 OpcEnum; C:\Windows\system32\Opcenum.exe [139488 2012-05-18] (OPC Foundation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [15872 2008-01-30] ()
S4 OracleOraHome90ClientCache; C:\oracle\ora90\BIN\ONRSD.EXE [425828 2001-08-14] ()
S2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [428640 2011-03-04] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG)
S2 WTGService; C:\Program Files\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()

==================== Drivers (Whitelisted) ====================

S2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
S3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
S2 CBN; C:\Windows\System32\Drivers\CBN.SYS [17408 2013-06-17] (MARX Datentechnik GmbH )
S3 CorSnid; C:\Windows\System32\DRIVERS\CorSnid.sys [28672 2007-11-29] (DALSA)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
S2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [19552 2011-11-04] ()
S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.)
S3 FTDIBUS; C:\Windows\System32\drivers\pftdibus.sys [57672 2009-02-17] (FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\pftser2k.sys [72520 2009-02-17] (FTDI Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [95744 2007-07-09] (Option NV)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [51968 2007-06-26] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.)
S3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-29] (O2Micro)
S3 JAIGigEFilterDriver; C:\Windows\System32\DRIVERS\JAIGigEFilterDriver.sys [72704 2007-09-20] (JAI)
S1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2011-10-07] (Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2011-10-07] (Kaspersky Lab ZAO)
S3 lvalarmk; C:\Windows\system32\drivers\lvalarmk.sys [20104 2008-12-05] (National Instruments Corporation)
S3 MCHPUSB; C:\Windows\System32\DRIVERS\mchpusb.sys [53760 2007-12-19] (Microchip Technology, Inc.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [24064 2008-01-19] (Microsoft Corporation)
S3 ni1006k; C:\Windows\system32\drivers\ni1006k.sys [26192 2013-01-14] (National Instruments Corporation)
S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [11960 2013-01-14] (National Instruments Corporation)
S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [23736 2013-01-14] (National Instruments Corporation)
S3 ni488lock; C:\Windows\system32\drivers\ni488lock.sys [17544 2010-07-27] (National Instruments Corporation)
S2 niarbk; C:\Windows\System32\drivers\niarbk.dll [37376 2007-04-16] (National Instruments Corporation)
S2 nibffrk; C:\Windows\System32\drivers\nibffrk.dll [21504 2007-04-16] (National Instruments Corporation)
S2 nicanpk; C:\Windows\System32\DRIVERS\nicanpkl.sys [11408 2010-09-15] (National Instruments Corporation)
S3 nicdrk; C:\Windows\system32\drivers\nicdrkl.sys [11352 2009-07-17] (National Instruments Corporation)
S3 nicmrk; C:\Windows\system32\drivers\nicmrkl.sys [11440 2010-06-15] (National Instruments Corporation)
S3 nicsrk; C:\Windows\system32\drivers\nicsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S2 Nidaq32k; C:\Windows\System32\Drivers\Nidaq32k.sys [674304 2007-04-16] (National Instruments Corporation)
S3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [11944 2012-01-27] (National Instruments Corporation)
S2 nidmmk; C:\Windows\System32\drivers\nidmmk.dll [50688 2007-04-16] (National Instruments Corporation)
S3 nidmxfk; C:\Windows\system32\drivers\nidmxfkl.sys [11336 2010-02-25] (National Instruments Corporation)
S3 nidsark; C:\Windows\system32\drivers\nidsarkl.sys [11344 2010-02-06] (National Instruments Corporation)
S3 nidwgk; C:\Windows\system32\drivers\nidwgkl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niemrk; C:\Windows\system32\drivers\niemrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 niesrk; C:\Windows\system32\drivers\niesrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nigplk; C:\Windows\system32\drivers\nigplkl.sys [11640 2008-06-16] (National Instruments Corporation)
S3 nihsdrk; C:\Windows\system32\drivers\nihsdrkl.sys [11864 2009-12-03] (National Instruments Corporation)
S3 nimcdfxk; C:\Windows\system32\drivers\nimcdfxkl.sys [11360 2009-06-17] (National Instruments Corporation)
S3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [11976 2012-06-28] (National Instruments Corporation)
S2 nimdsk; C:\Windows\System32\drivers\nimdsk.dll [30208 2007-04-16] (National Instruments Corporation)
S3 nimru2k; C:\Windows\system32\drivers\nimru2kl.sys [11360 2009-08-24] (National Instruments Corporation)
S3 nimsdrk; C:\Windows\system32\drivers\nimsdrkl.sys [11904 2010-02-02] (National Instruments Corporation)
S3 nimsrlk; C:\Windows\system32\drivers\nimsrlk.dll [151683 2009-07-23] (National Instruments Corporation)
S3 nimstsk; C:\Windows\system32\drivers\nimstskl.sys [11872 2010-02-02] (National Instruments Corporation)
S3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [11960 2012-06-28] (National Instruments Corporation)
S3 nimxpk; C:\Windows\system32\drivers\nimxpkl.sys [11880 2010-02-02] (National Instruments Corporation)
S3 ninshsdk; C:\Windows\system32\drivers\ninshsdkl.sys [11360 2010-02-05] (National Instruments Corporation)
S3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [11968 2012-06-28] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12600 2012-12-20] (National Instruments Corporation)
S0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [586000 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12600 2012-12-20] (National Instruments Corporation)
S0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [15448 2012-12-18] (National Instruments Corporation)
S3 nipsdk; C:\Windows\system32\drivers\nipsdkl.sys [11392 2010-05-06] (National Instruments Corporation)
S0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [62712 2013-01-14] (National Instruments Corporation)
S0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [46344 2013-01-14] (National Instruments Corporation)
S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [21144 2011-08-09] (National Instruments Corporation)
S2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [12408 2013-01-17] (National Instruments Corporation)
S3 niraptrk; C:\Windows\system32\drivers\niraptrkl.sys [11400 2010-06-15] (National Instruments Corporation)
S3 niRFSA2k; C:\Windows\system32\drivers\niRFSA2kl.sys [11328 2010-06-21] (National Instruments Corporation)
S3 niRFSGk; C:\Windows\system32\drivers\niRFSGkl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 niscdk; C:\Windows\system32\drivers\niscdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisdigk; C:\Windows\system32\drivers\nisdigkl.sys [11352 2010-02-10] (National Instruments Corporation)
S3 nisftk; C:\Windows\system32\drivers\nisftkl.sys [11344 2010-02-05] (National Instruments Corporation)
S3 nisldk; C:\Windows\system32\drivers\nisldkl.sys [11344 2009-06-18] (National Instruments Corporation)
S3 nispdk; C:\Windows\system32\drivers\nispdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisrcdk; C:\Windows\system32\drivers\nisrcdkl.sys [11424 2010-06-04] (National Instruments Corporation)
S3 nissrk; C:\Windows\system32\drivers\nissrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nistc2k; C:\Windows\system32\drivers\nistc2kl.sys [11312 2009-01-05] (National Instruments Corporation)
S3 nistc3rk; C:\Windows\system32\drivers\nistc3rkl.sys [11400 2010-05-03] (National Instruments Corporation)
S2 nistck; C:\Windows\System32\drivers\nistck.dll [111616 2007-04-16] (National Instruments Corporation)
S3 nistcrk; C:\Windows\system32\drivers\nistcrkl.sys [11360 2009-08-31] (National Instruments Corporation)
S2 nistreamk; C:\Windows\System32\drivers\nistreamkl.sys [19608 2010-06-17] (National Instruments Corporation)
S3 niswdk; C:\Windows\system32\drivers\niswdkl.sys [11336 2009-09-01] (National Instruments Corporation)
S3 niSynck; C:\Windows\system32\drivers\niSynckl.sys [11408 2010-08-26] (National Instruments Corporation)
S3 nitiork; C:\Windows\system32\drivers\nitiorkl.sys [11360 2010-02-06] (National Instruments Corporation)
S3 nitnr2k; C:\Windows\system32\drivers\nitnr2kl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 nitsuk; C:\Windows\system32\drivers\nitsukl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niufurk; C:\Windows\system32\drivers\niufurkl.sys [11432 2010-06-15] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [12424 2013-01-29] (National Instruments Corporation)
S2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [12424 2013-01-29] (National Instruments Corporation)
S3 niwfrk; C:\Windows\system32\drivers\niwfrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nixsrk; C:\Windows\system32\drivers\nixsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25216 2008-01-30] (The OpenVPN Project)
S3 ueye; C:\Windows\System32\DRIVERS\uEye_usb.sys [3793688 2012-03-29] (IDS Imaging Development Systems GmbH)
S3 ueye_boot; C:\Windows\System32\DRIVERS\uEye_boot.sys [3770136 2012-03-29] (IDS Imaging Development Systems GmbH)
S1 uEye_Eth; C:\Windows\System32\DRIVERS\uEye_Eth.sys [4230936 2012-03-13] (IDS Imaging Development Systems GmbH)
S3 umpusbvista; C:\Windows\System32\DRIVERS\umpusbvista.sys [47104 2009-10-20] (Texas Instruments Inc)
S3 actser; system32\drivers\actser.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 mvBlueFOX2; System32\Drivers\mvBlueFOX2.sys [x]
S3 niimaqk; system32\drivers\niimaqk.sys [x]
S3 nimslk; \??\C:\Windows\system32\drivers\nimslk.dll [x]
S3 niwdk; No ImagePath
S3 nixsrkw; system32\DRIVERS\nixsrkw.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 usb6xxxk; \??\C:\Windows\system32\drivers\usb6xxxkl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-25 14:06 - 2013-06-25 14:06 - 00111036 ____N C:\Users\********\Desktop\Mirapodo GmbH Online Kostenrechnung.zip
2013-06-25 11:55 - 2013-06-25 11:55 - 00110592 ____A (Simon Tatham) C:\Users\********\Desktop\Anwaltschaft.com.ex
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:16 - 2013-06-19 09:34 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:11 - 2013-06-18 22:12 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-18 22:15 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:08 - 2013-06-18 22:14 - 00000000 ____D C:\Program Files\Logitech
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:04 - 2013-06-18 22:12 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:05 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-17 13:03 - 2008-02-28 16:59 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-06-17 13:03 - 2002-04-02 18:02 - 00002600 ____A C:\ProgramData\winmcv.sys
2013-06-13 03:03 - 2013-05-08 06:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 03:02 - 2013-05-17 05:50 - 01212928 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00916480 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:02 - 2013-05-17 05:48 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 06014464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 11111424 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 02004992 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 01469440 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:02 - 2013-05-17 05:44 - 00387584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 03:02 - 2013-05-17 04:06 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-13 03:02 - 2013-05-17 02:20 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:02 - 2013-05-17 02:19 - 00174080 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 03:02 - 2013-05-17 02:18 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:02 - 2013-05-17 02:18 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-13 03:02 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 03:02 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-13 03:01 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-13 03:01 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-13 03:01 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 03:01 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 18:44 - 2009-03-09 16:27 - 04178264 ____N (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll

==================== One Month Modified Files and Folders ========

2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-25 16:23 - 2009-09-18 10:55 - 00000000 ____D C:\Users\********\AppData\Local\TSVNCache
2013-06-25 14:13 - 2008-04-26 10:12 - 00000414 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E}.job
2013-06-25 14:13 - 2008-03-29 10:27 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-06-25 14:13 - 2008-03-29 10:13 - 01392772 ____A C:\Windows\WindowsUpdate.log
2013-06-25 14:13 - 2006-11-02 15:01 - 00032562 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-25 14:13 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 14:13 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-25 14:13 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-25 14:10 - 2012-07-12 08:05 - 00001126 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA.job
2013-06-25 14:10 - 2008-04-03 13:51 - 00000412 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163}.job
2013-06-25 14:10 - 2008-04-01 13:12 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B}.job
2013-06-25 14:07 - 2010-10-21 13:50 - 00000000 ____D C:\Users\********\AppData\Roaming\Skype
2013-06-25 14:06 - 2013-06-25 14:06 - 00111036 ____N C:\Users\********\Desktop\Mirapodo GmbH Online Kostenrechnung.zip
2013-06-25 14:01 - 2008-04-01 11:52 - 00000104 ____A C:\Windows\System32\config\netlogon.ftl
2013-06-25 12:45 - 2008-04-01 17:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-25 11:55 - 2013-06-25 11:55 - 00110592 ____A (Simon Tatham) C:\Users\********\Desktop\Anwaltschaft.com.ex
2013-06-25 08:24 - 2008-10-24 09:59 - 00122714 ____A C:\ProgramData\nvModes.001
2013-06-25 08:24 - 2008-10-24 09:56 - 00122714 ____A C:\ProgramData\nvModes.dat
2013-06-24 13:33 - 2010-08-11 11:56 - 00000000 ____D C:\Users\********\AppData\Roaming\vlc
2013-06-21 14:12 - 2010-10-21 13:50 - 00000000 ___RD C:\Program Files\Skype
2013-06-21 14:12 - 2010-10-21 13:49 - 00000000 ____D C:\ProgramData\Skype
2013-06-20 08:10 - 2012-07-12 08:05 - 00001104 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core.job
2013-06-19 14:38 - 2006-11-02 12:33 - 00007184 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-19 09:41 - 2011-04-14 16:32 - 00000000 ____D C:\Program Files\WISO
2013-06-19 09:40 - 2011-04-14 16:36 - 00000000 ____D C:\Users\********\AppData\Local\Buhl
2013-06-19 09:40 - 2011-01-22 18:39 - 00000781 ____A C:\Windows\wiso.ini
2013-06-19 09:40 - 2008-03-29 10:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-19 09:38 - 2008-04-02 21:40 - 00000000 ____D C:\Program Files\Common Files\Lexware
2013-06-19 09:35 - 2008-04-02 20:27 - 00000000 ____D C:\Program Files\Frag doch mal
2013-06-19 09:34 - 2013-06-18 22:16 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:15 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:14 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Logitech
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:12 - 2013-06-18 22:11 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:12 - 2013-06-17 13:04 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-18 22:12 - 2008-04-02 11:37 - 00000000 ____D C:\users\********
2013-06-18 22:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:27 - 2009-09-18 10:57 - 00000000 ____D C:\ic-automation
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:05 - 2013-06-17 13:03 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-14 21:55 - 2011-11-30 18:49 - 00000680 ____A C:\Users\********\AppData\Local\d3d9caps.dat
2013-06-13 10:30 - 2008-04-01 12:05 - 00008924 _RASH C:\ProgramData\ntuser.pol
2013-06-13 08:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 08:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-11 10:00 - 2012-10-23 15:24 - 00000000 ____D C:\Program Files\ODC1202-Tool-V316

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-19 08:25

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-06-2013 01
Ran by ******** at 2013-06-25 16:27:29
Running from F:\
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 8.1.4)
3GP Player 2008 (Version: 1.9)
7-Zip 4.57
AAVUpdateManager (Version: 18.00.0000)
Adobe Acrobat  8 Standard - English, Français, Deutsch (Version: 8.1.3)
Adobe Acrobat 8.1.3 Standard (Version: 8.1.3)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader 8.1.3 - Deutsch (Version: 8.1.3)
Adobe Shockwave Player (Version: 11)
Agere Ethernet Adapter (Version: 1.02.1600)
Anleitung für Epson Connect
Any Video Converter 3.4.1
Apple Software Update (Version: 2.1.1.116)
ArcSoft MediaImpression 2 (Version: 2.0.53.1090)
AVM FRITZ!fax für FRITZ!Box
AVM FRITZ!WLAN
Broadcom Gigabit Integrated Controller (Version: 10.50.03)
Broadcom Management Programs (Version: 10.20.03)
CameraHelperMsi (Version: 13.20.1182.0)
CM-200MCL Control Tool (Version: 1.00.0000)
Conexant HD Audio (Version: 4.36.7.60)
Conexant HDA D330 MDC V.92 Modem
Corel Graphics Suite 11 (Version: 11)
CorelDRAW Graphics Suite 11 (Version: 11)
DALSA Genie Framework 1.30.00.0171 Release (Version: 1.30.00.0171 Release)
DALSA Sapera Network Imaging Package 1.30.01.0146 (Version: 1.30.01.0146)
DDBAC (Version: 4.0.15)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Handbuch zum Einstieg (Version: 1.00.0000)
Dell Touchpad (Version: 10.1.2.0)
DisplayFusion 5.0.1 (Version: 5.0.1.0)
Dropbox (HKCU Version: 1.2.49)
DVD Shrink 3.2
EAR
ELECTRONIC ASSEMBLY LCD Tools (Editor, Macro Compiler, Simulato
ELECTRONIC ASSEMBLY LCD-Tools Portable 4.2 (Version: 4.2)
ElsterFormular 2007/2008 (Version: 9.4.0.0)
Epson Benutzerhandbuch WF-2540 Series
Epson Event Manager (Version: 3.01.0005)
Epson FAX Utility (Version: 1.30.00)
Epson Netzwerkhandbuch WF-2540 Series
Epson PC-FAX Driver
EPSON Scan
EPSON WF-2540 Series Printer Uninstall
EpsonNet Print (Version: 2.5.00)
erLT (Version: 1.20.138.34)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
FRT Mark III 3.9.12.3 (Version: 1.0.7)
FTDI USB Serial Converter Drivers (Version: 2.00.00)
funScreenScraping Client Version (Version: 1.0.110)
funScreenScraping Microsoft Systemdateien (Version: 1.0.6)
Google Earth (Version: 4.2.205.5730)
Greenfish Icon Editor Pro 3.0
Gwyddion (Version: 2.31.win32)
HijackThis 2.0.2 (Version: 2.0.2)
IC LabVIEW Extension 3.2
IDS uEye (Version: 4.00)
IDS uEye LabVIEW (Version: 3.90.0000)
Indeo® Software
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Intel(R) PROSet/Wireless Software (Version: 11.01.0000)
IrfanView (remove only) (Version: 4.28)
IVI Shared Component (Version: 2.1.0)
IVI Shared Components
JAI SDK (Version: 1.02.0013)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Kaspersky Anti-Virus 6.0 für Windows Workstation (Version: 6.0.4.1424)
LabVIEW mvIMPACT acquire (Version: 1.6.7)
LabVIEW Web Services (Version: 8.6.20.0)
LEGO MINDSTORMS NXT Driver (Version: 1.20.111.0)
Lexware Info Service (Version: 2.80.00.0007)
Lexware online banking (Version: 15.00.00.0005)
Lexware online banking 4.10 (Version: 4.10)
Logic Works ERwin_ERX 3.0
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.20.1182.0)
LWS Launcher (Version: 13.20.1166.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.20.1182.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.20.1182.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
MAGIX MP3 Maker 16 11.0.3.117 (D) (Version: 11.0.3.117)
MAGIX Online Druck Service (Version: 3.4.3.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (Version: 7.0.2.7)
Math Kernel Libraries (Version: 1.0.31.0)
maxon motor ag EPOS Positioning Controller (Version: 18.1.0)
mCore (Version: 9.24.0000)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight 5.1 (Version: 5.1.3100)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mMHouse (Version: 9.24.0000)
Modem-Diagnose-Tool (Version: 1.0.20.0)
Mozilla Firefox 10.0.2 (x86 de) (Version: 10.0.2)
Mozilla Thunderbird (2.0.0.12) (Version: 2.0.0.12 (de))
mPfMgr (Version: 9.24.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mvBlueFOX (Version: 2.0.5)
mvIMPACT-Go! (Version: 6.4.0.4554)
mvLabVIEW SDK
mWMI (Version: 9.24.0000)
National Instruments - Software (Version: )
NetObjects Fusion 10.0 (Version: 10.0 German)
NetObjects Fusion 11.0 (Version: 11 German)
NetObjects Fusion 12.0 (Version: 12 German)
NetObjects Fusion 12.0 (Version: 12.00.5000.5041)
NetWaiting (Version: 2.5.44)
NI .NET Framework 4.0 (Version: 4.01.49152)
NI 985x Software 1.3.6 (Version: 1.3.27648)
NI ActiveX Container (Version: 12.1.3.0)
NI AFW Channel Configuration Tool (Version: 7.0.181.0)
NI AFW Custom UI (Version: 7.0.182.0)
NI AFW Custom UI Assemblies (Version: 7.0.8.0)
NI AFW UI Assemblies (Version: 7.2.8.0)
NI Assistant Framework (Version: 8.0.112.0)
NI Assistant Framework LabVIEW 2010 Support (Version: 8.0.112.0)
NI Assistant Framework LabVIEW 8.5 Support (Version: 7.0.191.0)
NI Assistant Framework LabVIEW 8.6 Support (Version: 8.0.112.0)
NI Assistant Framework LabVIEW Code Generator 2010 (Version: 8.0.122.0)
NI Assistant Framework LabVIEW Code Generator 2012 (Version: 8.0.70.0)
NI Assistant Framework LabVIEW Code Generator 6.1 (Version: 3.0.350.0)
NI Assistant Framework LabVIEW Code Generator 7.0 (Version: 3.0.350.0)
NI Assistant Framework LabVIEW Code Generator 7.1 (Version: 6.0.190.0)
NI Assistant Framework LabVIEW Code Generator 8.0 (Version: 6.0.189.0)
NI Assistant Framework LabVIEW Code Generator 8.2 (Version: 6.0.189.0)
NI Assistant Framework LabVIEW Code Generator 8.5 (Version: 7.0.143.0)
NI Assistant Framework LabVIEW Code Generator 8.6 (Version: 7.5.35.0)
NI Atomic PXIe Peripheral Module Driver 1.2.1 for Phar Lap ETS (Version: 1.21.49152)
NI Atomic PXIe Peripheral Module Driver 1.3.0 (Version: 1.30.49152)
NI Atomic PXIe Peripheral Module Driver 1.3.0 for Phar Lap ETS (Version: 1.30.49152)
NI Atomic PXIe Peripheral Module Driver 1.3.1 for Phar Lap ETS (Version: 1.31.49152)
NI Atomic PXIe Peripheral Module Driver 2.3.0 (Version: 2.30.49152)
NI Atomic PXIe Peripheral Module Driver 2.3.0 for Phar Lap ETS (Version: 2.30.49152)
NI Authentication 12.5.0 (Version: 12.5.199.0)
NI Authentication Real-Time 2010 Support (Version: 1.0.72.0)
NI Authentication Real-Time 2010 Support (Version: 1.1.58.0)
NI Authentication Service for Real-Time 2010 (Version: 1.0.45.0)
NI Authentication Service for Real-Time 2010 (Version: 1.0.68.0)
NI BIOS Updater (Version: 8.0.390.0)
NI Calibration Provider for MAX 4.7.0 (Version: 4.70.49154)
NI Certificates Deployment Support (Version: 1.03.49152)
NI CodeSignAPI (Version: 2.70.346)
NI Common Digital 1.11.0 (Version: 1.110.49152)
NI CompactRIO 3.6.0 (Version: 3.6.00211)
NI CompactRIO Controller BIOS Update 10.5 (Version: 1.0.00137)
NI CompactRIO LabVIEW 8.5 Module Support (Version: 2.4.00126)
NI CompactRIO LabVIEW 8.6 Module Support (Version: 3.3.00089)
NI CompactRIO MAX Provider (Version: 3.6.00211)
NI CompactRIO Module Software 3.6.0 (Version: 3.6.00211)
NI CompactRIO Module Support 3.6.0 (Version: 3.6.161.0)
NI CompactRIO Module Support for LabVIEW 2010 SP1 (Version: 3.6.161.0)
NI CompactRIO Recommended Software Sets (Version: 3.1.00102)
NI CompactRIO Recommended Software Sets 3.6.0 (Version: 3.60.00211)
NI CompactRIO Reconfigurable Target Support for LabVIEW 2010 (Version: 3.6.00211)
NI CompactRIO Reconfigurable Target Support for LabVIEW 8.5 (Version: 3.5.10004)
NI CompactRIO Reconfigurable Target Support for LabVIEW 8.6 (Version: 3.5.10004)
NI cRIO Motion for LabVIEW 8.5.1 (Version: 01.11.3000)
NI Curl 12.5.0 (Version: 12.5.197.0)
NI Customer Experience Improvement Program (Version: 1.1.21.0)
NI DAQ Assistant 1.13.0 (Version: 1.130.49152)
NI DataSocket 5.0 (Version: 5.0.115.0)
NI DHV DCMP Installer 1.2.0f1 (Version: 1.20.49153)
NI DHV GPL 108f3 (Version: 1.08.49155)
NI Distributed System Manager (Version: 8.6.287.0)
NI Distributed System Manager 2010 (Version: 10.0.336.0)
NI Distributed System Manager 2012 (Version: 12.1.52.0)
NI DN 2.0 Language Pack installer (Version: 2.00.49152)
NI DN 2.0 SP1 installer (Version: 2.11.49152)
NI Dynamic Signal Acquisition Installer 2.0.0 (Version: 2.00.49152)
NI Error Reporting 2012 (Version: 12.1.52.0)
NI EulaDepot (Version: 3.11.177)
NI EVS-1460 Series Remote Provider (Version: 9.2.5.0)
NI Example Finder 12.0 (Version: 12.0.291.0)
NI Execution Services 1.0 for Real-Time (Version: 1.0.94.0)
NI FieldPoint Embedded 6.0.7 (Version: 6.0.7064.0)
NI FieldPoint Embedded 6.0.8 (Version: 6.0.8026.0)
NI FieldPoint Host 6.0.8 (Version: 6.0.8027.0)
NI FieldPoint MAX Provider 6.0.8 (Version: 6.0.8027.0)
NI Filesystem WebService 1.0 for Real-Time (Version: 1.0.95.0)
NI Filesystem WebService 1.1.0 for Real-Time (Version: 1.1.43.0)
NI FlexRIO 1.6.0 (Version: 1.6.00211)
NI FlexRIO 1.6.0 support for Real-Time Embedded Targets (Version: 1.60.00211)
NI FlexRIO Adapter Module Support 2.0.0 (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support for NI-RIO 2009 (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support for NI-RIO 8.6 (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 2010 Analog Examples (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 2010 Digital Examples (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 2010 Support (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 8.6 Analog Examples (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 8.6 Digital Examples (Version: 2.0.29.0)
NI FlexRIO Adapter Module Support LabVIEW 8.6 Support (Version: 2.0.29.0)
NI FlexRIO LabVIEW 2010 Support (Version: 1.6.00211)
NI FlexRIO LabVIEW 8.6 Support (Version: 1.3.00089)
NI FlexRIO support for Real-Time Embedded Targets (Version: 1.1.00102)
NI FlexRIO support for Real-Time Embedded Targets (Version: 1.50.00235)
NI FSL Installer 1.10.0 (Version: 1.100.49153)
NI GMP Windows 32-bit Installer 12.0.0 (Version: 12.0.46.0)
NI Help Assistant (Version: 1.0.11)
NI Hierarchical Waveform Storage 1.4.8 (Version: 1.48.49153)
NI HTTP Client 1.1 Real-Time Support (Version: 1.1.21.0)
NI HTTP Client 1.1.1 Real-Time Support (Version: 1.1.46.0)
NI I/O Trace API LV2010 (Version: 3.2.48.0)
NI I/O Trace API LV2012 (Version: 3.2.39.0)
NI IMAQ Vision for Measurement Studio Upgrade Manager (Version: 9.0.43.0)
NI Instrument I/O Assistant (Version: 2.6.15.0)
NI Instrument IO Assistant for LabVIEW 2010 32-bit (Version: 1.0.13.0)
NI Instrument IO Assistant for LabVIEW 2012 32-bit (Version: 1.0.24.0)
NI Instrument IO Assistant for LabVIEW 7.1 (Version: 2.0.207.0)
NI Instrument IO Assistant for LabVIEW 8.5 (Version: 1.0.9.0)
NI Instrument IO Assistant for LabVIEW 8.6 (Version: 1.0.18.0)
NI IO Trace 3.0.2 (Version: 3.2.768)
NI IVI Class Driver LabVIEW 2010 Support (Version: 4.30.49154)
NI IVI Class Driver LabVIEW 8.5 Support (Version: 4.30.49154)
NI IVI Class Driver LabVIEW 8.6 Support (Version: 4.30.49154)
NI IVI Class Drivers (Version: 6.30.49154)
NI IVI Class Simulation Drivers (Version: 4.30.49154)
NI IVI Compliance Package 4.3 (Version: 4.30.49154)
NI IVI Engine (Version: 134.30.49152)
NI IVI Online Help (Version: 4.30.49154)
NI IVI Provider for MAX (Version: 5.40.49186)
NI LabVIEW 2009 Help File (Version: 9.0.266.0)
NI LabVIEW 2009 Real-Time MSVS71 Support (Version: 9.0.188.0)
NI LabVIEW 2009 SP1 Run-Time Engine Web Services (Version: 9.0.234.0)
NI LabVIEW 2010 Database Connectivity Toolkit (Version: 10.0.225.0)
NI LabVIEW 2010 Database Connectivity Toolkit License (Version: 10.0.202.0)
NI LabVIEW 2010 FPGA Realtime Support (Version: 10.0.153.0)
NI LabVIEW 2010 LEGO MINDSTORMS NXT Module (Version: 10.0.10531.0)
NI LabVIEW 2010 Real-Time CPUInfo (Version: 10.0.143.0)
NI LabVIEW 2010 Real-Time Deployment Framework (Version: 10.0.188.0)
NI LabVIEW 2010 Real-Time Deterministic Network (Version: 10.0.142.0)
NI LabVIEW 2010 Real-Time FIFO (Version: 10.0.139.0)
NI LabVIEW 2010 Real-Time FTP Server (Version: 10.0.140.0)
NI LabVIEW 2010 Real-Time LabVIEW (Version: 10.0.192.0)
NI LabVIEW 2010 Real-Time Legacy Support (Version: 10.0.140.0)
NI LabVIEW 2010 Real-Time LV Support for cRIO (Version: 10.0.66.0)
NI LabVIEW 2010 Real-Time NBFifo (Version: 10.0.214.0)
NI LabVIEW 2010 Real-Time Pharlap Base (Version: 10.0.194.0)
NI LabVIEW 2010 Real-Time Pharlap LabVIEW (Version: 10.0.195.0)
NI LabVIEW 2010 Real-Time PortIO (Version: 10.0.137.0)
NI LabVIEW 2010 Real-Time Registry (Version: 10.0.140.0)
NI LabVIEW 2010 Real-Time Scan Engine (Version: 10.0.194.0)
NI LabVIEW 2010 Real-Time Service Locator (Version: 10.0.139.0)
NI LabVIEW 2010 Real-Time Shared Variable (Version: 10.0.139.0)
NI LabVIEW 2010 Real-Time Support for cRIO (Version: 10.0.208.0)
NI LabVIEW 2010 Real-Time Support for Desktop (Version: 10.0.195.0)
NI LabVIEW 2010 Real-Time Support for FieldPoint (Version: 10.0.193.0)
NI LabVIEW 2010 Real-Time Support for Hypervisor (Version: 10.0.194.0)
NI LabVIEW 2010 Real-Time Support for IMAQ (Version: 10.0.192.0)
NI LabVIEW 2010 Real-Time Support for Industrial Controllers (Version: 10.0.192.0)
NI LabVIEW 2010 Real-Time Support for PXI (Version: 10.0.194.0)
NI LabVIEW 2010 Real-Time System State Publisher Support (Version: 10.0.198.0)
NI LabVIEW 2010 Real-Time Target Clock (Version: 10.0.140.0)
NI LabVIEW 2010 Real-Time VxWorks Base (Version: 10.0.193.0)
NI LabVIEW 2010 Real-Time VxWorks Floating Point (Version: 10.0.112.0)
NI LabVIEW 2010 Real-Time VxWorks LabVIEW (Version: 10.0.192.0)
NI LabVIEW 2010 Scripting Code Generator (Version: 8.0.115.0)
NI LabVIEW 2010 Service Pack 1 (SP1) (Version: 10.1.101.0)
NI LabVIEW 2010 SP1 (Version: 10.1.97.0)
NI LabVIEW 2010 SP1 Deployable License (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 FPGA Dragonfli Comm (Version: 10.1.48.0)
NI LabVIEW 2010 SP1 FPGA Elemental IO Common (Version: 10.0.205.0)
NI LabVIEW 2010 SP1 FPGA Support for Host Analysis (Version: 10.0.132.0)
NI LabVIEW 2010 SP1 FPGA Support for Host Communication (Version: 10.0.213.0)
NI LabVIEW 2010 SP1 Help (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 Help File (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 Integer Math and Analysis (Version: 10.0.207.0)
NI LabVIEW 2010 SP1 License (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 Manuals (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 MeasAppChm File (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 Real-Time Deterministic Network (Version: 10.0.59.0)
NI LabVIEW 2010 SP1 Real-Time LabVIEW (Version: 10.0.87.0)
NI LabVIEW 2010 SP1 Real-Time LV Support for cRIO (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time MSVS90 Support (Version: 10.0.137.0)
NI LabVIEW 2010 SP1 Real-Time Pharlap Base (Version: 10.0.86.0)
NI LabVIEW 2010 SP1 Real-Time Pharlap LabVIEW (Version: 10.0.81.0)
NI LabVIEW 2010 SP1 Real-Time Support for cRIO (Version: 10.0.89.0)
NI LabVIEW 2010 SP1 Real-Time Support for Desktop (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time Support for FieldPoint (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time Support for Hypervisor (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time Support for IMAQ (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time Support for Industrial Controllers (Version: 10.0.85.0)
NI LabVIEW 2010 SP1 Real-Time Support for PXI (Version: 10.0.84.0)
NI LabVIEW 2010 SP1 Real-Time VxWorks Base (Version: 10.0.86.0)
NI LabVIEW 2010 SP1 Real-Time VxWorks LabVIEW (Version: 10.0.86.0)
NI LabVIEW 2010 SP1 Search (Version: 10.1.99.0)
NI LabVIEW 2010 SP1 Simulation (Version: 10.1.98.0)
NI LabVIEW 2010 SP1 Web Server (Version: 10.0.331.0)
NI LabVIEW 2011 Real-Time NBFifo (Version: 11.0.250.0)
NI LabVIEW 2012 Database Connectivity Toolkit (Version: 12.0.179.0)
NI LabVIEW 2012 Database Connectivity Toolkit License (Version: 12.0.181.0)
NI LabVIEW 2012 Help (Version: 12.1.51.0)
NI LabVIEW 2012 Help File (Version: 12.1.48.0)
NI LabVIEW 2012 LEGO MINDSTORMS NXT Module (Version: 12.0.123.0)
NI LabVIEW 2012 Manuals (Version: 12.1.51.0)
NI LabVIEW 2012 Real-Time Error Dialog (Version: 12.0.71.0)
NI LabVIEW 2012 Real-Time NBFifo (Version: 12.0.219.0)
NI LabVIEW 2012 Run-Time Engine Web Server (Version: 12.5.198.0)
NI LabVIEW 2012 Scripting Code Generator (Version: 8.0.247.0)
NI LabVIEW 2012 Search (Version: 12.0.4.0)
NI LabVIEW 2012 Simulation (Version: 12.0.359.0)
NI LabVIEW 2012 SP1 (32-bit) (Version: 12.1.104.0)
NI LabVIEW 2012 SP1 (32-bit) (Version: 12.1.53.0)
NI LabVIEW 2012 SP1 (Version: 12.1.51.0)
NI LabVIEW 2012 SP1 Deployable License (Version: 12.1.52.0)
NI LabVIEW 2012 SP1 Deployment Framework (Version: 12.0.463.0)
NI LabVIEW 2012 SP1 License (Version: 12.1.52.0)
NI LabVIEW 2012 SP1 MeasAppChm File (Version: 12.1.51.0)
NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (Version: 12.1.52.0)
NI LabVIEW 2012 SP1 Variable Web Service (Version: 12.1.51.0)
NI LabVIEW 2012 SP1 Web Server (Version: 12.5.198.0)
NI LabVIEW 7.1.1 Real-Time Update (Version: 7.1.2)
NI LabVIEW 8.5 Device Detection and Deployment Support (Version: 8.5.181.0)
NI LabVIEW 8.5 FPGA Realtime Support (Version: 8.5.108.0)
NI LabVIEW 8.5 Help File (Version: 8.5.283.0)
NI LabVIEW 8.5 License (Version: 8.5.227.0)
NI LabVIEW 8.5 MeasAppChm File (Version: 8.5.186.0)
NI LabVIEW 8.5 Real-Time Target Support Files (Version: 8.5.260.0)
NI LabVIEW 8.5 Simulation (Version: 8.5.290.0)
NI LabVIEW 8.5.1 (Version: 8.5.307.0)
NI LabVIEW 8.5.1 Applibs (Version: 8.5.312.0)
NI LabVIEW 8.5.1 CINtools (Version: 8.5.312.0)
NI LabVIEW 8.5.1 Examples (Version: 8.5.312.0)
NI LabVIEW 8.5.1 gMath (Version: 8.5.310.0)
NI LabVIEW 8.5.1 Help (Version: 8.5.271.0)
NI LabVIEW 8.5.1 iMath (Version: 8.5.309.0)
NI LabVIEW 8.5.1 Instr.lib (Version: 8.5.312.0)
NI LabVIEW 8.5.1 Manuals (Version: 8.5.458.0)
NI LabVIEW 8.5.1 Menus (Version: 8.5.312.0)
NI LabVIEW 8.5.1 Project (Version: 8.5.318.0)
NI LabVIEW 8.5.1 Real-Time cRIO 9014 Upgrade (Version: 8.5.11.0)
NI LabVIEW 8.5.1 Resource (Version: 8.5.238.0)
NI LabVIEW 8.5.1 Templates (Version: 8.5.310.0)
NI LabVIEW 8.5.1 User.lib (Version: 8.5.310.0)
NI LabVIEW 8.5.1 VI.lib (Version: 8.5.310.0)
NI LabVIEW 8.5.1 WWW (Version: 8.5.310.0)
NI LabVIEW 8.6 FPGA Elemental I_O Common (Version: 8.6.159.0)
NI LabVIEW 8.6 FPGA Realtime Support (Version: 8.6.38.0)
NI LabVIEW 8.6 Help (Version: 8.6.423.0)
NI LabVIEW 8.6 Help File (Version: 8.6.423.0)
NI LabVIEW 8.6 License (Version: 8.6.426.0)
NI LabVIEW 8.6 Manuals (Version: 8.6.422.0)
NI LabVIEW 8.6 MeasAppChm File (Version: 8.6.415.0)
NI LabVIEW 8.6 Real-Time LabVIEW (Version: 8.6.227.0)
NI LabVIEW 8.6 Real-Time LabVIEW (Version: 8.6.80.0)
NI LabVIEW 8.6 Real-Time Pharlap Base (Version: 8.6.227.0)
NI LabVIEW 8.6 Real-Time Pharlap Base (Version: 8.6.73.0)
NI LabVIEW 8.6 Real-Time Pharlap LabVIEW (Version: 8.6.227.0)
NI LabVIEW 8.6 Real-Time Support for cRIO (Version: 8.6.219.0)
NI LabVIEW 8.6 Real-Time Support for cRIO (Version: 8.6.81.0)
NI LabVIEW 8.6 Real-Time VxWorks  Base Support (Version: 8.6.227.0)
NI LabVIEW 8.6 Real-Time VxWorks  Base Support (Version: 8.6.81.0)
NI LabVIEW 8.6 Real-Time VxWorks LabVIEW (Version: 8.6.227.0)
NI LabVIEW 8.6 Real-Time VxWorks LabVIEW (Version: 8.6.80.0)
NI LabVIEW 8.6 Simulation (Version: 8.6.418.0)
NI LabVIEW 8.6.1 (Version: 8.6.422.0)
NI LabVIEW 8.6.1 Applibs (Version: 8.6.125.0)
NI LabVIEW 8.6.1 Application Builder (Version: 8.6.105.0)
NI LabVIEW 8.6.1 CINtools (Version: 8.6.445.0)
NI LabVIEW 8.6.1 Examples (Version: 8.6.444.0)
NI LabVIEW 8.6.1 FPGA Realtime Support (Version: 8.6.16.0)
NI LabVIEW 8.6.1 FPGA Support for Host Communication (Version: 8.6.197.0)
NI LabVIEW 8.6.1 gMath (Version: 8.6.169.0)
NI LabVIEW 8.6.1 iMath (Version: 8.6.433.0)
NI LabVIEW 8.6.1 Instr.lib (Version: 8.6.442.0)
NI LabVIEW 8.6.1 Integer Math and Analysis (Version: 8.6.199.0)
NI LabVIEW 8.6.1 Menus (Version: 8.6.442.0)
NI LabVIEW 8.6.1 Project (Version: 8.6.442.0)
NI LabVIEW 8.6.1 Resource (Version: 8.6.437.0)
NI LabVIEW 8.6.1 Templates (Version: 8.6.440.0)
NI LabVIEW 8.6.1 User.lib (Version: 8.6.441.0)
NI LabVIEW 8.6.1 VI.lib (Version: 8.6.436.0)
NI LabVIEW 8.6.1 WWW (Version: 8.6.434.0)
NI LabVIEW 8.6.1f1 Real-Time Pharlap LabVIEW (Version: 8.6.94.0)
NI LabVIEW Broker (Version: 6.8.10.0)
NI LabVIEW C Interface (Version: 1.0.1)
NI LabVIEW Compare Utility 12.0.0 (Version: 12.1.51.0)
NI LabVIEW Database Connectivity Toolkit 1.0.2 (Version: 1.0.2303.0)
NI LabVIEW Database Connectivity Toolkit 1.0.2 License (Version: 1.0.2285.0)
NI LabVIEW Deployable License 8.5.0 (Version: 8.5.233.0)
NI LabVIEW Deployable License 8.6.1 (Version: 8.6.429.0)
NI LabVIEW EWB DeviceHandler 2010 (Version: 4.0.202.0)
NI LabVIEW FPGA Elemental I_O Common (Version: 8.5.149.0)
NI LabVIEW FPGA Support for Host Communication (Version: 8.5.133.0)
NI LabVIEW Integer Math and Analysis (Version: 8.5.137.0)
NI LabVIEW MAX XML (Version: 9.0.6.0)
NI LabVIEW Merge Utility 2012 SP1 (Version: 12.1.51.0)
NI LabVIEW Real-Time FIFO for Runtime (Version: 8.2.74.0)
NI LabVIEW Real-Time FIFO for Runtime (Version: 8.5.264.0)
NI LabVIEW Real-Time NBFifo (Version: 8.6.348.0)
NI LabVIEW Real-Time NBFifo (Version: 9.0.319.0)
NI LabVIEW Real-Time Support for NI 17xx Series (Version: 8.5.244.0)
NI LabVIEW Run-Time Engine 2009 SP1 (Version: 9.0.1099.0)
NI LabVIEW Run-Time Engine 2010 SP1 (Version: 10.1.100.0)
NI LabVIEW Run-Time Engine 2011 SP1 (Version: 11.0.448.0)
NI LabVIEW Run-Time Engine 2012 SP1 (Version: 12.1.54.0)
NI LabVIEW Run-Time Engine 7.0 (Version: 7.0.5)
NI LabVIEW Run-Time Engine 7.1.1 (Version: 7.1.800)
NI LabVIEW Run-Time Engine 8.0.1 (Version: 8.0.812.0)
NI LabVIEW Run-Time Engine 8.2.1 (Version: 8.2.379.0)
NI LabVIEW Run-Time Engine 8.5.1 (Version: 8.5.313.0)
NI LabVIEW Run-Time Engine 8.6.1 (Version: 8.6.426.0)
NI LabVIEW Run-Time Engine Interop 2009 (Version: 9.0.170.0)
NI LabVIEW Run-Time Engine Interop 2010 (Version: 10.1.101.0)
NI LabVIEW Run-Time Engine Interop 2011 (Version: 11.0.449.0)
NI LabVIEW Run-Time Engine Interop 2012 SP1 (Version: 12.1.54.0)
NI LabVIEW SignalExpress 2010 (Version: 4.0.193.0)
NI LabVIEW SignalExpress 2010 Core (Version: 4.0.203.0)
NI LabVIEW SignalExpress 2010 Core LabVIEW 2010 Support (Version: 4.0.101.0)
NI LabVIEW SignalExpress 2010 Core LabVIEW Support (Version: 4.0.202.0)
NI LabVIEW SignalExpress 2010 Core LabVIEW85 Support (Version: 4.0.202.0)
NI LabVIEW SignalExpress 2010 Core LabVIEW86 Support (Version: 4.0.202.0)
NI LabVIEW SignalExpress 2010 Datatypes (Version: 4.0.191.0)
NI LabVIEW SignalExpress 2010 Datatypes LabVIEW 2010 Support (Version: 4.0.90.0)
NI LabVIEW SignalExpress 2010 Datatypes LabVIEW 8.5 Support (Version: 4.0.191.0)
NI LabVIEW SignalExpress 2010 Datatypes LabVIEW 8.6 Support (Version: 4.0.191.0)
NI LabVIEW SignalExpress 2010 LabVIEW 2010 Support (Version: 4.0.92.0)
NI LabVIEW SignalExpress 2010 LabVIEW 8.5 Support (Version: 4.0.195.0)
NI LabVIEW SignalExpress 2010 LabVIEW 8.6 Support (Version: 4.0.194.0)
NI LabVIEW SignalExpress 2010 LabVIEW Support (Version: 4.0.195.0)
NI LabVIEW SignalExpress 2010 Licenses (Version: 4.0.203.0)
NI LabVIEW SignalExpress 2010 Steps (Version: 4.0.195.0)
NI LabVIEW SignalExpress 2010 Tools (Version: 4.0.191.0)
NI LabVIEW TEDS Toolkit (Version: 1.51.49152)
NI LabVIEW Web Server (Version: 8.6.38.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 10.0.235.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 11.0.375.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 8.6.41.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 9.0.185.0)
NI LabVIEW Web Services Runtime (Version: 10.1.94.0)
NI LabVIEW Web Services Runtime (Version: 12.5.128.0)
NI LabVIEW Web Services Runtime (Version: 8.6.48.0)
NI LabWindows/CVI 2010 LabVIEW DLL Builder (Version: 10.0.0360)
NI LabWindows/CVI 2010 SP1 Analysis Library (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Code Generator (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Network Variable Library (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 TDM Streaming Library (Version: 10.0.1434)
NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) (Version: 10.0.1434)
NI LabWindows/CVI Run-Time Engine 2010 SP1 (Version: 10.0.1434)
NI Launcher (Version: 3.11.177)
NI Legacy DAQmxRF (Version: 1.30.49155)
NI LibiConv 2010 (Version: 10.0.194.0)
NI License Manager (Version: 3.7.50)
NI Light Weight PSP Control Environment (Version: 8.6.26.0)
NI Logos 5.4 (Version: 5.4.350.0)
NI Logos LabVIEW 2010 Support (Version: 10.1.98.0)
NI Logos LabVIEW 2012 Support (Version: 12.1.51.0)
NI Logos LabVIEW 8.5.1 Support (Version: 8.5.295.0)
NI Logos LabVIEW 8.6 Support (Version: 8.6.426.0)
NI Logos Support for LabVIEW 2010 Real-Time (Version: 10.0.21.0)
NI Logos Support for LabVIEW 2010 Real-Time (Version: 10.0.4.0)
NI Logos Support for LabVIEW Real-Time (Version: 8.2.97.0)
NI Logos Support for LabVIEW Real-Time (Version: 8.5.52.0)
NI Logos Support for LabVIEW Real-Time (Version: 8.6.11.0)
NI Logos Support for LabVIEW Real-Time (Version: 8.6.5.0)
NI Logos Support for LabVIEW SP1 Real-Time (Version: 9.1.6.0)
NI Logos XT Support (Version: 5.4.342.0)
NI Logos XT Support for LabVIEW 2010 Real-Time (Version: 10.0.20.0)
NI Logos XT Support for LabVIEW 2010 Real-Time (Version: 10.0.5.0)
NI Logos XT Support for LabVIEW Real-Time (Version: 8.5.44.0)
NI Logos XT Support for LabVIEW Real-Time (Version: 8.6.11.0)
NI Logos XT Support for LabVIEW Real-Time (Version: 8.6.5.0)
NI Logos XT Support for LabVIEW SP1 Real-Time (Version: 9.1.6.0)
NI LVBrokerAux 8.2.1 (Version: 8.2.303.0)
NI LVBrokerAux 8.5.0 (Version: 8.5.183.0)
NI LVBrokerAux 8.6.0 (Version: 8.6.342.0)
NI LVBrokerAux1071 (Version: 1.0.116)
NI LVBrokerAux71 (Version: 1.0.113)
NI LVBrokerAux8.0 (Version: 8.3000.5.0)
NI Math Kernel Libraries (Version: 1.0.10.0)
NI Math Kernel Libraries (Version: 1.0.25.0)
NI Math Kernel Libraries (Version: 1.0.28.0)
NI Math Kernel Libraries (Version: 1.0.861.0)
NI MAX LabVIEW Support (Version: 4.5.01247)
NI MAX Remote Configuration Installer 5.4 (Version: 5.40.49152)
NI MDF Support (Version: 3.11.177)
NI mDNS Responder 1.3 for LabVIEW Real-Time (Version: 1.30.49157)
NI mDNS Responder 1.4 for LabVIEW Real-Time (Version: 1.40.49154)
NI mDNS Responder 2.1.1 (Version: 2.11.49152)
NI mDNS Responder 2.1.1 for LabVIEW Real-Time (Version: 2.11.49152)
NI Measurement & Automation Explorer 5.4.0 (Version: 5.40.49152)
NI Measurement Studio 8.1 Enterprise RunTime for VS2005 (Version: 8.5.00220)
NI Measurement Studio 8.6 Enterprise RunTime for VS2005 (Version: 8.6.10466)
NI Measurement Studio Common .NET Assemblies for .NET 2.0 (Version: 9.1.00414)
NI Measurement Studio Common .NET Assemblies for .NET 3.5 and VS2008 (Version: 13.0.00188)
NI Measurement Studio DAQmx for Visual Studio 2005 (Version: 6.00.49152)
NI Measurement Studio DAQmx for Visual Studio 2008 (Version: 6.00.49152)
NI Measurement Studio GPIB Support for VS2005 (Version: 9.0.00157)
NI Measurement Studio GPIB Support for VS2008 (Version: 9.0.00157)
NI Measurement Studio MAX Configuration Support for VS2005 (Version: 8.9.00111)
NI Measurement Studio MAX Configuration Support for VS2008 (Version: 8.9.00111)
NI Measurement Studio Recipe Processor (Version: 8.0.0101)
NI Measurement Studio VISA Support for VS2005 (Version: 9.0.00156)
NI Measurement Studio VISA Support for VS2008 (Version: 13.0.00167)
NI MetaSuite Installer (Version: 3.11.177)
NI MIO Device Drivers 2.4.5 (Version: 2.45.49153)
NI ModInst 1.5.2 (Version: 1.52.49153)
NI MXS 4.4.0f0 for LabVIEW Real-Time (Version: 4.40.49152)
NI MXS 4.5.0f0 for LabVIEW Real-Time (Version: 4.50.49152)
NI MXS 4.7.0f0 for LabVIEW Real-Time (Version: 4.70.49152)
NI MXS 5.4.0 (Version: 5.40.49152)
NI MXS 5.4.0f0 for LabVIEW Real-Time (Version: 5.40.49152)
NI Network Browser 32-bit 1.1.0 (Version: 1.10.56.0)
NI Network Discovery 5.4 (Version: 5.40.49152)
NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support (Version: 11.0.302.0)
NI OCR Upgrade Manager (Version: 9.0.43.0)
NI OPC Support (Version: 12.0.295.0)
NI Portable Configuration 5.3.0 (Version: 5.30.49152)
NI PXI DIH 1.2.1 for Phar Lap ETS (Version: 1.21.49152)
NI PXI DIH 1.3.0 for Phar Lap ETS (Version: 1.30.49152)
NI PXI Platform Framework 1.0.1 for Phar Lap ETS (Version: 1.01.49152)
NI PXI Platform Framework 1.3.0 for Phar Lap ETS (Version: 1.30.49152)
NI PXI Platform Framework 1.6.2 (Version: 1.62.49152)
NI PXI Platform Framework 1.6.2 for Phar Lap ETS (Version: 1.62.49152)
NI PXI Platform Services 2.4.2 Expert for LabVIEW Real-Time (Version: 2.42.49155)
NI PXI Platform Services 2.4.2 for LabVIEW Real-Time (Version: 2.42.49155)
NI PXI Platform Services 2.5.6 Expert for LabVIEW Real-Time (Version: 2.56.49152)
NI PXI Platform Services 2.5.6 for LabVIEW Real-Time (Version: 2.56.49152)
NI PXI Platform Services 3.2.1 (Version: 3.21.49152)
NI PXI Platform Services 3.2.1 Configuration Support (Version: 3.21.49152)
NI PXI Platform Services 3.2.1 Expert (Version: 3.21.49152)
NI PXI Platform Services 3.2.1 Expert for LabVIEW Real-Time (Version: 3.21.49152)
NI PXI Platform Services 3.2.1 for LabVIEW Real-Time (Version: 3.21.49152)
NI PXI Platform Services for LabVIEW Real-Time 2.3.1 (Version: 2.31.49152)
NI PXI Platform Services for LabVIEW Real-Time 2.3.2 (Version: 2.32.49152)
NI PXI SystemAPI Expert 3.2.1 (Version: 3.21.49152)
NI PXI-5660 Support (Version: 1.70.49152)
NI R Series 3.6.0 (Version: 3.6.00211)
NI R Series LabVIEW 2010 Support (Version: 3.6.00211)
NI R Series LabVIEW 8.5 Support (Version: 3.0.00188)
NI R Series LabVIEW 8.6 Support (Version: 3.1.00102)
NI R Series support for Real-Time Embedded Targets (Version: 0.9.00188)
NI Real-Time Device Manager (Version: 1.00.49153)
NI Real-Time Device Manager (Version: 1.10.49152)
NI Registration Wizard (Version: 1.3.94.0)
NI Remote Provider for MAX 5.4.0 (Version: 5.40.49152)
NI Remote PXI Provider for MAX 5.3.0 (Version: 5.30.49152)
NI Script Editor 1.3.2 (Version: 1.32.49152)
NI SCXI 1.13.5 (Version: 1.135.49152)
NI Search Shared (Version: 12.0.5.0)
NI SLCP 1.0 (Version: 1.0.63.0)
NI Smart Camera Remote Provider (Version: 10.0.13.0)
NI Software Provider for MAX 5.3.0 (Version: 5.30.49152)
NI Sound and Vibration Frequency Analysis 2010 (Version: 10.0.85.0)
NI Sound and Vibration Frequency Analysis LabVIEW 2010 Support (Version: 10.0.43.0)
NI Sound and Vibration Frequency Analysis LabVIEW 8.5 Support (Version: 10.0.60.0)
NI Sound and Vibration Frequency Analysis LabVIEW 8.6 Support (Version: 10.0.62.0)
NI Spy API LV85 (Version: 2.7.72.0)
NI Spy API LV86 (Version: 2.7.72.0)
NI SSL LabVIEW 2010 Support (Version: 10.0.305.0)
NI SSL LabVIEW 2012 SP1 Support (Version: 12.5.198.0)
NI SSL LabVIEW RTE 2012 SP1 Support (Version: 12.5.8.0)
NI SSL Support (Version: 12.5.199.0)
NI STC 1.8.0 (Version: 1.80.49152)
NI System API Client for WIF 5.4.0 (Version: 5.40.215.0)
NI System API RT 1.1.0 (Version: 1.10.543.0)
NI System API RT 1.1.2 (Version: 1.12.12.0)
NI System API RT 1.1.6 (Version: 1.16.56.0)
NI System API RT 5.4.0 (Version: 5.40.203.0)
NI System API Web-Servce 32-bit 5.4.0 (Version: 5.40.236.0)
NI System API Windows 32-bit 5.4.0 (Version: 5.40.220.0)
NI System Configuration 1.1.0 for Real-Time (Version: 1.10.271.0)
NI System Configuration 1.1.3 for Real-Time (Version: 1.13.13.0)
NI System Configuration 5.4.0 LabVIEW Support (Version: 5.40.79.0)
NI System Configuration LV2010 1.1.3 (Version: 1.13.7.0)
NI System Configuration LV2010 Support 5.4.0 (Version: 5.40.79.0)
NI System Configuration LV2012 Support 5.4.0 (Version: 5.40.76.0)
NI System Configuration LV85 1.1.3 (Version: 1.13.7.0)
NI System Configuration LV86 1.1.3 (Version: 1.13.7.0)
NI System Configuration Runtime 5.4.0 (Version: 5.40.108.0)
NI System Monitor 3.2.1 (Version: 3.21.49152)
NI System State Publisher (Version: 12.0.446.0)
NI System Web Server 12.0 (Version: 12.5.199.0)
NI System Web Server Base 12.5.0 (Version: 12.5.198.0)
NI System Web Server Real-Time 2010 SP1 Support (Version: 1.1.59.0)
NI System Web Server Real-Time 2010 Support (Version: 1.0.100.0)
NI TDM Excel Add-In 3.4 (Version: 3.4.19.0)
NI TDM Streaming 2.4 (Version: 2.4.55.0)
NI TDMS RT (Version: 1.1.18.0)
NI TDMS RT (Version: 1.2.365.0)
NI TDMS RT 2.0.2 (Version: 2.0.6.0)
NI TDMS RT 2.0.5 (Version: 2.0.158.0)
NI TDMS RT 2.2.1 (Version: 2.2.9.0)
NI TDMS RT 2.2.2 (Version: 2.2.5.0)
NI TDMS RT_20 (Version: 2.0.170.0)
NI Time Configuration Silverlight Control 1.0.6 for Real-Time (Version: 1.6.11.0)
NI Timing Installer 2.1.0 (Version: 2.10.49152)
NI Trace Engine (Version: 12.0.401.0)
NI TraceEngine LabVIEW 2010 Real-Time (Version: 10.0.170.0)
NI Uninstaller (Version: 3.11.177)
NI Update Service 2.2.5 (Version: 2.25.79)
NI USI 2.0.0 (Version: 2.0.04901)
NI Variable Engine 2.6.0 (Version: 2.6.296.0)
NI Variable Engine LabVIEW 2010 Support (Version: 10.1.98.0)
NI Variable Engine LabVIEW 2012 Support (Version: 12.1.51.0)
NI Variable Engine LabVIEW 8.5.1 Support (Version: 8.5.294.0)
NI Variable Engine LabVIEW 8.6 Support (Version: 8.6.426.0)
NI Variable Manager (Version: 8.5.248.0)
NI VC2005MSMs x86 (Version: 8.05.0)
NI VC2008MSMs x86 (Version: 9.0.401)
NI VC2010SP1MSMs x86 (Version: 10.0.100)
NI VIPM Helper 2012 (Version: 12.0.211.0)
NI Vision .NET 2012 SP1 (Version: 12.10.33.0)
NI Vision .NET Run-Time Engine 2012 SP1 (Version: 12.10.37.0)
NI Vision 2012 SP1 (Version: 12.10.33.0)
NI Vision Acquisition Express VI (Version: 10.0.23.0)
NI Vision Acquisition Express VI LabVIEW 2010 (Version: 10.0.25.0)
NI Vision Assistant 2012 SP1 (Version: 12.10.33.0)
NI Vision Assistant 2012 SP1 .NET (Version: 12.10.33.0)
NI Vision Assistant 8.5 (Version: 8.5.0)
NI Vision Assistant 8.6 (Version: 8.6.0)
NI Vision Common Resources 2012 SP1 (Version: 12.10.35.0)
NI Vision Run-Time Engine 2012 SP1 (Version: 12.10.37.0)
NI Web Application Server 12.0 (Version: 12.5.198.0)
NI Web Interface Framework 1.0 for Real-Time (Version: 1.0.105.0)
NI Web Interface Framework 1.1.0 for Real-Time (Version: 1.1.57.0)
NI Web Interface Framework 2012 (Version: 12.5.138.0)
NI Web Pipeline 2.0.1 (Version: 2.0.128.0)
NI WebServer Support for LabVIEW 2010 Real-Time (Version: 10.0.171.0)
NI WebServer Support for LabVIEW 2010 SP1 Real-Time (Version: 10.0.55.0)
NI WebServices Runtime Support for LabVIEW 2010 Real-Time (Version: 10.0.171.0)
NI WebServices Runtime Support for LabVIEW 2010 Real-Time (Version: 10.0.56.0)
NI Xalan Delay Load 1.10.2 (Version: 1.10.72.0)
NI Xerces Delay Load 2.7.3 (Version: 2.7.180.0)
NI-1588 Configuration 1.0 LabVIEW Real-Time Support (Version: 0.0.119.0)
NI-488.2 2.6 for LabVIEW Real-Time (Version: 2.60.49153)
NI-488.2 2.7.3 for LabVIEW Real-Time (Version: 2.73.49152)
NI-488.2 2.8.1 (Version: 2.81.49155)
NI-488.2 2.8.1 for LabVIEW Real-Time (Version: 2.81.49153)
NI-488.2 Provider for MAX version 2.8.1 (Version: 2.81.49155)
NI-653x Installer 1.9.2 (Version: 1.92.49152)
NI-APAL 2.0.1 Error Files for LabVIEW RT (Version: 2.01.49152)
NI-APAL 2.2.1 Error Files (Version: 2.21.49152)
NI-APAL 2.2.1 Error Files for LabVIEW RT (Version: 2.21.49152)
NI-BROADCOM57XX 2.1.0f1 for Phar Lap ETS (Version: 2.10.49154)
NI-BROADCOM57XX for Phar Lap ETS (Version: 3.0.24.0)
NI-CAN 2.7.1 ADE Support Files (Version: 2.7.7169)
NI-CAN 2.7.2 (Version: 2.7.11266)
NI-CAN Driver Files (Version: 2.7.11264)
NI-CAN Provider for MAX (Version: 2.7.7168)
NI-CAN: Shared LV code (Version: 1.1.3072)
NI-DAQ C and VB6 API 2.1.0 (Version: 2.10.49152)
NI-DAQ Document Set 9.2.3 (Version: 9.23.49152)
NI-DAQ INF Files 19.2.3 (Version: 19.23.3000)
NI-DAQ Provider for MAX (Version: 7.44.3007)
NI-DAQmx 9.1.5 (Version: 9.15.49153)
NI-DAQmx ADE Support 9.1.5 (Version: 9.15.49153)
NI-DAQmx Documentation 9.1.5 (Version: 9.15.49152)
NI-DAQmx MAX Configuration Support 9.1.5 (Version: 9.15.49153)
NI-DAQmx support for LabVIEW 1.14.0 (Version: 1.140.49155)
NI-DAQmx support for LabVIEW RT and LabWindows/CVI RT 9.1.5 (Version: 9.15.49152)
NI-DAQmx Switch Core 2.0.1 (Version: 2.01.49152)
NI-DAQmx/LabVIEW shared documentation 9.5.5 (Version: 9.55.49152)
NI-DCPower 1.4.1 (Version: 1.41.49153)
NI-DIM 1.11.0f0 for Phar Lap ETS (Version: 1.110.49152)
NI-DIM 1.13.0f0 (Version: 1.130.49152)
NI-DIM 1.13.0f0 for Phar Lap ETS (Version: 1.130.49152)
NI-DIM 1.7.0f0 for Phar Lap ETS (Version: 1.70.49152)
NI-DIM 1.8.0f0 for Phar Lap ETS (Version: 1.80.49152)
NI-DIM 1.9.0f0 for Phar Lap ETS (Version: 1.90.49152)
NI-DIM 1.9.0f0 for Phar Lap ETS (Version: 1.92.49152)
NI-DIO Driver 1.7.4f2 (Version: 1.74.49154)
NI-DMM 3.0.4 (Version: 3.04.49152)
NI-DNET 1.6.5 (Version: 1.6.23552)
NI-FGEN 2.7.4 (Version: 2.74.49153)
NI-FGEN Driver 1.7.4f1 (Version: 1.74.49153)
NI-FieldPoint for LabVIEW Real-Time 6.0.2 (Version: 6.0.4103)
NI-FieldPoint for LabVIEW Real-Time 6.0.4 (Version: 6.0.4139)
NI-HSD Driver 1.11.0f8 (Version: 1.110.49160)
NI-HSDIO 1.7.4 (Version: 1.74.49155)
NI-IMAQ .NET Support (Version: 4.50.28.0)
NI-IMAQ 32-bit Driver Support (Version: 4.50.28.0)
NI-IMAQ 4.5 (Version: 4.50.28.0)
NI-IMAQ Camera Files (Version: 4.50.31.0)
NI-IMAQ Configuration 3.0.1 (Version: 3.1.13.0)
NI-IMAQ LabVIEW 2010 Examples for NI FlexRIO (Version: 1.1.5.0)
NI-IMAQ Provider for MAX (Version: 3.0.0)
NI-IMAQ Support for NI FlexRIO (Version: 1.1.9.0)
NI-Intel1000e for LabVIEW Real-Time (Version: 1.0.13.0)
NI-Intel8254x for LabVIEW Real-Time (Version: 2.30.14.0)
NI-Intel8254x for LabVIEW Real-Time (Version: 3.0.16.0)
NI-Intel8254x for LabVIEW Real-Time (Version: 3.1.4.0)
NI-INTEL8255X 2.1.0f0 for Phar Lap ETS (Version: 2.10.49152)
NI-Intel8255x for LabVIEW Real-Time (Version: 2.4.7.0)
NI-Intel8255x for LabVIEW Real-Time (Version: 3.0.7.0)
NI-MDBG 1.10.0f0 for Phar Lap ETS (Version: 1.100.49152)
NI-MDBG 1.7.0f0 for Phar Lap ETS (Version: 1.70.49152)
NI-MDBG 1.8.0f0 for Phar Lap ETS (Version: 1.80.49152)
NI-MDBG 1.9.0f0 for Phar Lap ETS (Version: 1.90.49152)
NI-MDBG 3.0.0f0 (Version: 3.00.49152)
NI-MDBG 3.0.0f0 for Phar Lap ETS (Version: 3.00.49152)
NI-Mesa (Version: 12.0.7.0)
NI-Motion 8.2 (Version: 08.20.3004)
NI-Motion 8.2 FX Development (Version: 08.20.3006)
NI-Motion MAX Provider 8.2 (Version: 08.20.3003)
NI-MRU 2.10.0f0 for Phar Lap ETS (Version: 2.100.49152)
NI-MRU 2.11.1f0 (Version: 2.112.49152)
NI-MRU 2.11.1f0 for Phar Lap ETS (Version: 2.112.49152)
NI-MX Expert Framework 2.5.0 (Version: 2.50.49152)
NI-MXDF 1.10.0f0 for Phar Lap ETS (Version: 1.100.49152)
NI-MXDF 1.11.5f1 for Phar Lap ETS (Version: 1.115.49153)
NI-MXDF 1.8.0f0 for Phar Lap ETS (Version: 1.80.49152)
NI-MXDF 1.9.0f0 for Phar Lap ETS (Version: 1.90.49152)
NI-MXDF 3.0.0f0 (Version: 3.00.49152)
NI-MXDF 3.0.0f0 for Phar Lap ETS (Version: 3.00.49152)
NI-MXLC Core (32-bit) (Version: 1.35.39.0)
NI-MXLC LabVIEW 2009 Support (Version: 1.35.40.0)
NI-MXLC LabVIEW 2010 Support (Version: 1.35.40.0)
NI-MXLC LabVIEW 8.5 Support (Version: 1.35.40.0)
NI-MXLC LabVIEW 8.6 Support (Version: 1.35.40.0)
NI-NVIDIA Gigabit Ethernet Driver for LabVIEW Real-Time (Version: 3.0.9.0)
NI-ORB 1.7.0f0 for Phar Lap ETS (Version: 1.70.49152)
NI-ORB 1.8.0f0 for Phar Lap ETS (Version: 1.80.49152)
NI-ORB 1.9.0f0 for Phar Lap ETS (Version: 1.90.49152)
NI-ORB 1.9.3f0 for Phar Lap ETS (Version: 1.94.49152)
NI-ORB 3.0 (Version: 3.00.49152)
NI-ORB 3.0 for LabVIEW Real-Time (Version: 3.00.49152)
NI-P2P 1.1.0 (Version: 1.10.49152)
NI-P2P 1.1.0 Support for LabVIEW 2010 (32-bit) (Version: 1.10.49152)
NI-P2P 1.1.0 Support for LabVIEW Real-Time (Version: 1.10.49152)
NI-PAL 2.1.0f1 for Phar Lap ETS (Version: 10.20.49153)
NI-PAL 2.2.0f0 for Phar Lap ETS (Version: 10.30.49152)
NI-PAL 2.3.0f0 for Phar Lap ETS (Version: 10.40.49153)
NI-PAL 2.4.0f0 for Phar Lap ETS (Version: 10.50.49152)
NI-PAL 2.5.3f0 for Phar Lap ETS (Version: 10.63.49152)
NI-PAL 2.5.4f0 for Phar Lap ETS (Version: 10.64.49152)
NI-PAL 2.6.2f0 for Phar Lap ETS (Version: 10.72.49152)
NI-PAL 2.6.3f0 for Phar Lap ETS (Version: 10.73.49152)
NI-PAL 2.9.1 Error Files (Version: 2.91.49152)
NI-PAL 2.9.1 Error Files for LabVIEW RT (Version: 2.91.49152)
NI-PAL 2.9.1f0 (Version: 10.101.49152)
NI-PAL 2.9.1f0 for Phar Lap ETS (Version: 10.101.49152)
NI-PCNET Ethernet Driver for LabVIEW Real-Time (Version: 1.0.19.0)
NI-RFSA 2.3.2 (Version: 2.32.49152)
NI-RFSG 1.6.4 (Version: 1.64.49152)
NI-RIO 2.3.0 driver for Real-Time Embedded Targets (Version: 3.41.00165)
NI-RIO 3.0.0 driver for Real-Time Embedded Targets (Version: 3.100.00188)
NI-RIO 3.1.0 driver for Real-Time Embedded Targets (Version: 3.101.00102)
NI-RIO 3.5.0 driver for Real-Time Embedded Targets (Version: 3.150.00235)
NI-RIO 3.6.0 (Version: 3.106.00213)
NI-RIO 3.6.0 Driver for Real-Time Embedded Targets (Version: 3.160.00211)
NI-RIO Common Files for LabVIEW 2010 (Version: 3.6.00213)
NI-RIO Common Files for LabVIEW 8.5 (Version: 3.5.00235)
NI-RIO Common Files for LabVIEW 8.6 (Version: 3.1.00214)
NI-RIO for 32-bit Windows (Version: 3.6.00213)
NI-RIO I/O Control for LabVIEW 2009 (Version: 3.3.00089)
NI-RIO I/O Control for LabVIEW 2010 (Version: 3.6.00213)
NI-RIO I/O Control for LabVIEW 8.5 (Version: 2.4.00126)
NI-RIO I/O Control for LabVIEW 8.6 (Version: 3.1.00214)
NI-RIO Scan Interface 1.6.0 for Real-Time Embedded Targets (Version: 1.60.00211)
NI-RIO Scan Interface for Real-Time Embedded Targets (Version: 1.0.00188)
NI-RIO Scan Interface for Real-Time Embedded Targets (Version: 1.1.00102)
NI-RIO Scan Interface for Real-Time Embedded Targets (Version: 1.50.00235)
NI-RIO Utilities (Version: 3.6.00213)
NI-RPC 3.4.0f1 for Phar Lap ETS (Version: 3.40.49153)
NI-RPC 3.4.1f0 for Phar Lap ETS (Version: 3.41.49152)
NI-RPC 4.0.0f0 for Phar Lap ETS (Version: 4.00.49153)
NI-RPC 4.2.0f0 for Phar Lap ETS (Version: 4.20.49152)
NI-RPC 4.3.0f0 (Version: 4.30.49152)
NI-RPC 4.3.0f0 for Phar Lap ETS (Version: 4.30.49152)
NI-SCOPE 3.6.2 (Version: 3.62.49153)
NI-Serial 3.3 for LabVIEW Real-Time (Version: 3.3.03002)
NI-Serial 3.3.2 for LabVIEW Real-Time (Version: 3.32.49152)
NI-Serial 3.3.3 for LabVIEW Real-Time (Version: 3.33.49152)
NI-Serial 3.5.2 for LabVIEW Real-Time (Version: 3.52.49152)
NI-Serial 3.6 for LabVIEW Real-Time (Version: 3.60.49153)
NI-Serial 3.7 for LabVIEW Real-Time (Version: 3.70.49152)
NI-Serial 3.9.1 (Version: 3.91.49153)
NI-Serial 3.9.1 for LabVIEW Real-Time (Version: 3.91.49153)
NI-Serial 3.9.1 MAX Provider (Version: 3.91.49153)
NI-SMC9 1.2.0f0 for Phar Lap ETS (Version: 1.20.49152)
NI-STE10/100A 2.1.0f2 for Phar Lap ETS (Version: 2.10.49154)
NI-STE10/100A for Phar Lap ETS (Version: 2.4.4.0)
NI-STE10/100A for Phar Lap ETS (Version: 3.0.6.0)
NI-SWITCH 4.1 (Version: 4.10.49153)
NI-Sync 3.2.2 (Version: 3.22.49155)
NI-Sync for LabVIEW Real-Time 3.2.2 (Version: 3.22.49152)
NI-TClk 1.8.1 (Version: 1.81.49153)
NI-TNF 1.4.1f0 for Phar Lap ETS (Version: 1.41.49152)
NI-TNF 1.4.2f0 for Phar Lap ETS (Version: 1.42.49153)
NI-TNR Driver (Version: 2.62.49152)
NI-TSU 1.3.0f0 for Phar Lap ETS (Version: 1.30.49153)
NI-TSU 1.3.1f0 (Version: 1.31.49152)
NI-TSU 1.3.1f0 for Phar Lap ETS (Version: 1.31.49152)
NI-Tuner 1.7 (Version: 1.70.49152)
NI-VISA 4.2 for LabVIEW Real-Time (Version: 4.32.769)
NI-VISA 4.3 for LabVIEW Real-Time (Version: 4.48.769)
NI-VISA 4.4 for LabVIEW Real-Time (Version: 4.64.768)
NI-VISA 5.0.0 for LabVIEW Real-Time (Version: 5.00.49152)
NI-VISA 5.2.0 MAX Provider (Version: 5.20.49152)
NI-VISA 5.3.0 (Version: 5.30.49152)
NI-VISA 5.3.0 for LabVIEW Real-Time (Version: 5.30.49152)
NI-VISA GPIB-VXI (Legacy) Passport 5.3.0 (Version: 5.30.49152)
NI-VISA Runtime 5.3.0 (Version: 5.30.49152)
NI-VISA Server 5.3.0 (Version: 5.30.49152)
NI-WatchDog 4.1 for LabVIEW Real-Time (Version: 4.1.34.0)
NI-WatchDog 5.0 for LabVIEW Real-Time (Version: 5.0.10.0)
NI-WatchDog for LabVIEW Real-Time 2.2.1 (Version: 2.2.3.0)
NI-WatchDog for LabVIEW Real-Time 3.0 (Version: 3.0.29.0)
NI-WatchDog for LabVIEW Real-Time 3.0.1 (Version: 3.0.15.0)
NI-WatchDog Host 5.0 (Version: 5.0.15.0)
NI-WatchDog LabVIEW 2010 Support (Version: 5.0.15.0)
NI-WatchDog LabVIEW 8.5 Support (Version: 5.0.15.0)
NI-WatchDog LabVIEW 8.6 Support (Version: 5.0.15.0)
NI-XNET 1.1.1 (Version: 1.11.49154)
NI-XNET 1.1.1 ADE Support Files (Version: 1.11.49154)
NI-XNET 1.1.1 Driver Files (Version: 1.11.49154)
Notepad++ (Version: 5.6.6)
NVIDIA Drivers
ODC1202-Tool-V316 (Version: 3.16)
OpenVPN 2.1_rc7 (Version: 2.1_rc7)
PL-2303 USB-to-Serial (Version: 1.00.000)
PowerDVD (Version: 7.0)
ProtectDisc Helper Driver 10 (Version: 10.0.0.3)
PTC_ControlsLV LabVIEW Library (Version: 3.0.0)
Quicken 2007 - Modul Tipps und Tricks (Version: 14)
Quicken 2007 - ServicePack 3 (Version: 14.08.1108)
Quicken 2007 (Version: 14.00.0001)
Quicken Import Export Server 2007 (Version: 14.0.1.1)
Quicken Import Export Server Jubiläumsversion (Version: 20.30.00.0099)
Quicken Jubiläumsversion (Version: 20.31.00.0108)
QuickSet (Version: 8.2.20)
QuickTime (Version: 7.62.14.0)
Reset NI Config 5.0.0 (Version: 5.0.146.0)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio Update Manager (Version: 3.0.0)
s25atonce 3.8.1 (Version: 3.8.1)
Samsung SCX-6x20 Series
Sartorius ServiceSW H8S (Version: 1.1.13)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.5 (Version: 6.5.158)
SolidWorks eDrawings 2012 (Version: 12.4.108)
Soloist (Version: 4.1.2.2)
Sonic Activation Module (Version: 1.0)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Spider Solitaire (Version: 1.4.0)
Spybot - Search & Destroy (Version: 1.6.2)
Steuer Hilfesammlung (Version: 15.0.0.0)
Steuer Update 15.09 (Version: 15.09)
steuern sparen 2010 (Version: 15.11)
Steuer-Software 2013 (Version: 18.09)
TACO - Tixi AT-Console
TeamViewer 5 (Version: 5.1.9385 )
TeamViewer 6 (Version: 6.0.13992)
Texas Instruments TUSB3410 drivers. (Version: 1.08.0000)
TortoiseSVN 1.6.5.16974 (32 bit) (Version: 1.6.16974)
Traditional NI-DAQ 7.4.4 (Legacy) (Version: 7.44.3007)
Traditional NI-DAQ Documentation (Version: 1.07.49152)
TUSB3410 (Version: 1.08.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Verbindungsassistent (Version: 2.1)
VISA Shared Components (Version: 1.5)
VISA Shared Components (Version: 1.5.0)
Vista Profile Pack (Version: 2.0.13.0)
VLC media player 1.1.2 (Version: 1.1.2)
WayCon eddyLAB 1.0.2 (Version: 1.0.2)
web'n'walk Manager (Version: 2.5.0.68)
WIF Core Dependencies RT 1.0.6 (Version: 1.6.20.0)
WIF Core Dependencies Windows 5.4.0 (Version: 5.40.69.0)
WinDirStat 1.1.2
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Small Business Server 2011 Standard ClientAgent (Version: 6.1.7900.1)
Windows-Treiberpaket - MATRIX VISION GmbH (mvBlueFOX2) Image  (05/10/2012 1.0.4.5) (Version: 05/10/2012 1.0.4.5)
WinX DVD Ripper 5.5.9
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303)

==================== Restore Points  =========================

27-05-2013 09:50:04 Geplanter Prüfpunkt
29-05-2013 07:12:51 Geplanter Prüfpunkt
31-05-2013 11:41:00 Geplanter Prüfpunkt
07-06-2013 11:55:21 Geplanter Prüfpunkt
10-06-2013 08:42:46 Geplanter Prüfpunkt
11-06-2013 16:43:35 Installiert uEye
11-06-2013 16:43:58 Installiert uEye
13-06-2013 01:00:38 Windows Update
14-06-2013 20:37:22 Geplanter Prüfpunkt
17-06-2013 09:13:12 Geplanter Prüfpunkt
17-06-2013 11:04:08 Gerätetreiber-Paketinstallation: MARX CryptoTech LP USB-Controller
17-06-2013 11:04:42 Gerätetreiber-Paketinstallation: MARX CryptoTech LP USB-Controller
19-06-2013 05:00:57 Geplanter Prüfpunkt
19-06-2013 07:37:21 Konfiguriert Steuer 2008
19-06-2013 07:38:05 Entfernt Steuer 2008
19-06-2013 07:40:00 Entfernt WISO Steuer-Sparbuch 2011
21-06-2013 08:59:21 Geplanter Prüfpunkt
24-06-2013 07:50:09 Geplanter Prüfpunkt

==================== Scheduled Tasks (whitelisted) =============

Task: {02993FDB-F970-407F-944C-DB0E8C076318} - System32\Tasks\Launch App As Interactive User => \\abo\SYSVOL\ica.lan\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\USER\Scripts\Logon\mapdrives.cmd No File
Task: {12643DC9-524C-4555-B62C-02C5964D5096} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1196136551-4263953143-3689658542-1003 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {149244A9-CDCD-4ED1-A992-18E82906AE2A} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3583648192-2357320158-4007192304-1118 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {75F96777-818B-46BA-8493-B721510384B8} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {7843D470-232C-469F-AF08-7EF3D5160038} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA => C:\Users\********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7D067330-54E9-4397-9289-09B7C3521AF6} - System32\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B} => C:\Windows\system32\msfeedssync.exe [2013-05-17] (Microsoft Corporation)
Task: {823C051B-3104-44CD-92F1-3700E8E15CFD} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {989FF834-41BE-4E38-B938-D3399C05C567} - System32\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E} => C:\Windows\system32\msfeedssync.exe [2013-05-17] (Microsoft Corporation)
Task: {AB0C9484-3266-4A15-9757-38171858DA9F} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.)
Task: {E668E636-9194-4388-B37B-5D84D49C7ACA} - System32\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163} => C:\Windows\system32\msfeedssync.exe [2013-05-17] (Microsoft Corporation)
Task: {FF5E340A-BC32-496B-9357-9208DE020E7D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core => C:\Users\********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core.job => C:\Users\********\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA.job => C:\Users\********\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163}.job => C:\Windows\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2013 04:27:38 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (06/25/2013 04:27:38 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (06/25/2013 04:27:38 PM) (Source: LoadPerf) (User: )
Description: Performance16

Error: (06/25/2013 04:24:12 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/21/2013 02:13:38 PM) (Source: MsiInstaller) (User: ICA)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1789(NULL)(NULL)(NULL)(NULL)

Error: (06/21/2013 02:13:37 PM) (Source: MsiInstaller) (User: ICA)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1789(NULL)(NULL)(NULL)(NULL)

Error: (06/21/2013 02:13:36 PM) (Source: MsiInstaller) (User: ICA)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1789(NULL)(NULL)(NULL)(NULL)

Error: (06/20/2013 03:43:15 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 10.0.2.4428, Zeitstempel 0x4f3cdb2a, fehlerhaftes Modul xul.dll, Version 10.0.2.4428, Zeitstempel 0x4f3cda27, Ausnahmecode 0xc0000005, Fehleroffset 0x000f7b97,
Prozess-ID 0xfa4, Anwendungsstartzeit firefox.exe0.

Error: (06/19/2013 02:38:10 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (06/19/2013 02:38:10 PM) (Source: LoadPerf) (User: )
Description: Performance16


System errors:
=============
Error: (06/25/2013 04:25:11 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/25/2013 04:25:05 PM) (Source: Service Control Manager) (User: )
Description: PnP-X-IP-BusauflistungFunktionssuchanbieter-Host%%1068

Error: (06/25/2013 04:24:52 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/25/2013 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/25/2013 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/25/2013 04:24:17 PM) (Source: DCOM) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (06/25/2013 04:24:17 PM) (Source: DCOM) (User: )
Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (06/25/2013 04:24:14 PM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
kl1
KLIF
KLIM6
NetBIOS
netbt
NIPALK
nipbcfk
nipxibaf
nipxibrc
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
uEye_Eth
Wanarpv6

Error: (06/25/2013 04:24:14 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (06/25/2013 04:24:14 PM) (Source: Service Control Manager) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068


Microsoft Office Sessions:
=========================
Error: (03/16/2011 07:29:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 23470 seconds with 600 seconds of active time.  This session ended with a crash.

Error: (12/16/2010 11:48:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 59066 seconds with 4080 seconds of active time.  This session ended with a crash.

Error: (10/18/2010 08:52:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 280 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (04/30/2010 02:37:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 14072 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (04/08/2010 00:59:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 98 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/22/2010 00:01:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5009 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (03/12/2010 04:30:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 125 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (03/08/2010 11:26:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5398 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (12/18/2009 03:39:30 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 14925 seconds with 10740 seconds of active time.  This session ended with a crash.

Error: (12/11/2009 04:26:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20927 seconds with 180 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-06-25 16:26:50.051
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-25 16:26:49.848
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-25 16:26:49.630
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-25 16:26:49.411
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-17 18:11:16.126
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-15 09:36:20.342
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-14 18:32:21.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-11 09:44:30.142
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 15:10:59.253
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-14 18:37:39.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 3581.21 MB
Available physical RAM: 2863.21 MB
Total Pagefile: 6670.02 MB
Available Pagefile: 6244.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.68 MB

==================== Drives ================================

Drive c: (Local) (Fixed) (Total:146.94 GB) (Free:24.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.33 GB) NTFS
Drive f: () (Removable) (Total:1.86 GB) (Free:0.63 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: B58C558B)
Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=147 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 019853F1)
Partition 1: (Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================
         
Danke
__________________

Alt 25.06.2013, 15:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Het es nen bestimmten Grund warum du aus dem Safe Mode scannst?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.06.2013, 15:51   #5
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Ja,
habe "Angst" das der Virus/Trojaner einen Schaden anrichtet (Daten vernichtet).

Werde den Log vom Scan unter "normalen" Windows gleich anhängen.

Sorry

Gruß


Alt 25.06.2013, 16:00   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Ok
__________________
--> Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt

Alt 25.06.2013, 16:05   #7
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Hallo,
eine Addition.txt wird nicht mehr erstellt.

Hier ist die First.txt unter normalen WIndows

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-06-2013 01
Ran by ******** (administrator) on 25-06-2013 17:00:47
Running from F:\
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WlanNetService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(DALSA) C:\Windows\System32\CorGigEServer.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(IDS Imaging Development Systems GmbH) C:\Program Files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Option) C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(National Instruments Corporation) C:\Windows\system32\lkads.exe
(National Instruments Corporation) C:\Program Files\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
() C:\Program Files\Verbindungsassistent\WTGService.exe
(National Instruments, Inc.) C:\Windows\system32\lkcitdl.exe
(National Instruments Corporation) C:\Windows\system32\lktsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Windows\system32\nipxism.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusion.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: []  [x]
HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe [x]
HKLM\...\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe [x]
HKLM\...\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13535776 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [311680 2010-03-12] (Kaspersky Lab)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide [190808 2011-03-01] (Logitech Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-10] (Microsoft Corporation)
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe" [7283072 2013-04-26] (Binary Fortress Software)
HKCU\...\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2540 Series" [249440 2012-02-27] (SEIKO EPSON CORPORATION)
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: J - J:\LaunchU3.exe -a
MountPoints2: {2601d36e-06b8-11e1-a1cb-001c231428ef} - F:\pushinst.exe
MountPoints2: {4b979d05-566a-11de-b374-001c231428ef} - F:\LaunchU3.exe -a
MountPoints2: {4eab0e8b-6ccb-11df-b0cb-001c231428ef} - J:\LaunchU3.exe -a
MountPoints2: {63390b51-6074-11e2-859b-001c231428ef} - F:\setup.exe AUTORUN=1
MountPoints2: {cf61bb13-5870-11e1-862d-001c231428ef} - J:\AutoRun.exe
MountPoints2: {cf61bb3f-5870-11e1-862d-001c231428ef} - J:\AutoRun.exe
HKU\bec\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\bec\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\Sam\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2009-05-26] (Apple Inc.)
HKU\Sam\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\Sam\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\User\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe [ 2008-03-25] (Adobe Systems, Inc.)
Startup: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://companyweb
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://companyweb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: haufereader - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.250

FireFox:
========
FF ProfilePath: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
S4 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
R2 CorGigEServer; C:\Windows\System32\CorGigEServer.exe [55808 2007-11-29] (DALSA)
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
R2 DSCameraControlWinService; C:\Program Files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe [88064 2011-07-18] (IDS Imaging Development Systems GmbH)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 GtDetectSc; C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [204915 2007-11-05] (Option)
R2 LkCitadelServer; C:\Windows\system32\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\system32\lkads.exe [50328 2012-11-28] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\system32\lktsrv.exe [60568 2012-11-28] (National Instruments Corporation)
R2 mxssvr; C:\Program Files\National Instruments\MAX\nimxs.exe [51360 2012-11-21] (National Instruments Corporation)
R2 ni488enumsvc; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [54472 2012-11-30] (National Instruments Corporation)
S4 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
R2 nidevldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [371352 2012-11-28] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-11-07] (National Instruments Corporation)
R2 nimcdldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-09-26] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [172344 2012-12-19] (National Instruments Corporation)
R2 nipxirmu; C:\Windows\system32\nipxism.exe [19056 2013-01-17] (National Instruments Corporation)
S3 NiRioRpc; C:\Windows\system32\NiRioRpc.exe [31880 2011-01-13] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe [54464 2012-11-30] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe [680624 2012-06-07] (National Instruments Corporation)
R2 nitsuu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S3 OpcEnum; C:\Windows\system32\Opcenum.exe [139488 2012-05-18] (OPC Foundation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [15872 2008-01-30] ()
S4 OracleOraHome90ClientCache; C:\oracle\ora90\BIN\ONRSD.EXE [425828 2001-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [428640 2011-03-04] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG)
R2 WTGService; C:\Program Files\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()

==================== Drivers (Whitelisted) ====================

R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
S3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
R2 CBN; C:\Windows\System32\Drivers\CBN.SYS [17408 2013-06-17] (MARX Datentechnik GmbH )
R3 CorSnid; C:\Windows\System32\DRIVERS\CorSnid.sys [28672 2007-11-29] (DALSA)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
R2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [19552 2011-11-04] ()
S2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.)
S3 FTDIBUS; C:\Windows\System32\drivers\pftdibus.sys [57672 2009-02-17] (FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\pftser2k.sys [72520 2009-02-17] (FTDI Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [95744 2007-07-09] (Option NV)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [51968 2007-06-26] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.)
R3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-29] (O2Micro)
R3 JAIGigEFilterDriver; C:\Windows\System32\DRIVERS\JAIGigEFilterDriver.sys [72704 2007-09-20] (JAI)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2011-10-07] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2011-10-07] (Kaspersky Lab ZAO)
S3 lvalarmk; C:\Windows\system32\drivers\lvalarmk.sys [20104 2008-12-05] (National Instruments Corporation)
S3 MCHPUSB; C:\Windows\System32\DRIVERS\mchpusb.sys [53760 2007-12-19] (Microchip Technology, Inc.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [24064 2008-01-19] (Microsoft Corporation)
S3 ni1006k; C:\Windows\system32\drivers\ni1006k.sys [26192 2013-01-14] (National Instruments Corporation)
S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [11960 2013-01-14] (National Instruments Corporation)
S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [23736 2013-01-14] (National Instruments Corporation)
S3 ni488lock; C:\Windows\system32\drivers\ni488lock.sys [17544 2010-07-27] (National Instruments Corporation)
R2 niarbk; C:\Windows\System32\drivers\niarbk.dll [37376 2007-04-16] (National Instruments Corporation)
R2 nibffrk; C:\Windows\System32\drivers\nibffrk.dll [21504 2007-04-16] (National Instruments Corporation)
R2 nicanpk; C:\Windows\System32\DRIVERS\nicanpkl.sys [11408 2010-09-15] (National Instruments Corporation)
S3 nicdrk; C:\Windows\system32\drivers\nicdrkl.sys [11352 2009-07-17] (National Instruments Corporation)
S3 nicmrk; C:\Windows\system32\drivers\nicmrkl.sys [11440 2010-06-15] (National Instruments Corporation)
S3 nicsrk; C:\Windows\system32\drivers\nicsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
R2 Nidaq32k; C:\Windows\System32\Drivers\Nidaq32k.sys [674304 2007-04-16] (National Instruments Corporation)
R3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [11944 2012-01-27] (National Instruments Corporation)
R2 nidmmk; C:\Windows\System32\drivers\nidmmk.dll [50688 2007-04-16] (National Instruments Corporation)
S3 nidmxfk; C:\Windows\system32\drivers\nidmxfkl.sys [11336 2010-02-25] (National Instruments Corporation)
S3 nidsark; C:\Windows\system32\drivers\nidsarkl.sys [11344 2010-02-06] (National Instruments Corporation)
S3 nidwgk; C:\Windows\system32\drivers\nidwgkl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niemrk; C:\Windows\system32\drivers\niemrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 niesrk; C:\Windows\system32\drivers\niesrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nigplk; C:\Windows\system32\drivers\nigplkl.sys [11640 2008-06-16] (National Instruments Corporation)
S3 nihsdrk; C:\Windows\system32\drivers\nihsdrkl.sys [11864 2009-12-03] (National Instruments Corporation)
S3 nimcdfxk; C:\Windows\system32\drivers\nimcdfxkl.sys [11360 2009-06-17] (National Instruments Corporation)
R3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [11976 2012-06-28] (National Instruments Corporation)
R2 nimdsk; C:\Windows\System32\drivers\nimdsk.dll [30208 2007-04-16] (National Instruments Corporation)
R3 nimru2k; C:\Windows\system32\drivers\nimru2kl.sys [11360 2009-08-24] (National Instruments Corporation)
S3 nimsdrk; C:\Windows\system32\drivers\nimsdrkl.sys [11904 2010-02-02] (National Instruments Corporation)
S3 nimsrlk; C:\Windows\system32\drivers\nimsrlk.dll [151683 2009-07-23] (National Instruments Corporation)
R3 nimstsk; C:\Windows\system32\drivers\nimstskl.sys [11872 2010-02-02] (National Instruments Corporation)
R3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [11960 2012-06-28] (National Instruments Corporation)
S3 nimxpk; C:\Windows\system32\drivers\nimxpkl.sys [11880 2010-02-02] (National Instruments Corporation)
S3 ninshsdk; C:\Windows\system32\drivers\ninshsdkl.sys [11360 2010-02-05] (National Instruments Corporation)
R3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [11968 2012-06-28] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12600 2012-12-20] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [586000 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12600 2012-12-20] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [15448 2012-12-18] (National Instruments Corporation)
S3 nipsdk; C:\Windows\system32\drivers\nipsdkl.sys [11392 2010-05-06] (National Instruments Corporation)
R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [62712 2013-01-14] (National Instruments Corporation)
R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [46344 2013-01-14] (National Instruments Corporation)
S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [21144 2011-08-09] (National Instruments Corporation)
R2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [12408 2013-01-17] (National Instruments Corporation)
S3 niraptrk; C:\Windows\system32\drivers\niraptrkl.sys [11400 2010-06-15] (National Instruments Corporation)
S3 niRFSA2k; C:\Windows\system32\drivers\niRFSA2kl.sys [11328 2010-06-21] (National Instruments Corporation)
S3 niRFSGk; C:\Windows\system32\drivers\niRFSGkl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 niscdk; C:\Windows\system32\drivers\niscdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisdigk; C:\Windows\system32\drivers\nisdigkl.sys [11352 2010-02-10] (National Instruments Corporation)
S3 nisftk; C:\Windows\system32\drivers\nisftkl.sys [11344 2010-02-05] (National Instruments Corporation)
S3 nisldk; C:\Windows\system32\drivers\nisldkl.sys [11344 2009-06-18] (National Instruments Corporation)
S3 nispdk; C:\Windows\system32\drivers\nispdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisrcdk; C:\Windows\system32\drivers\nisrcdkl.sys [11424 2010-06-04] (National Instruments Corporation)
S3 nissrk; C:\Windows\system32\drivers\nissrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nistc2k; C:\Windows\system32\drivers\nistc2kl.sys [11312 2009-01-05] (National Instruments Corporation)
S3 nistc3rk; C:\Windows\system32\drivers\nistc3rkl.sys [11400 2010-05-03] (National Instruments Corporation)
R2 nistck; C:\Windows\System32\drivers\nistck.dll [111616 2007-04-16] (National Instruments Corporation)
S3 nistcrk; C:\Windows\system32\drivers\nistcrkl.sys [11360 2009-08-31] (National Instruments Corporation)
R2 nistreamk; C:\Windows\System32\drivers\nistreamkl.sys [19608 2010-06-17] (National Instruments Corporation)
S3 niswdk; C:\Windows\system32\drivers\niswdkl.sys [11336 2009-09-01] (National Instruments Corporation)
S3 niSynck; C:\Windows\system32\drivers\niSynckl.sys [11408 2010-08-26] (National Instruments Corporation)
S3 nitiork; C:\Windows\system32\drivers\nitiorkl.sys [11360 2010-02-06] (National Instruments Corporation)
S3 nitnr2k; C:\Windows\system32\drivers\nitnr2kl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 nitsuk; C:\Windows\system32\drivers\nitsukl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niufurk; C:\Windows\system32\drivers\niufurkl.sys [11432 2010-06-15] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [12424 2013-01-29] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [12424 2013-01-29] (National Instruments Corporation)
S3 niwfrk; C:\Windows\system32\drivers\niwfrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nixsrk; C:\Windows\system32\drivers\nixsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25216 2008-01-30] (The OpenVPN Project)
S3 ueye; C:\Windows\System32\DRIVERS\uEye_usb.sys [3793688 2012-03-29] (IDS Imaging Development Systems GmbH)
S3 ueye_boot; C:\Windows\System32\DRIVERS\uEye_boot.sys [3770136 2012-03-29] (IDS Imaging Development Systems GmbH)
R1 uEye_Eth; C:\Windows\System32\DRIVERS\uEye_Eth.sys [4230936 2012-03-13] (IDS Imaging Development Systems GmbH)
S3 umpusbvista; C:\Windows\System32\DRIVERS\umpusbvista.sys [47104 2009-10-20] (Texas Instruments Inc)
S3 actser; system32\drivers\actser.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 mvBlueFOX2; System32\Drivers\mvBlueFOX2.sys [x]
S3 niimaqk; system32\drivers\niimaqk.sys [x]
S3 nimslk; \??\C:\Windows\system32\drivers\nimslk.dll [x]
S3 niwdk; No ImagePath
S3 nixsrkw; system32\DRIVERS\nixsrkw.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 usb6xxxk; \??\C:\Windows\system32\drivers\usb6xxxkl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:16 - 2013-06-19 09:34 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:11 - 2013-06-18 22:12 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-18 22:15 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:08 - 2013-06-18 22:14 - 00000000 ____D C:\Program Files\Logitech
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:05 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-17 13:03 - 2008-02-28 16:59 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-06-17 13:03 - 2002-04-02 18:02 - 00002600 ____A C:\ProgramData\winmcv.sys
2013-06-13 03:03 - 2013-05-08 06:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 03:02 - 2013-05-17 05:50 - 01212928 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00916480 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:02 - 2013-05-17 05:48 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 06014464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 11111424 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 02004992 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 01469440 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:02 - 2013-05-17 05:44 - 00387584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 03:02 - 2013-05-17 04:06 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-13 03:02 - 2013-05-17 02:20 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:02 - 2013-05-17 02:19 - 00174080 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 03:02 - 2013-05-17 02:18 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:02 - 2013-05-17 02:18 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-13 03:02 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 03:02 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-13 03:01 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-13 03:01 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-13 03:01 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 03:01 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 18:44 - 2009-03-09 16:27 - 04178264 ____N (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll

==================== One Month Modified Files and Folders ========

2013-06-25 17:00 - 2008-04-01 13:12 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B}.job
2013-06-25 17:00 - 2008-03-29 10:13 - 01399338 ____A C:\Windows\WindowsUpdate.log
2013-06-25 16:59 - 2006-11-02 12:33 - 00007184 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-25 16:58 - 2008-04-26 10:12 - 00000414 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E}.job
2013-06-25 16:56 - 2008-10-24 09:59 - 00122690 ____A C:\ProgramData\nvModes.001
2013-06-25 16:56 - 2008-04-01 17:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-25 16:55 - 2009-09-18 10:55 - 00000000 ____D C:\Users\********\AppData\Local\TSVNCache
2013-06-25 16:55 - 2008-10-24 09:56 - 00122690 ____A C:\ProgramData\nvModes.dat
2013-06-25 16:54 - 2006-11-02 14:52 - 00112179 ____A C:\Windows\setupact.log
2013-06-25 16:52 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 16:52 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-25 16:52 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-25 14:13 - 2008-03-29 10:27 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-06-25 14:13 - 2006-11-02 15:01 - 00032562 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-25 14:10 - 2012-07-12 08:05 - 00001126 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA.job
2013-06-25 14:10 - 2008-04-03 13:51 - 00000412 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163}.job
2013-06-25 14:07 - 2010-10-21 13:50 - 00000000 ____D C:\Users\********\AppData\Roaming\Skype
2013-06-25 14:01 - 2008-04-01 11:52 - 00000104 ____A C:\Windows\System32\config\netlogon.ftl
2013-06-24 13:33 - 2010-08-11 11:56 - 00000000 ____D C:\Users\********\AppData\Roaming\vlc
2013-06-21 14:12 - 2010-10-21 13:50 - 00000000 ___RD C:\Program Files\Skype
2013-06-21 14:12 - 2010-10-21 13:49 - 00000000 ____D C:\ProgramData\Skype
2013-06-20 08:10 - 2012-07-12 08:05 - 00001104 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core.job
2013-06-19 09:41 - 2011-04-14 16:32 - 00000000 ____D C:\Program Files\WISO
2013-06-19 09:40 - 2011-04-14 16:36 - 00000000 ____D C:\Users\********\AppData\Local\Buhl
2013-06-19 09:40 - 2011-01-22 18:39 - 00000781 ____A C:\Windows\wiso.ini
2013-06-19 09:40 - 2008-03-29 10:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-19 09:38 - 2008-04-02 21:40 - 00000000 ____D C:\Program Files\Common Files\Lexware
2013-06-19 09:35 - 2008-04-02 20:27 - 00000000 ____D C:\Program Files\Frag doch mal
2013-06-19 09:34 - 2013-06-18 22:16 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:15 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:14 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Logitech
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:12 - 2013-06-18 22:11 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:12 - 2008-04-02 11:37 - 00000000 ____D C:\users\********
2013-06-18 22:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:27 - 2009-09-18 10:57 - 00000000 ____D C:\ic-automation
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:05 - 2013-06-17 13:03 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-14 21:55 - 2011-11-30 18:49 - 00000680 ____A C:\Users\********\AppData\Local\d3d9caps.dat
2013-06-13 10:30 - 2008-04-01 12:05 - 00008924 _RASH C:\ProgramData\ntuser.pol
2013-06-13 08:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 08:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-11 10:00 - 2012-10-23 15:24 - 00000000 ____D C:\Program Files\ODC1202-Tool-V316

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-25 17:00

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Hallo,
das ist verdächtig oder:
(Microsoft Corporation) C:\Windows\system32\conime.exe

Gruß

Alt 25.06.2013, 18:35   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Wie kommst du darauf?

Unsere Tools müssen alle vom Desktop aus laufen.
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.06.2013, 20:55   #9
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Hallo,
was ist genau mit dem PC los?
Hast du etwas verdächtiges gefunden in den Logs, und wenn was?

Gruß

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-06-25.01 - ***** 26.06.2013   0:45.1.2 - x86
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.49.1031.18.3581.1864 [GMT 2:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxxxx\AppData\Local\assembly\tmp
c:\users\*****\AppData\Local\assembly\tmp
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Update.msf
c:\users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore
c:\users\User\AppData\Local\assembly\tmp
c:\windows\Installer\$PatchCache$\Managed\1BDD391351F8AD34585D7469FB469541\18.2.0\colordefs.ini2
c:\windows\Installer\{A907A713-DA24-4352-8786-96C7A6944646}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe
c:\windows\IsUn0407.exe
c:\windows\system32\helpers32.dll
c:\windows\system32\kWab.dll
c:\windows\system32\Temp
c:\windows\system32\test
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-25 bis 2013-06-25  ))))))))))))))))))))))))))))))
.
.
2013-06-25 23:00 . 2013-06-25 23:00	--------	d-----w-	c:\users\xxxxx\AppData\Local\temp
2013-06-25 23:00 . 2013-06-25 23:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-25 23:00 . 2013-06-25 23:00	--------	d-----w-	c:\users\xxxxx\AppData\Local\temp
2013-06-25 23:00 . 2013-06-25 23:00	--------	d-----w-	c:\users\xxxxx\AppData\Local\temp
2013-06-25 23:00 . 2013-06-25 23:00	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2013-06-25 14:25 . 2013-06-25 14:25	--------	d-----w-	C:\FRST
2013-06-18 20:18 . 2013-06-18 20:18	--------	d-----w-	c:\programdata\LogiShrd
2013-06-18 20:16 . 2013-06-19 07:34	--------	d-----w-	c:\users\*****\AppData\Local\LogiShrd
2013-06-18 20:13 . 2013-06-18 20:13	--------	d-----w-	c:\users\*****\AppData\Roaming\Leadertech
2013-06-18 20:13 . 2013-06-18 20:13	53248	----a-r-	c:\users\*****\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-06-18 20:10 . 2013-06-18 20:10	--------	d-----w-	c:\programdata\Logitech
2013-06-18 20:10 . 2013-06-18 20:10	--------	d-----w-	c:\program files\Common Files\LWS
2013-06-18 20:08 . 2013-06-25 14:22	--------	d-----w-	c:\program files\Logitech
2013-06-18 20:08 . 2013-06-18 20:15	--------	d-----w-	c:\program files\Common Files\LogiShrd
2013-06-17 11:05 . 2013-06-17 11:05	--------	d-----w-	c:\users\*****\.idl
2013-06-17 11:05 . 2013-06-17 11:05	43520	----a-w-	c:\windows\system32\CBNDLL.DLL
2013-06-17 11:05 . 2013-06-17 11:05	376832	----a-w-	c:\windows\system32\MPIWIN32.DLL
2013-06-17 11:05 . 2013-06-17 11:05	17408	----a-w-	c:\windows\system32\drivers\CBN.SYS
2013-06-17 11:03 . 2002-04-02 16:02	2600	----a-w-	c:\programdata\winmcv.sys
2013-06-17 11:03 . 2008-02-28 14:59	626688	----a-w-	c:\windows\system32\msvcr80.dll
2013-06-17 11:03 . 2013-06-17 11:05	--------	d-----w-	c:\programdata\Mark III
2013-06-17 11:03 . 2013-06-17 11:03	--------	d-----w-	c:\program files\FRT
2013-06-13 01:03 . 2013-05-08 04:37	905576	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-13 01:01 . 2013-04-24 04:00	41984	----a-w-	c:\windows\system32\certenc.dll
2013-06-13 01:01 . 2013-04-24 04:00	985600	----a-w-	c:\windows\system32\crypt32.dll
2013-06-13 01:01 . 2013-04-24 04:00	98304	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-13 01:01 . 2013-04-24 04:00	133120	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-13 01:01 . 2013-04-24 01:46	812544	----a-w-	c:\windows\system32\certutil.exe
2013-06-13 01:01 . 2013-05-02 22:03	3603832	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-06-13 01:01 . 2013-05-02 22:03	3551096	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-06-11 16:44 . 2009-03-09 14:27	4178264	------w-	c:\windows\system32\D3DX9_41.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 03:50 . 2013-06-13 01:02	916480	----a-w-	c:\windows\system32\wininet.dll
2013-05-02 04:04 . 2013-06-13 01:02	443904	----a-w-	c:\windows\system32\win32spl.dll
2013-04-24 09:59 . 2013-04-24 10:00	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-04-24 09:59 . 2013-04-24 10:00	866720	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-04-24 09:59 . 2012-01-28 14:46	788896	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-15 14:20 . 2013-05-17 01:15	638328	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 10:56 . 2013-05-17 01:15	37376	----a-w-	c:\windows\system32\cdd.dll
2013-04-09 01:36 . 2013-05-17 01:05	2049024	----a-w-	c:\windows\system32\win32k.sys
2010-05-24 17:39 . 2010-05-24 17:39	43608	----a-w-	c:\program files\internet explorer\plugins\IMAQActiveXControl.dll
2011-01-13 19:14 . 2011-01-13 19:14	158720	----a-w-	c:\program files\internet explorer\plugins\LV2010ActiveXControl.dll
2012-07-13 19:10 . 2012-07-13 19:10	158720	----a-w-	c:\program files\internet explorer\plugins\LV2011ActiveXControl.dll
2012-12-19 16:18 . 2012-12-19 16:18	158720	----a-w-	c:\program files\internet explorer\plugins\LV2012ActiveXControl.dll
2004-03-15 15:51 . 2004-03-15 15:51	114688	----a-w-	c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 07:36 . 2003-05-01 07:36	114688	----a-w-	c:\program files\internet explorer\plugins\LV7ActiveXControl.dll
2006-01-23 08:32 . 2006-01-23 08:32	131072	----a-w-	c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48	133920	----a-w-	c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 18:03 . 2007-07-24 18:03	118784	----a-w-	c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-12-10 13:50 . 2008-12-10 13:50	118784	----a-w-	c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2012-08-17 15:03 . 2012-08-17 15:03	158720	----a-w-	c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
2012-02-29 10:08 . 2011-10-07 04:04	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 16:55	85768	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2013-04-26 7283072]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE" [2012-02-27 249440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-07 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-07 92704]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2008-05-07 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-01-03 405504]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
.
c:\users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files\Logitech\Ereg\eReg.exe /remind /language=DEU /_WFM="." [2009-11-16 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3583648192-2357320158-4007192304-1118\Scripts\Logoff\0\0]
"Script"=logoff.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3583648192-2357320158-4007192304-1118\Scripts\Logon\0\0]
"Script"=mapdrives.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3583648192-2357320158-4007192304-1613\Scripts\Logoff\0\0]
"Script"=logoff.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3583648192-2357320158-4007192304-1613\Scripts\Logon\0\0]
"Script"=vista_hack.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3583648192-2357320158-4007192304-500\Scripts\Logon\0\0]
"Script"=vista_hack.bat
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat - Schnellstart.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
backup=c:\windows\pss\Adobe Acrobat - Schnellstart.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Corel MEDIA FOLDERS INDEXER 8.LNK]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Corel MEDIA FOLDERS INDEXER 8.LNK
backup=c:\windows\pss\Corel MEDIA FOLDERS INDEXER 8.LNK.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NI Error Reporting.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk
backup=c:\windows\pss\NI Error Reporting.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2007 Zahlungserinnerung.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2007 Zahlungserinnerung.lnk
backup=c:\windows\pss\Quicken 2007 Zahlungserinnerung.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
backup=c:\windows\pss\QuickSet.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^web'n'walk Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\web'n'walk Manager.lnk
backup=c:\windows\pss\web'n'walk Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-10-14 19:38	623992	----a-w-	c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVMWlanClient]
2010-10-22 01:00	2105344	----a-r-	c:\program files\avmwlanstick\WLanGUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2012-04-02 14:44	1058912	----a-w-	c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget\P0000000000000001]
2012-02-27 06:02	249440	----a-w-	c:\windows\System32\spool\drivers\w32x86\3\E_TATIIUE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 06:04	138096	----atw-	c:\users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FUFAXRCV]
2012-04-03 17:19	502912	----a-w-	c:\program files\Epson Software\FAX Utility\FUFAXRCV.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FUFAXSTM]
2012-04-03 17:19	863360	----a-w-	c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 16:50	221184	----a-w-	c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 16:50	81920	----a-w-	c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2011-07-31 13:07	189808	----a-w-	c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI Update Service]
2012-11-16 13:12	853640	----a-w-	c:\program files\National Instruments\Shared\Update Service\NIUpdateService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
2010-04-20 08:21	109712	----a-w-	c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NIRegistrationWizard]
2010-06-21 13:53	846520	----a-w-	c:\program files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-07 13:59	13535776	----a-w-	c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2008-05-07 13:59	92704	----a-w-	c:\windows\System32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-07 13:59	92704	----a-w-	c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2008-05-07 13:59	580128	----a-w-	c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 17:23	118784	------w-	c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18	413696	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2008-01-03 18:05	405504	----a-w-	c:\program files\Sigmatel\C-Major Audio\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [2007-07-27 330144]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-07-27 251680]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core.job
- c:\users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-20 06:04]
.
2013-06-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA.job
- c:\users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-20 06:04]
.
2013-06-25 c:\windows\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B}.job
- c:\windows\system32\msfeedssync.exe [2013-06-13 00:18]
.
2013-06-25 c:\windows\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E}.job
- c:\windows\system32\msfeedssync.exe [2013-06-13 00:18]
.
2013-06-25 c:\windows\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163}.job
- c:\windows\system32\msfeedssync.exe [2013-06-13 00:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://companyweb
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: cyber-deployment.com
Trusted Zone: cyber-deployment.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: !HIDDEN! 2010-07-24 23:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
HKLM-Run-LaunchAp - c:\program files\Launch Manager\LaunchAp.exe
HKLM-Run-Wbutton - c:\program files\Launch Manager\WButton.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken Jubiläumsversion Zahlungserinnerung.lnk - (no file)
MSConfigStartUp-CorGigeStatus - c:\programme\DALSA\Network Interface\Bin\CorGigeStatus.exe
MSConfigStartUp-SecureUpgrade - c:\program files\Wave Systems Corp\SecureUpgrade.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_05\bin\jusched.exe
MSConfigStartUp-WavXMgr - c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-MAGIX MP3 Maker 16 D - f:\magix\unwise.exe
AddRemove-MAGIX Online Druck Service D - f:\online_druck_service\unwise.exe
AddRemove-MAGIX Screenshare D - f:\pcvisit\unwise.exe
AddRemove-MAGIX Speed burnR D - f:\speed3_burnr_mxcdr\unwise.exe
AddRemove-MMOPN_30_32 - c:\progra~3\ERW3MM\DeIsL1.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-26 01:05
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?0bh?H???@gh?????????????,???????????0???$???????d???4??w???????????wR??w?????????????a?v????4???o??w????????x???t?????A???????????A????3?a?v|????????e@?H?????????????A?_??3??????A??|@??????p@????????3??@???????? 
  LaunchAp = c:\program files\Launch Manager\LaunchAp.exe?bh?H???@gh?????????????,???????????0???$???????d???4??w???????????wR??w?????????????a?v????4???o??w????????x???t?????A???????????A????3?a?v|????????e@?H?????????????A?_??3??????A??|@??????p@????????3??@???????? 
  Wbutton = c:\program files\Launch Manager\WButton.exe??bh?H???@gh?????????????,???????????0???$???????d???4??w???????????wR??w?????????????a?v????4???o??w????????x???t?????A???????????A????3?a?v|????????e@?H?????????????A?_??3??????A??|@??????p@????????3??@???????? 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1704)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\msi.dll
c:\program files\DisplayFusion\Hooks\AppHookx86_23E44A95-F875-41C0-841D-DFE8BA5FC631.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\WLANExt.exe
c:\program files\avmwlanstick\WlanNetService.exe
c:\windows\System32\CorGigEServer.exe
c:\program files\DisplayFusion\DisplayFusionService.exe
c:\program files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe
c:\windows\system32\EscSvc.exe
c:\program files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe
c:\program files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\system32\lkads.exe
c:\program files\National Instruments\MAX\nimxs.exe
c:\windows\system32\nipalsm.exe
c:\windows\system32\nipalsm.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nipalsm.exe
c:\program files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
c:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\windows\system32\STacSV.exe
c:\program files\TeamViewer\Version5\TeamViewer_Service.exe
c:\program files\TeamViewer\Version6\TeamViewer_Service.exe
c:\program files\Verbindungsassistent\WTGService.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
c:\windows\system32\nipxism.exe
c:\windows\system32\nipalsm.exe
c:\program files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
c:\program files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
c:\program files\TeamViewer\Version6\TeamViewer.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\conime.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-26  01:13:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-25 23:13
.
Vor Suchlauf: 30 Verzeichnis(se), 28.561.534.976 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 29.701.320.704 Bytes frei
.
- - End Of File - - 4353B5B33281F4FD0A0BF0178DF5C11D
         
--- --- --- 5C616939100B85E558DA92B899A0FC36
Hallo,
ich habe vorher noch eine Virus BootCD laufen lassen:
Code:
ATTFilter
 ALERT: [TR/Fakealert.grb.225] /media/Local/ProgramData/~1kAlMiG2Kb7FzPr <<< Is the Trojan horse TR/Fakealert.grb.225
         
Die Datei habe ich dann gelöscht.

hier der Log vom ADW Cleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 26/06/2013 um 01:30:50 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Benutzer : ******** - ********-NB
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\********\Desktop\adwcleaner2303.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments\NI-488.2\NI-488.2 .NET Framework 3.5 Help.lnk
Datei Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments\VISA\Documentation\NI-VISA .NET Framework 3.5 Help.lnk

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19437

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v10.0.2 (de)

Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sa6v86ne.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\g6q3plu9.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\qvukvxq1.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1865 octets] - [26/06/2013 01:29:10]
AdwCleaner[S1].txt - [1664 octets] - [26/06/2013 01:30:50]

########## EOF - C:\AdwCleaner[S1].txt - [1724 octets] ##########
         
--- --- ---

[/CODE]

Meines Erachtens ist das System nun wieder sauber, oder?

Alt 26.06.2013, 08:31   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



Wer hat gesagt du sollst die CD laufen lassen oder AdwCleaner?

Das System war schön verseucht, da ist noch bissl Arbeit. Nur das machen was ich anordne, oder ich kann nicht helfen.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


und ein frisches FRST Log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.06.2013, 08:58   #11
BecksBier
 
Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt



FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-06-2013 02
Ran by ******** (administrator) on 26-06-2013 09:51:09
Running from C:\Users\********\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WlanNetService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(DALSA) C:\Windows\System32\CorGigEServer.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(IDS Imaging Development Systems GmbH) C:\Program Files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Option) C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(National Instruments Corporation) C:\Windows\system32\lkads.exe
(National Instruments Corporation) C:\Program Files\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Verbindungsassistent\WTGService.exe
(National Instruments, Inc.) C:\Windows\system32\lkcitdl.exe
(National Instruments Corporation) C:\Windows\system32\lktsrv.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Windows\system32\nipxism.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Windows\system32\nipalsm.exe
(National Instruments Corporation) C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusion.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13535776 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [92704 2008-05-07] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-03] (IDT, Inc.)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [311680 2010-03-12] (Kaspersky Lab)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide [190808 2011-03-01] (Logitech Inc.)
HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-10] (Microsoft Corporation)
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe" [7283072 2013-04-26] (Binary Fortress Software)
HKCU\...\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2540 Series" [249440 2012-02-27] (SEIKO EPSON CORPORATION)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKU\bec\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\bec\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\Sam\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2009-05-26] (Apple Inc.)
HKU\Sam\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\Sam\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [ 2004-07-27] (InstallShield Software Corporation)
HKU\User\...\Run: [NIRegistrationWizard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [ 2010-06-21] ()
HKU\User\...\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe [ 2008-03-25] (Adobe Systems, Inc.)
Startup: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://companyweb
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: haufereader - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.16.0.250

FireFox:
========
FF ProfilePath: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\07nvtwpm.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi

========================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
S4 BthFilterHelper; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [127488 2006-11-07] (CSR, plc)
R2 CorGigEServer; C:\Windows\System32\CorGigEServer.exe [55808 2007-11-29] (DALSA)
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
R2 DSCameraControlWinService; C:\Program Files\IDS\uEye\OtherDrivers\DirectShow\32\DSCameraControl.exe [88064 2011-07-18] (IDS Imaging Development Systems GmbH)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 GtDetectSc; C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe [204915 2007-11-05] (Option)
R2 LkCitadelServer; C:\Windows\system32\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\system32\lkads.exe [50328 2012-11-28] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\system32\lktsrv.exe [60568 2012-11-28] (National Instruments Corporation)
R2 mxssvr; C:\Program Files\National Instruments\MAX\nimxs.exe [51360 2012-11-21] (National Instruments Corporation)
R2 ni488enumsvc; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [54472 2012-11-30] (National Instruments Corporation)
S4 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
R2 nidevldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [371352 2012-11-28] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-11-07] (National Instruments Corporation)
R2 nimcdldu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-09-26] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [172344 2012-12-19] (National Instruments Corporation)
R2 nipxirmu; C:\Windows\system32\nipxism.exe [19056 2013-01-17] (National Instruments Corporation)
S3 NiRioRpc; C:\Windows\system32\NiRioRpc.exe [31880 2011-01-13] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe [54464 2012-11-30] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe [680624 2012-06-07] (National Instruments Corporation)
R2 nitsuu; C:\Windows\system32\nipalsm.exe [12696 2012-01-12] (National Instruments Corporation)
S3 OpcEnum; C:\Windows\system32\Opcenum.exe [139488 2012-05-18] (OPC Foundation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [15872 2008-01-30] ()
S4 OracleOraHome90ClientCache; C:\oracle\ora90\BIN\ONRSD.EXE [425828 2001-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [428640 2011-03-04] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG)
R2 WTGService; C:\Program Files\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()

==================== Drivers (Whitelisted) ====================

R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
R3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2007-05-05] (CSR, plc)
R2 CBN; C:\Windows\System32\Drivers\CBN.SYS [17408 2013-06-17] (MARX Datentechnik GmbH )
R3 CorSnid; C:\Windows\System32\DRIVERS\CorSnid.sys [28672 2007-11-29] (DALSA)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcxp.sys [31744 2007-01-16] (CSR, plc)
R2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [19552 2011-11-04] ()
R2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.)
S3 FTDIBUS; C:\Windows\System32\drivers\pftdibus.sys [57672 2009-02-17] (FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\pftser2k.sys [72520 2009-02-17] (FTDI Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [95744 2007-07-09] (Option NV)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [51968 2007-06-26] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.)
R3 guardian2; C:\Windows\System32\Drivers\oz776.sys [62208 2007-11-29] (O2Micro)
R3 JAIGigEFilterDriver; C:\Windows\System32\DRIVERS\JAIGigEFilterDriver.sys [72704 2007-09-20] (JAI)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [126480 2009-11-12] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [233560 2011-10-07] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [22104 2011-10-07] (Kaspersky Lab ZAO)
S3 lvalarmk; C:\Windows\system32\drivers\lvalarmk.sys [20104 2008-12-05] (National Instruments Corporation)
S3 MCHPUSB; C:\Windows\System32\DRIVERS\mchpusb.sys [53760 2007-12-19] (Microchip Technology, Inc.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [24064 2008-01-19] (Microsoft Corporation)
S3 ni1006k; C:\Windows\system32\drivers\ni1006k.sys [26192 2013-01-14] (National Instruments Corporation)
S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [11960 2013-01-14] (National Instruments Corporation)
S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [23736 2013-01-14] (National Instruments Corporation)
S3 ni488lock; C:\Windows\system32\drivers\ni488lock.sys [17544 2010-07-27] (National Instruments Corporation)
R2 niarbk; C:\Windows\System32\drivers\niarbk.dll [37376 2007-04-16] (National Instruments Corporation)
R2 nibffrk; C:\Windows\System32\drivers\nibffrk.dll [21504 2007-04-16] (National Instruments Corporation)
R2 nicanpk; C:\Windows\System32\DRIVERS\nicanpkl.sys [11408 2010-09-15] (National Instruments Corporation)
S3 nicdrk; C:\Windows\system32\drivers\nicdrkl.sys [11352 2009-07-17] (National Instruments Corporation)
S3 nicmrk; C:\Windows\system32\drivers\nicmrkl.sys [11440 2010-06-15] (National Instruments Corporation)
S3 nicsrk; C:\Windows\system32\drivers\nicsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
R2 Nidaq32k; C:\Windows\System32\Drivers\Nidaq32k.sys [674304 2007-04-16] (National Instruments Corporation)
R3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [11944 2012-01-27] (National Instruments Corporation)
R2 nidmmk; C:\Windows\System32\drivers\nidmmk.dll [50688 2007-04-16] (National Instruments Corporation)
S3 nidmxfk; C:\Windows\system32\drivers\nidmxfkl.sys [11336 2010-02-25] (National Instruments Corporation)
S3 nidsark; C:\Windows\system32\drivers\nidsarkl.sys [11344 2010-02-06] (National Instruments Corporation)
S3 nidwgk; C:\Windows\system32\drivers\nidwgkl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niemrk; C:\Windows\system32\drivers\niemrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 niesrk; C:\Windows\system32\drivers\niesrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nigplk; C:\Windows\system32\drivers\nigplkl.sys [11640 2008-06-16] (National Instruments Corporation)
S3 nihsdrk; C:\Windows\system32\drivers\nihsdrkl.sys [11864 2009-12-03] (National Instruments Corporation)
S3 nimcdfxk; C:\Windows\system32\drivers\nimcdfxkl.sys [11360 2009-06-17] (National Instruments Corporation)
R3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [11976 2012-06-28] (National Instruments Corporation)
R2 nimdsk; C:\Windows\System32\drivers\nimdsk.dll [30208 2007-04-16] (National Instruments Corporation)
R3 nimru2k; C:\Windows\system32\drivers\nimru2kl.sys [11360 2009-08-24] (National Instruments Corporation)
S3 nimsdrk; C:\Windows\system32\drivers\nimsdrkl.sys [11904 2010-02-02] (National Instruments Corporation)
S3 nimsrlk; C:\Windows\system32\drivers\nimsrlk.dll [151683 2009-07-23] (National Instruments Corporation)
R3 nimstsk; C:\Windows\system32\drivers\nimstskl.sys [11872 2010-02-02] (National Instruments Corporation)
R3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [11960 2012-06-28] (National Instruments Corporation)
S3 nimxpk; C:\Windows\system32\drivers\nimxpkl.sys [11880 2010-02-02] (National Instruments Corporation)
S3 ninshsdk; C:\Windows\system32\drivers\ninshsdkl.sys [11360 2010-02-05] (National Instruments Corporation)
R3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [11968 2012-06-28] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [12600 2012-12-20] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [586000 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [12600 2012-12-20] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [15448 2012-12-18] (National Instruments Corporation)
S3 nipsdk; C:\Windows\system32\drivers\nipsdkl.sys [11392 2010-05-06] (National Instruments Corporation)
R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [62712 2013-01-14] (National Instruments Corporation)
R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [46344 2013-01-14] (National Instruments Corporation)
S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [21144 2011-08-09] (National Instruments Corporation)
R2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [12408 2013-01-17] (National Instruments Corporation)
S3 niraptrk; C:\Windows\system32\drivers\niraptrkl.sys [11400 2010-06-15] (National Instruments Corporation)
S3 niRFSA2k; C:\Windows\system32\drivers\niRFSA2kl.sys [11328 2010-06-21] (National Instruments Corporation)
S3 niRFSGk; C:\Windows\system32\drivers\niRFSGkl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 niscdk; C:\Windows\system32\drivers\niscdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisdigk; C:\Windows\system32\drivers\nisdigkl.sys [11352 2010-02-10] (National Instruments Corporation)
S3 nisftk; C:\Windows\system32\drivers\nisftkl.sys [11344 2010-02-05] (National Instruments Corporation)
S3 nisldk; C:\Windows\system32\drivers\nisldkl.sys [11344 2009-06-18] (National Instruments Corporation)
S3 nispdk; C:\Windows\system32\drivers\nispdkl.sys [11376 2009-07-14] (National Instruments Corporation)
S3 nisrcdk; C:\Windows\system32\drivers\nisrcdkl.sys [11424 2010-06-04] (National Instruments Corporation)
S3 nissrk; C:\Windows\system32\drivers\nissrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nistc2k; C:\Windows\system32\drivers\nistc2kl.sys [11312 2009-01-05] (National Instruments Corporation)
S3 nistc3rk; C:\Windows\system32\drivers\nistc3rkl.sys [11400 2010-05-03] (National Instruments Corporation)
R2 nistck; C:\Windows\System32\drivers\nistck.dll [111616 2007-04-16] (National Instruments Corporation)
S3 nistcrk; C:\Windows\system32\drivers\nistcrkl.sys [11360 2009-08-31] (National Instruments Corporation)
R2 nistreamk; C:\Windows\System32\drivers\nistreamkl.sys [19608 2010-06-17] (National Instruments Corporation)
S3 niswdk; C:\Windows\system32\drivers\niswdkl.sys [11336 2009-09-01] (National Instruments Corporation)
S3 niSynck; C:\Windows\system32\drivers\niSynckl.sys [11408 2010-08-26] (National Instruments Corporation)
S3 nitiork; C:\Windows\system32\drivers\nitiorkl.sys [11360 2010-02-06] (National Instruments Corporation)
S3 nitnr2k; C:\Windows\system32\drivers\nitnr2kl.sys [11328 2009-12-09] (National Instruments Corporation)
S3 nitsuk; C:\Windows\system32\drivers\nitsukl.sys [11424 2010-08-26] (National Instruments Corporation)
S3 niufurk; C:\Windows\system32\drivers\niufurkl.sys [11432 2010-06-15] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [12424 2013-01-29] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [12424 2013-01-29] (National Instruments Corporation)
S3 niwfrk; C:\Windows\system32\drivers\niwfrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 nixsrk; C:\Windows\system32\drivers\nixsrkl.sys [11408 2010-06-15] (National Instruments Corporation)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25216 2008-01-30] (The OpenVPN Project)
S3 ueye; C:\Windows\System32\DRIVERS\uEye_usb.sys [3793688 2012-03-29] (IDS Imaging Development Systems GmbH)
S3 ueye_boot; C:\Windows\System32\DRIVERS\uEye_boot.sys [3770136 2012-03-29] (IDS Imaging Development Systems GmbH)
R1 uEye_Eth; C:\Windows\System32\DRIVERS\uEye_Eth.sys [4230936 2012-03-13] (IDS Imaging Development Systems GmbH)
S3 umpusbvista; C:\Windows\System32\DRIVERS\umpusbvista.sys [47104 2009-10-20] (Texas Instruments Inc)
S3 actser; system32\drivers\actser.sys [x]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 mvBlueFOX2; System32\Drivers\mvBlueFOX2.sys [x]
S3 niimaqk; system32\drivers\niimaqk.sys [x]
S3 nimslk; \??\C:\Windows\system32\drivers\nimslk.dll [x]
S3 niwdk; No ImagePath
S3 nixsrkw; system32\DRIVERS\nixsrkw.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 usb6xxxk; \??\C:\Windows\system32\drivers\usb6xxxkl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-26 09:50 - 2013-06-26 09:51 - 01370251 ____A (Farbar) C:\Users\********\Desktop\FRST.exe
2013-06-26 09:45 - 2013-06-26 09:45 - 00000911 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-26 09:44 - 2013-06-26 09:44 - 00000000 ____D C:\Windows\ERUNT
2013-06-26 09:44 - 2013-06-26 09:44 - 00000000 ____D C:\JRT
2013-06-26 01:30 - 2013-06-26 01:36 - 00001793 ____A C:\AdwCleaner[S1].txt
2013-06-26 01:29 - 2013-06-26 01:29 - 00001865 ____A C:\AdwCleaner[R1].txt
2013-06-26 01:13 - 2013-06-26 01:13 - 00031182 ____A C:\ComboFix.txt
2013-06-26 00:41 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-26 00:41 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-26 00:41 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-26 00:41 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-26 00:41 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-26 00:41 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-26 00:41 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-26 00:41 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-26 00:40 - 2013-06-26 01:14 - 00000000 ____D C:\Qoobox
2013-06-26 00:39 - 2013-06-26 01:11 - 00000000 ____D C:\Windows\erdnt
2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:16 - 2013-06-19 09:34 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:11 - 2013-06-18 22:12 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-25 16:22 - 00000000 ____D C:\Program Files\Logitech
2013-06-18 22:08 - 2013-06-18 22:15 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:05 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-17 13:03 - 2008-02-28 16:59 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\msvcr80.dll
2013-06-17 13:03 - 2002-04-02 18:02 - 00002600 ____A C:\ProgramData\winmcv.sys
2013-06-13 03:03 - 2013-05-08 06:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 03:02 - 2013-05-17 05:50 - 01212928 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00916480 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:02 - 2013-05-17 05:50 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 03:02 - 2013-05-17 05:48 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 06014464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2013-06-13 03:02 - 2013-05-17 05:46 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-13 03:02 - 2013-05-17 05:45 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 11111424 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 02004992 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 01469440 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-13 03:02 - 2013-05-17 05:44 - 00387584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 03:02 - 2013-05-17 05:44 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 03:02 - 2013-05-17 04:06 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-13 03:02 - 2013-05-17 02:20 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-13 03:02 - 2013-05-17 02:19 - 00174080 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 03:02 - 2013-05-17 02:18 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 03:02 - 2013-05-17 02:18 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-13 03:02 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 03:02 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\printcom.dll
2013-06-13 03:01 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-13 03:01 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-13 03:01 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 03:01 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 03:01 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 18:44 - 2009-03-09 16:27 - 04178264 ____N (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll

==================== One Month Modified Files and Folders ========

2013-06-26 09:51 - 2013-06-26 09:50 - 01370251 ____A (Farbar) C:\Users\********\Desktop\FRST.exe
2013-06-26 09:50 - 2008-04-01 13:12 - 00000416 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{90F03580-A141-4888-81F7-64650356AC0B}.job
2013-06-26 09:50 - 2008-03-29 10:13 - 01546287 ____A C:\Windows\WindowsUpdate.log
2013-06-26 09:48 - 2008-04-26 10:12 - 00000414 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{D5018E9A-7B48-416D-9872-C25019E94D8E}.job
2013-06-26 09:45 - 2013-06-26 09:45 - 00000911 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-26 09:45 - 2011-10-06 23:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-26 09:45 - 2010-10-21 13:50 - 00000000 ____D C:\Users\********\AppData\Roaming\Skype
2013-06-26 09:44 - 2013-06-26 09:44 - 00000000 ____D C:\Windows\ERUNT
2013-06-26 09:44 - 2013-06-26 09:44 - 00000000 ____D C:\JRT
2013-06-26 09:39 - 2008-04-03 13:51 - 00000412 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{F38F721E-6120-41D8-8ECB-827ED2B74163}.job
2013-06-26 08:54 - 2008-04-01 17:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-06-26 08:52 - 2008-10-24 09:59 - 00122714 ____A C:\ProgramData\nvModes.001
2013-06-26 08:51 - 2009-09-18 10:55 - 00000000 ____D C:\Users\********\AppData\Local\TSVNCache
2013-06-26 08:51 - 2008-10-24 09:56 - 00122714 ____A C:\ProgramData\nvModes.dat
2013-06-26 08:51 - 2008-04-01 11:52 - 00000104 ____A C:\Windows\System32\config\netlogon.ftl
2013-06-26 08:51 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-26 08:51 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-26 08:51 - 2006-11-02 14:47 - 00003952 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-26 08:12 - 2008-03-29 10:27 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-06-26 08:12 - 2006-11-02 15:01 - 00032562 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-26 08:10 - 2012-07-12 08:05 - 00001126 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118UA.job
2013-06-26 08:10 - 2012-07-12 08:05 - 00001104 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3583648192-2357320158-4007192304-1118Core.job
2013-06-26 01:37 - 2006-11-02 12:33 - 00007184 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-26 01:36 - 2013-06-26 01:30 - 00001793 ____A C:\AdwCleaner[S1].txt
2013-06-26 01:29 - 2013-06-26 01:29 - 00001865 ____A C:\AdwCleaner[R1].txt
2013-06-26 01:15 - 2006-11-02 14:52 - 00112894 ____A C:\Windows\setupact.log
2013-06-26 01:14 - 2013-06-26 00:40 - 00000000 ____D C:\Qoobox
2013-06-26 01:14 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Public
2013-06-26 01:14 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Default
2013-06-26 01:13 - 2013-06-26 01:13 - 00031182 ____A C:\ComboFix.txt
2013-06-26 01:11 - 2013-06-26 00:39 - 00000000 ____D C:\Windows\erdnt
2013-06-26 01:05 - 2006-11-02 12:23 - 00000215 ____A C:\Windows\system.ini
2013-06-26 01:02 - 2006-11-02 15:00 - 00119208 ____A C:\Windows\PFRO.log
2013-06-25 16:25 - 2013-06-25 16:25 - 00000000 ____D C:\FRST
2013-06-25 16:22 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Logitech
2013-06-24 13:33 - 2010-08-11 11:56 - 00000000 ____D C:\Users\********\AppData\Roaming\vlc
2013-06-21 14:12 - 2010-10-21 13:50 - 00000000 ___RD C:\Program Files\Skype
2013-06-21 14:12 - 2010-10-21 13:49 - 00000000 ____D C:\ProgramData\Skype
2013-06-19 09:41 - 2011-04-14 16:32 - 00000000 ____D C:\Program Files\WISO
2013-06-19 09:40 - 2011-04-14 16:36 - 00000000 ____D C:\Users\********\AppData\Local\Buhl
2013-06-19 09:40 - 2011-01-22 18:39 - 00000781 ____A C:\Windows\wiso.ini
2013-06-19 09:40 - 2008-03-29 10:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-19 09:38 - 2008-04-02 21:40 - 00000000 ____D C:\Program Files\Common Files\Lexware
2013-06-19 09:35 - 2008-04-02 20:27 - 00000000 ____D C:\Program Files\Frag doch mal
2013-06-19 09:34 - 2013-06-18 22:16 - 00000000 ____D C:\Users\********\AppData\Local\LogiShrd
2013-06-18 22:18 - 2013-06-18 22:18 - 00000000 ____D C:\ProgramData\LogiShrd
2013-06-18 22:15 - 2013-06-18 22:08 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-06-18 22:13 - 2013-06-18 22:13 - 00000000 ____D C:\Users\********\AppData\Roaming\Leadertech
2013-06-18 22:12 - 2013-06-18 22:12 - 00007235 ____A C:\Windows\System32\lvcoinst.log
2013-06-18 22:12 - 2013-06-18 22:11 - 00003990 ____A C:\Windows\LDPINST.LOG
2013-06-18 22:12 - 2008-04-02 11:37 - 00000000 ____D C:\users\********
2013-06-18 22:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\twain_32
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\ProgramData\Logitech
2013-06-18 22:10 - 2013-06-18 22:10 - 00000000 ____D C:\Program Files\Common Files\LWS
2013-06-18 22:08 - 2013-06-18 22:08 - 00001478 ____A C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-06-17 13:27 - 2009-09-18 10:57 - 00000000 ____D C:\ic-automation
2013-06-17 13:05 - 2013-06-17 13:05 - 00376832 ____A (MARX CryptoTech LP ) C:\Windows\System32\MPIWIN32.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00043520 ____A C:\Windows\System32\CBNDLL.DLL
2013-06-17 13:05 - 2013-06-17 13:05 - 00017408 ____A (MARX Datentechnik GmbH ) C:\Windows\System32\Drivers\CBN.SYS
2013-06-17 13:05 - 2013-06-17 13:05 - 00000000 ____D C:\Users\********\.idl
2013-06-17 13:05 - 2013-06-17 13:03 - 00000000 ____D C:\ProgramData\Mark III
2013-06-17 13:04 - 2013-06-17 13:04 - 00000895 ____A C:\Users\Public\Desktop\FRT Mark III.lnk
2013-06-17 13:03 - 2013-06-17 13:03 - 00000000 ____D C:\Program Files\FRT
2013-06-14 21:55 - 2011-11-30 18:49 - 00000680 ____A C:\Users\********\AppData\Local\d3d9caps.dat
2013-06-13 10:30 - 2008-04-01 12:05 - 00008924 _RASH C:\ProgramData\ntuser.pol
2013-06-13 08:51 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-13 08:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-11 10:00 - 2012-10-23 15:24 - 00000000 ____D C:\Program Files\ODC1202-Tool-V316

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-26 09:00

==================== End Of Log ============================
         
--- --- ---

--- --- ---


JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows Vista (TM) Business x86
Ran by ******** on 26.06.2013 at  9:45:06,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\********\AppData\Roaming\mozilla\firefox\profiles\07nvtwpm.default\minidumps [1028 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.06.2013 at  9:48:06,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 26.06.2013, 09:06   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Standard

Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Logfile. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt
.com, dateien, ergebnis, fehler, festplatte, infizierte, kaspersky, nichts, pcs, platte, rechner, scan, scanner, seltsame, stick, system, system32, trojaner, usb, usb stick, virenscanner, virus, virustotal, windows




Ähnliche Themen: Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt


  1. Anwaltschaft-Schreiben (Zu dumm um Virus zu verschicken?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2014 (6)
  2. Anhang in einer Email geöffnet, Zip-Datei ausversehen ausgeführt, jetzt deutliche Leistungseinbußen, Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (13)
  3. win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (6)
  4. Win7 64bit pro: Telekom-Phishing Mail: Anhang heruntergeladen und ausgeführt
    Log-Analyse und Auswertung - 03.06.2014 (9)
  5. online anwaltschaft
    Plagegeister aller Art und deren Bekämpfung - 17.05.2014 (2)
  6. versehentlich zip-anhang einer email geöffnet und .exe ausgeführt
    Log-Analyse und Auswertung - 19.02.2014 (11)
  7. 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (3)
  8. Inkasso-Anwaltschaft-Email
    Plagegeister aller Art und deren Bekämpfung - 30.08.2013 (3)
  9. E-Mail einer Inkasso Anwaltschaft erhalten
    Überwachung, Datenschutz und Spam - 22.08.2013 (3)
  10. brauche hilfe habe e-mail bekommen mit anhang meine mutter hat es geofnet und da warn trojaner drin
    Log-Analyse und Auswertung - 30.06.2013 (2)
  11. Mydirtyhobby.de Rechnung - Anhang geöffnet und ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 14.04.2013 (4)
  12. Bitte um Hilfe bei Cybercrime Trojaner: Log im Anhang
    Log-Analyse und Auswertung - 24.02.2013 (10)
  13. GVU-Trojaner - OTL ausgeführt
    Log-Analyse und Auswertung - 07.11.2012 (10)
  14. Bundespolizei Trojaner; OTL ausgeführt.
    Log-Analyse und Auswertung - 22.11.2011 (11)
  15. BKA-Trojaner unter Mac OS X ausgeführt - was tun?
    Plagegeister aller Art und deren Bekämpfung - 11.02.2007 (1)
  16. 1und1-Anhang ausgeführt ...
    Plagegeister aller Art und deren Bekämpfung - 09.01.2007 (7)
  17. Hilfe e-mail dorithie im Anhang Henrie.zip
    Plagegeister aller Art und deren Bekämpfung - 24.11.2005 (12)

Zum Thema Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt - Hallo, ich habe leider in einem schwachen moment die Datei Anwaltschaft... .com ausgeführt. Direkt nach dem ich meinen Fehler bemerkt habe, sicherte ich den Anhang auf einen USB Stick und - Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt...
Archiv
Du betrachtest: Hilfe Trojaner Anhang Anwaltschaft.com ausgeführt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.