| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hilfe gegen Trojaner GVUWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.07.2013, 16:12
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Hilfe gegen Trojaner GVU Ich hab extra geschrieben KEIN OTLPE Mit der Fehlerbeschreibung "ich kann nichts downloaden" kann kein Helfer etwas anfangen 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.07.2013, 16:51
| #17 |
 | Hilfe gegen Trojaner GVU OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 7/3/2013 7:41:42 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias Rossmann\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 39.20% Memory free 5.93 Gb Paging File | 3.78 Gb Available in Paging File | 63.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 141.49 Gb Total Space | 12.89 Gb Free Space | 9.11% Space Free | Partition Type: NTFS Drive D: | 141.50 Gb Total Space | 136.43 Gb Free Space | 96.42% Space Free | Partition Type: NTFS Drive G: | 3.89 Gb Total Space | 3.66 Gb Free Space | 94.17% Space Free | Partition Type: FAT32 Computer Name: TOBIASROSSMANN | User Name: Tobias Rossmann | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobias Rossmann\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC) PRC - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe (WebCake LLC) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe () PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe (National Instruments Corporation) PRC - C:\Windows\System32\lktsrv.exe (National Instruments Corporation) PRC - C:\Windows\System32\lkads.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Windows\System32\schtasks.exe (Microsoft Corporation) PRC - C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.) PRC - C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe () PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC) PRC - C:\Windows\System32\Rezip.exe () ========== Modules (No Company Name) ========== MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\ce6b7579fbb77330560e9122d1cf6526\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b6eb138c3c9be780acb767c1bef572c1\System.Runtime.Remoting.ni.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\libglesv2.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\libegl.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll () MOD - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe () MOD - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\niwsrp.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3531.38598__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3531.38481__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3531.38538__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3531.38551__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3531.38490__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3531.38533__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3531.38571__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3531.38569__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3531.38490__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3531.38595__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3531.38526__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3531.38502__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3531.38546__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3531.38532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3531.38506__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3531.38505__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3531.38520__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3531.38531__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3531.38593__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3531.38575__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3531.38478__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3531.38565__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3531.38563__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3531.38559__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3531.38480__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3531.38479__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3531.38486__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3531.38565__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3531.38477__90ba9c70f846762e\APM.Server.dll () MOD - C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3531.38478__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll () ========== Services (SafeList) ========== SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found SRV - (ENI Server) -- C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENI.exe File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (BrowserDefendert) -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (mxssvr) -- C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe (National Instruments Corporation) SRV - (NITaggerService) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe (National Instruments Corporation) SRV - (NIDomainService) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe (National Instruments Corporation) SRV - (lkTimeSync) -- C:\Windows\System32\lktsrv.exe (National Instruments Corporation) SRV - (lkClassAds) -- C:\Windows\System32\lkads.exe (National Instruments Corporation) SRV - (NINetworkDiscovery) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation) SRV - (nimDNSResponder) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) SRV - (niSvcLoc) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation) SRV - (NIApplicationWebServer) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (LkCitadelServer) -- C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.) SRV - (NILM License Manager) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation) SRV - (niLXIDiscovery) -- C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation) SRV - (GPVPNService) -- C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe () SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Rezip) -- C:\Windows\System32\Rezip.exe () ========== Driver Services (SafeList) ========== DRV - (AgereSoftModem) -- system32\DRIVERS\AGRSM.sys File not found DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nipalfwedl) -- C:\Windows\System32\drivers\nipalfwedl.sys (National Instruments Corporation) DRV - (nipalusbedl) -- C:\Windows\System32\drivers\nipalusbedl.sys (National Instruments Corporation) DRV - (NIPALK) -- C:\Windows\System32\drivers\nipalk.sys (National Instruments Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (NiViPxiK) -- C:\Windows\System32\drivers\NiViPxiKl.sys (National Instruments Corporation) DRV - (NiViPciK) -- C:\Windows\System32\drivers\NiViPciKl.sys (National Instruments Corporation) DRV - (nidimk) -- C:\Windows\System32\drivers\nidimkl.sys (National Instruments Corporation) DRV - (nipbcfk) -- C:\Windows\System32\drivers\nipbcfk.sys (National Instruments Corporation) DRV - (VSPerfDrv100) -- C:\Users\Tobias Rossmann\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys () DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (VMC326) -- C:\Windows\System32\drivers\VMC326.sys (Vimicro Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (niorbk) -- C:\Windows\System32\drivers\niorbkl.sys (National Instruments Corporation) DRV - (cvintdrv) -- C:\windows\System32\drivers\cvintdrv.sys () DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{3CABF988-1FE2-420A-B03D-20092295B650}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=3b5b11f5-155c-4a6f-b77f-3f31c9e22758&apn_sauid=402C6D5E-1B51-437B-AABB-FC9170EE64D1 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Delta Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26 FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=3b5b11f5-155c-4a6f-b77f-3f31c9e22758&apn_ptnrs=%5EABT&apn_sauid=402C6D5E-1B51-437B-AABB-FC9170EE64D1&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/02 16:50:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/01 15:52:08 | 000,000,000 | ---D | M] [2010/01/13 21:25:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Extensions [2010/01/13 21:25:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2013/07/03 18:43:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions [2010/10/06 20:50:16 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2011/07/31 15:07:44 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010/09/24 13:07:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010/01/17 00:41:16 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2013/07/03 18:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\ffxtlbr@babylon.com [2013/07/03 18:43:22 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\ffxtlbr@delta.com [2013/07/03 18:41:49 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\plugin@getwebcake.com [2013/07/03 18:42:59 | 000,006,505 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\babylon.xml [2010/01/17 13:32:49 | 000,000,881 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\conduit.xml [2013/07/03 18:43:29 | 000,001,294 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\delta.xml [2013/06/26 15:24:33 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-1.xml [2010/10/21 19:11:02 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-10.xml [2010/10/29 17:59:51 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-11.xml [2010/12/19 13:00:24 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-12.xml [2011/03/03 23:36:13 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-13.xml [2011/03/06 10:36:03 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-14.xml [2011/03/26 18:10:40 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-15.xml [2011/05/11 14:44:52 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-16.xml [2011/06/25 09:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-17.xml [2011/08/21 11:15:24 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-18.xml [2011/09/02 21:54:16 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-19.xml [2010/03/26 21:10:49 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-2.xml [2011/09/08 12:59:36 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-20.xml [2011/10/19 13:47:37 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-21.xml [2011/11/26 19:44:49 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-22.xml [2012/01/02 22:00:44 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-23.xml [2012/06/02 16:50:56 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-24.xml [2013/03/07 14:33:20 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-25.xml [2010/04/02 22:02:28 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-3.xml [2010/06/24 18:38:33 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-4.xml [2010/06/28 18:51:30 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-5.xml [2010/07/23 14:41:13 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-6.xml [2010/07/26 17:58:01 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-7.xml [2010/09/11 21:50:51 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-8.xml [2010/09/20 13:20:36 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-9.xml [2010/03/14 14:48:45 | 000,000,955 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin.xml [2010/01/16 21:20:03 | 000,001,201 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\winamp-search.xml [2012/03/05 10:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/01/13 21:42:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012/06/02 16:50:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/03/05 10:28:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/06/02 16:50:37 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2012/06/02 16:50:37 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2012/03/05 10:28:17 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/05/24 20:39:14 | 000,059,936 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\npIMAQAXControl.dll [2011/06/09 19:05:10 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2010win32.dll [2011/06/22 12:43:54 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2011win32.dll [2009/10/22 10:28:40 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\NPLV82Win32.dll [2008/12/10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv86win32.dll [2010/10/19 19:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv90win32.dll [2012/06/02 16:50:38 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2012/07/27 22:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011/09/02 21:53:58 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/09/02 21:53:58 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011/09/02 21:53:58 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2011/09/02 21:53:58 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011/09/02 21:53:58 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011/09/02 21:53:58 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: registryAccess (Enabled) = C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background/registryAccess.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: National Instruments IMAQ 1.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npIMAQAXControl.dll CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll CHR - plugin: National Instruments LabVIEW 2011 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv2011win32.dll CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll CHR - plugin: National Instruments LabVIEW 8.6 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - Extension: Avira Toolbar = C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.33344_0\ CHR - Extension: Delta Toolbar = C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\ CHR - Extension: WebCake = C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\ O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\WebCake\WebCakeIEClient.dll (WebCake LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Users\Tobias Rossmann\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ENISysTray] C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENISysTray.exe File not found O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [NI Update Service] C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Update Service\NIUpdateService.exe (National Instruments) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000..\Run: [NIRegistrationWizard] C:\Users\Tobias Rossmann\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe () O4 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000..\Run: [syshost32] C:\Users\Tobias Rossmann\AppData\Local\{195FA8DB-7AD9-07B3-62C6-37234284098A}\syshost.exe File not found O4 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000..\Run: [WebCake Desktop] C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B342B67-2DD7-4797-98B9-04CEF99E0D86}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000 Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\windows\System32\TSpkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{3014416f-d3d8-11de-9118-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{3014416f-d3d8-11de-9118-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/07/04 00:22:34 | 000,000,000 | ---D | C] -- C:\_OTL [2013/07/03 23:58:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/07/03 18:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller [2013/07/03 18:43:38 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [2013/07/03 18:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013/07/03 18:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Delta [2013/07/03 18:43:15 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\Delta [2013/07/03 18:43:15 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\BabSolution [2013/07/03 18:42:52 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\Optimizer Pro [2013/07/03 18:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zipper [2013/07/03 18:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Tuguu SL [2013/07/03 18:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro [2013/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Local\Programs [2013/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro [2013/07/03 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\WebCake [2013/07/03 18:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake [2013/07/03 18:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013/07/03 18:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013/07/03 18:41:33 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\Babylon [2013/06/22 12:38:48 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\Desktop\verschiedenes [2013/06/12 22:47:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013/06/12 22:47:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/06/12 22:44:56 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013/06/12 22:44:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013/06/12 22:44:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013/06/12 22:44:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013/06/12 22:44:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013/06/12 22:44:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013/06/12 22:44:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013/06/12 22:44:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013/06/12 18:55:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll [2013/06/12 18:55:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cryptdlg.dll [2013/06/12 18:55:02 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certutil.exe [2013/06/12 18:55:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certenc.dll [2013/06/12 18:54:56 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2013/06/12 18:54:56 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2 C:\Users\Tobias Rossmann\Desktop\*.tmp files -> C:\Users\Tobias Rossmann\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/07/03 19:22:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/07/03 19:08:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/07/03 19:06:02 | 000,001,116 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/07/03 18:46:38 | 000,001,144 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk [2013/07/03 18:42:40 | 000,000,980 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Optimizer Pro.lnk [2013/07/03 18:41:41 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/07/03 18:41:41 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/07/03 18:39:06 | 000,763,254 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013/07/03 18:39:06 | 000,718,532 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/07/03 18:39:06 | 000,173,608 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013/07/03 18:39:06 | 000,146,554 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/07/03 18:33:59 | 000,000,702 | ---- | M] () -- C:\windows\tasks\MATLAB R2011b Startup Accelerator.job [2013/07/03 18:28:28 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/07/03 18:27:29 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys [2013/07/03 13:11:55 | 000,003,224 | ---- | M] () -- C:\bootsqm.dat [2013/06/29 16:35:47 | 000,080,481 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Stromverlauf.jpg [2013/06/20 10:16:56 | 000,001,966 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel [2013/06/13 22:18:55 | 003,563,911 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Wald.JPG [2013/06/12 13:44:02 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2013/06/12 13:44:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/06/08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2 C:\Users\Tobias Rossmann\Desktop\*.tmp files -> C:\Users\Tobias Rossmann\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/07/03 18:46:38 | 000,001,144 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk [2013/07/03 18:42:40 | 000,000,980 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Optimizer Pro.lnk [2013/07/03 13:11:55 | 000,003,224 | ---- | C] () -- C:\bootsqm.dat [2013/06/29 16:35:47 | 000,080,481 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Stromverlauf.jpg [2013/06/20 10:16:56 | 000,001,966 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel [2013/06/13 22:18:55 | 003,563,911 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Wald.JPG [2013/03/20 21:38:11 | 000,075,264 | ---- | C] () -- C:\windows\System32\callrproxy.dll [2011/11/16 15:22:04 | 000,003,843 | ---- | C] () -- C:\windows\scad3.INI [2011/07/13 04:40:57 | 000,000,000 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\{F0D212F8-ABBE-4CF2-B8CE-0F99522FBD83} [2011/07/13 01:40:42 | 000,000,000 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\{FE9F1CF2-22C6-49B6-87E6-39CD9422313F} [2010/01/12 20:43:54 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = C:\$Recycle.Bin\S-1-5-21-1016556084-3091970497-507946437-1000\$09091a959288d0d384b99fa633307145\n. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/CODE] das hat jetzt echt lang gedauert. Ist das so richtig wie ich es gemacht habe? Geändert von Tobi R. (03.07.2013 um 17:00 Uhr) |
|
03.07.2013, 22:51
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU ja...
__________________ ich will mit einem etwas aktuelleren Tool nochmal gegenchecken:Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.07.2013, 00:31
| #19 |
| | Hilfe gegen Trojaner GVUCode:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-07-2013 02
Ran by Tobias Rossmann at 2013-07-04 01:29:10
Running from C:\Users\Tobias Rossmann\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20
Adobe Flash Player 10 Plugin (Version: 10.0.42.34)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Ask Toolbar (Version: 1.15.4.0)
ATI Catalyst Install Manager (Version: 3.0.741.0)
Avira Free Antivirus (Version: 12.1.9.1236)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.3.0.23930)
BatteryLifeExtender (Version: 1.0.0)
BrowserDefender
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.3.1.5)
Canon Internet Library for ZoomBrowser EX (Version: 1.5.1.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.7.0.3)
Canon Utilities Digital Photo Professional 3.8 (Version: 3.8.1.0)
Canon Utilities EOS Utility (Version: 2.1.0.1)
Canon Utilities Original Data Security Tools (Version: 1.1.0.0)
Canon Utilities PhotoStitch (Version: 3.1.19.43)
Canon Utilities Picture Style Editor (Version: 1.0.1.0)
Canon Utilities WFT-E1/E2/E3 Utility (Version: 3.1.0.7)
Canon Utilities ZoomBrowser EX (Version: 5.8.0.74)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0901.2227.38495)
Catalyst Control Center Graphics Full Existing (Version: 2009.0901.2227.38495)
Catalyst Control Center Graphics Full New (Version: 2009.0901.2227.38495)
Catalyst Control Center Graphics Light (Version: 2009.0901.2227.38495)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0901.2227.38495)
Catalyst Control Center InstallProxy (Version: 2009.0901.2227.38495)
Catalyst Control Center Localization All (Version: 2009.0901.2227.38495)
CCC Help Chinese Standard (Version: 2009.0901.2226.38495)
CCC Help Chinese Traditional (Version: 2009.0901.2226.38495)
CCC Help Czech (Version: 2009.0901.2226.38495)
CCC Help Danish (Version: 2009.0901.2226.38495)
CCC Help Dutch (Version: 2009.0901.2226.38495)
CCC Help English (Version: 2009.0901.2226.38495)
CCC Help Finnish (Version: 2009.0901.2226.38495)
CCC Help French (Version: 2009.0901.2226.38495)
CCC Help German (Version: 2009.0901.2226.38495)
CCC Help Greek (Version: 2009.0901.2226.38495)
CCC Help Hungarian (Version: 2009.0901.2226.38495)
CCC Help Italian (Version: 2009.0901.2226.38495)
CCC Help Japanese (Version: 2009.0901.2226.38495)
CCC Help Korean (Version: 2009.0901.2226.38495)
CCC Help Norwegian (Version: 2009.0901.2226.38495)
CCC Help Polish (Version: 2009.0901.2226.38495)
CCC Help Portuguese (Version: 2009.0901.2226.38495)
CCC Help Russian (Version: 2009.0901.2226.38495)
CCC Help Spanish (Version: 2009.0901.2226.38495)
CCC Help Swedish (Version: 2009.0901.2226.38495)
CCC Help Thai (Version: 2009.0901.2226.38495)
CCC Help Turkish (Version: 2009.0901.2226.38495)
ccc-core-static (Version: 2009.0901.2227.38495)
ccc-utility (Version: 2009.0901.2227.38495)
ChargeableUSB (Version: 1.0.0.0)
CoDeSys for Automation Alliance
Crystal Reports for Visual Studio (Version: 12.51.0.240)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Delta Chrome Toolbar
Delta toolbar (Version: 1.8.21.5)
Dotfuscator Software Services - Community Edition - DEU (Version: 5.0.2300.0)
Dotfuscator Software Services - Community Edition (Version: 5.0.2300.0)
DRI Tool 2.0 (Version: 2.0)
Easy Network Manager (Version: 4.2.4)
Easy SpeedUp Manager (Version: 3.0.0.4)
EasyBatteryManager (Version: 4.0.0.2)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
gateProtect VPN Client 2.5
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 27.0.1453.116)
Google Update Helper (Version: 1.3.21.145)
HI-TECH C51-lite V9.60PL0 (Version: 9.60)
HI-TECH PICC lite V9.60PL0 (Version: 9.60)
Inkscape 0.48.4 (Version: 0.48.4)
IVI Shared Component (Version: 2.21.49152)
IVI Shared Components 2.2.1 (Version: 2.21.49152)
Java Auto Updater (Version: 2.0.7.1)
Java(TM) 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
LTspice IV
MATLAB R2011b (Version: 7.13)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - DEU (Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight 3 SDK - Deutsch (Version: 3.0.40818.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 de (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x86) de (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.30319)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Performance Collection Tools - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Ultimate - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (Version: 10.0.30319)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0)
Mozilla Firefox (3.6.26) (Version: 3.6.26 (de))
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
National Instruments - Software (Version: )
NI AFW Channel Configuration Tool (Version: 7.5.125.0)
NI AFW Custom UI (Version: 7.5.125.0)
NI AFW Custom UI Assemblies (Version: 7.0.132.0)
NI AFW UI Assemblies (Version: 7.2.8.0)
NI Assistant Framework (Version: 7.5.126.0)
NI Assistant Framework LabVIEW 2011 Support (Version: 7.5.69.0)
NI Assistant Framework LabVIEW Code Generator 2011 (Version: 7.5.64.0)
NI Authentication 2.0 (Version: 2.0.220.0)
NI Certificates Deployment Support (Version: 1.02.49152)
NI Circuit Design Suite 11.0.2 Core (Version: 11.0.775)
NI Circuit Design Suite 11.0.2 Edu Licenses (Version: 11.0.775)
NI Circuit Design Suite 11.0.2 Education (Version: 11.0.775)
NI CodeSignAPI (Version: 2.70.346)
NI Control Design Assistant 2011 (Version: 11.0.94.0)
NI Curl 1.1 (Version: 1.1.216.0)
NI DataSocket 4.9 (Version: 4.9.229.0)
NI Distributed System Manager 2011 (Version: 11.0.305.0)
NI DN 2.0 SP1 installer (Version: 2.11.49152)
NI Enhanced DSC Deployment Support for LabVIEW 2010 (Version: 10.0.258.0)
NI Error Reporting 2011 (Version: 11.0.154.0)
NI EulaDepot (Version: 3.0.397)
NI Example Finder 11.0 (Version: 11.0.309.0)
NI GMP Windows 32-bit Installer 11.0.0 (Version: 11.0.22.0)
NI Help Assistant (Version: 1.0.11)
NI Instrument IO Assistant for LabVIEW 2011 32-bit (Version: 1.0.13.0)
NI IVI Class Driver LabVIEW 2011 Support (Version: 4.40.49155)
NI IVI Class Drivers (Version: 6.40.49155)
NI IVI Class Simulation Drivers (Version: 4.40.49155)
NI IVI Compliance Package 4.4 (Version: 4.40.49155)
NI IVI Engine (Version: 134.40.49155)
NI IVI Online Help (Version: 4.40.49155)
NI IVI Provider for MAX (Version: 5.50.49155)
NI LabVIEW 2009 SP1 Run-Time Engine Web Services (Version: 9.0.234.0)
NI LabVIEW 2010 Real-Time NBFifo (Version: 10.0.214.0)
NI LabVIEW 2011 (Version: 11.0.308.0)
NI LabVIEW 2011 (Version: 11.0.325.0)
NI LabVIEW 2011 (Version: 11.0.326.0)
NI LabVIEW 2011 (Version: 11.0.327.0)
NI LabVIEW 2011 (Version: 11.0.329.0)
NI LabVIEW 2011 (Version: 11.0.362.0)
NI LabVIEW 2011 Control Design and Simulation Module (Version: 10.0.189.0)
NI LabVIEW 2011 Control Design MathScript Support (Version: 11.0.188.0)
NI LabVIEW 2011 Control Design Real-Time Support (Version: 11.0.176.0)
NI LabVIEW 2011 Control Design Shared VIs (Version: 11.0.190.0)
NI LabVIEW 2011 Deployable License (Version: 11.0.312.0)
NI LabVIEW 2011 Deployment Framework (Version: 11.0.64.0)
NI LabVIEW 2011 Digital Filter Design Toolkit (Version: 11.0.162.0)
NI LabVIEW 2011 Digital Filter Design Toolkit License (Version: 11.0.162.0)
NI LabVIEW 2011 Digital Filter Design Toolkit RT Support (Version: 11.0.161.0)
NI LabVIEW 2011 Help (Version: 11.0.307.0)
NI LabVIEW 2011 Help File (Version: 11.0.304.0)
NI LabVIEW 2011 License (Version: 11.0.309.0)
NI LabVIEW 2011 Manuals (Version: 11.0.306.0)
NI LabVIEW 2011 MathScript RT Module (Version: 11.0.228.0)
NI LabVIEW 2011 MathScript RT Module (Version: 11.0.229.0)
NI LabVIEW 2011 MathScript RT Module License (Version: 11.0.230.0)
NI LabVIEW 2011 MeasAppChm File (Version: 11.0.303.0)
NI LabVIEW 2011 Real-Time Error Dialog (Version: 11.0.248.0)
NI LabVIEW 2011 Real-Time NBFifo (Version: 11.0.250.0)
NI LabVIEW 2011 Run-Time Engine Non-English Support. (Version: 11.0.210.0)
NI LabVIEW 2011 Search (Version: 11.0.36.0)
NI LabVIEW 2011 Simulation (Version: 11.0.310.0)
NI LabVIEW 2011 System Identification Assistant (Version: 11.0.168.0)
NI LabVIEW 2011 System Identification Toolkit (Version: 11.0.169.0)
NI LabVIEW 2011 System Identification Toolkit License (Version: 11.0.169.0)
NI LabVIEW 2011 System Identification Toolkit VIs (Version: 11.0.168.0)
NI LabVIEW 2011 VIPM Helper (Version: 11.0.114.0)
NI LabVIEW 2011 Web Server (Version: 11.0.301.0)
NI LabVIEW Analog Modulation Toolkit 4.3.1 (Version: 4.31.49156)
NI LabVIEW Broker (Version: 6.8.10.0)
NI LabVIEW C Interface (Version: 1.0.1)
NI LabVIEW Compare Utility 11.0.0 (Version: 11.0.2.0)
NI LabVIEW EWB DeviceHandler 2010 (Version: 5.0.142.0)
NI LabVIEW MAX XML (Version: 9.0.6.0)
NI LabVIEW Merge Utility 11.0.0 (Version: 11.0.307.0)
NI LabVIEW Modulation Toolkit 4.3.1 (Version: 4.31.49156)
NI LabVIEW Real-Time FIFO for Runtime (Version: 8.2.74.0)
NI LabVIEW Real-Time NBFifo (Version: 8.6.348.0)
NI LabVIEW Real-Time NBFifo (Version: 9.0.319.0)
NI LabVIEW Run-Time Engine 2009 SP1 (Version: 9.0.1077.0)
NI LabVIEW Runtime Engine 2010 SP1 (Version: 10.1.104.0)
NI LabVIEW Run-Time Engine 2011 (Version: 11.0.322.0)
NI LabVIEW Run-Time Engine 8.2.1 (Version: 8.2.393.0)
NI LabVIEW Run-Time Engine 8.6.1 (Version: 8.6.426.0)
NI LabVIEW Run-Time Engine Interop 2009 (Version: 9.0.149.0)
NI LabVIEW Run-Time Engine Interop 2010 (Version: 10.1.105.0)
NI LabVIEW Run-Time Engine Interop 2011 (Version: 11.0.323.0)
NI LabVIEW SignalExpress 2011 (Version: 5.0.148.0)
NI LabVIEW SignalExpress 2011 Core (Version: 5.0.142.0)
NI LabVIEW SignalExpress 2011 Core LabVIEW 2011 Support (Version: 5.0.87.0)
NI LabVIEW SignalExpress 2011 Core LabVIEW Support (Version: 5.0.142.0)
NI LabVIEW SignalExpress 2011 Datatypes (Version: 5.0.99.0)
NI LabVIEW SignalExpress 2011 Datatypes LabVIEW 2011 Support (Version: 5.0.65.0)
NI LabVIEW SignalExpress 2011 LabVIEW 2011 Support (Version: 5.0.75.0)
NI LabVIEW SignalExpress 2011 LabVIEW Support (Version: 5.0.110.0)
NI LabVIEW SignalExpress 2011 Licenses (Version: 5.0.142.0)
NI LabVIEW SignalExpress 2011 Steps (Version: 5.0.110.0)
NI LabVIEW SignalExpress 2011 Tools (Version: 5.0.99.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 10.0.235.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 11.0.301.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 8.6.41.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 9.0.185.0)
NI LabVIEW Web Services Runtime (Version: 11.0.305.0)
NI LabVIEW Web Services Runtime (Version: 8.6.48.0)
NI LabWindows/CVI 2010 Code Generator (Version: 10.0.0360)
NI LabWindows/CVI 2010 LabVIEW DLL Builder (Version: 10.0.0360)
NI LabWindows/CVI 9.0.1 Run-Time Engine (Version: 9.0.1376)
NI License Manager (Version: 3.6.85)
NI Logos 5.3.0 (Version: 5.3.223.0)
NI Logos LabVIEW 2011 Support (Version: 11.0.310.0)
NI Logos XT Support (Version: 5.3.222.0)
NI Math Kernel Libraries (Version: 1.0.25.0)
NI Math Kernel Libraries (Version: 1.0.28.0)
NI Math Kernel Libraries (Version: 1.0.5.0)
NI Math Kernel Libraries (Version: 1.0.861.0)
NI MAX Remote Configuration Installer 5.0 (Version: 5.00.49153)
NI MDF Support (Version: 3.0.397)
NI mDNS Responder 1.6.0 (Version: 1.60.49155)
NI Measurement & Automation Explorer 5.0.0 (Version: 5.00.49153)
NI Measurement Studio 8.6 Enterprise RunTime for VS2005 (Version: 8.6.10466)
NI Measurement Studio Common .NET Assemblies for .NET 2.0 (Version: 9.1.00159)
NI Measurement Studio Common .NET Assemblies for .NET 3.5 (Version: 9.1.00159)
NI Measurement Studio Recipe Processor (Version: 8.0.0101)
NI MetaSuite Installer (Version: 3.0.397)
NI Microsoft Silverlight Wrapper (Version: 4.0.307)
NI MXS 5.0.0 (Version: 5.00.49153)
NI Network Discovery 5.0 (Version: 5.00.49152)
NI OPC Support (Version: 11.0.243.0)
NI Portable Configuration 5.0.0 (Version: 5.00.49152)
NI Registration Wizard (Version: 1.3.87.0)
NI Remote Provider for MAX 5.0.0 (Version: 5.00.49153)
NI Remote PXI Provider for MAX 5.0.0 (Version: 5.00.49152)
NI Search Shared (Version: 11.0.28.0)
NI Software Provider for MAX 5.0.0 (Version: 5.00.49152)
NI Sound and Vibration Frequency Analysis 2010 (Version: 11.0.61.0)
NI Sound and Vibration Frequency Analysis LabVIEW 2011 Support (Version: 11.0.31.0)
NI SSL LabVIEW 2011 Support (Version: 11.0.277.0)
NI SSL Support (Version: 11.0.221.0)
NI System API Client for WIF 5.0.0 (Version: 5.0.251.0)
NI System API Web-Servce 32-bit 5.0.0 (Version: 5.0.310.0)
NI System API Windows 32-bit 5.0.0 (Version: 5.0.312.0)
NI System Configuration Runtime 5.0.0 (Version: 5.0.362.0)
NI System Identification Assistant LabVIEW Support (Version: 11.0.168.0)
NI System State Publisher (Version: 11.0.306.0)
NI System Web Server 2.0 (Version: 11.0.213.0)
NI System Web Server Base 2.0 (Version: 2.0.215.0)
NI TDM Excel Add-In 3.3 (Version: 3.3.35.0)
NI TDMS (Version: 2.3.175.0)
NI Trace Engine (Version: 11.0.213.0)
NI Uninstaller (Version: 3.0.397)
NI Update Service 2.0 (Version: 2.0.270.0)
NI USI 1.9.0 (Version: 1.9.04551)
NI Variable Engine 2.5.0 (Version: 2.5.247.0)
NI Variable Engine LabVIEW 2011 Support (Version: 11.0.310.0)
NI VC2005MSMs x86 (Version: 8.04.0)
NI VC2008MSMs x86 (Version: 9.0.301)
NI Vision .NET 2011 (Version: 11.0.74.0)
NI Vision .NET Run-Time Engine 2011 (Version: 11.0.67.0)
NI Vision 2011 (Version: 11.0.75.0)
NI Vision Assistant 2011 (Version: 11.0.63.0)
NI Vision Assistant 2011 .NET (Version: 11.0.63.0)
NI Vision Builder AI 2010 (Version: 4.10.140.0)
NI Vision Builder AI 2010 API Interface (Version: 4.10.71.0)
NI Vision Builder AI 2010 Shared Resources (Version: 4.10.79.0)
NI Vision Common Resources 2011 (Version: 11.0.73.0)
NI Vision Run-Time Engine 2011 (Version: 11.0.67.0)
NI Web Application Server 2.0 (Version: 2.0.212.0)
NI Web Interface Framework 2.0 (Version: 2.0.214.0)
NI Web Pipeline 2.0.1 (Version: 2.0.128.0)
NI Xalan Delay Load 1.10.1 (Version: 1.10.46.0)
NI Xerces Delay Load 2.7.3 (Version: 2.7.180.0)
NI-DAQmx/LabVIEW shared documentation 1.9.5 (Version: 1.95.49152)
NI-DIM 1.11.0f0 (Version: 1.110.49152)
NI-IMAQ Camera Files (Version: 4.50.31.0)
NI-Mesa (Version: 11.0.11.0)
NI-ORB 1.9.3f0 (Version: 1.94.49152)
NI-PAL 2.6.5f0 (Version: 10.75.49152)
NI-RPC 4.2.2f0 (Version: 4.22.49152)
NI-RPC 4.2.2f0 for Phar Lap ETS (Version: 4.22.49152)
NI-VISA Runtime 5.0.3 (Version: 5.03.49152)
OpenOffice.org 3.3 (Version: 3.3.9567)
Optimizer Pro v3.1 (Version: 3.1)
PDF Blender
Realtek High Definition Audio Driver (Version: 6.0.1.5919)
REALTEK Wireless LAN Software (Version: 1.01.0088)
Reset NI Config 5.0.0 (Version: 5.0.146.0)
Samsung Recovery Solution 4 (Version: 4.0.0.3)
Samsung Support Center (Version: 1.0.1)
Service Pack 1 für SQL Server 2008 (KB 968369) (Version: 10.1.2531.0)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Uninstall 1.0.0.1
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (Version: 10.1.2731.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
VISA Shared Components
VISA Shared Components (Version: 1.3.1)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (Version: 4.0.8080.0)
Web Deployment Tool (Version: 1.1.0618)
WebCake 3.00 (Version: 3.00)
WIF Core Dependencies Windows 5.0.0 (Version: 5.0.123.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
WinRAR
Zipper (Version: 1.0.3)
==================== Restore Points =========================
05-06-2013 21:11:34 Windows Update
06-06-2013 21:26:46 Windows Update
07-06-2013 20:35:21 Windows Update
08-06-2013 18:32:15 Windows Update
09-06-2013 21:50:11 Windows Update
10-06-2013 21:44:13 Windows Update
11-06-2013 22:38:45 Windows Update
12-06-2013 20:44:01 Windows Update
27-06-2013 08:12:19 Windows Modules Installer
27-06-2013 08:22:35 Windows Modules Installer
29-06-2013 10:15:19 Windows Update
03-07-2013 10:02:29 Windows Update
==================== Scheduled Tasks (whitelisted) =============
Task: {0C5AC2D6-92E7-4027-AF31-502439181317} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {3BEA1269-71AA-491F-B309-219AE332725E} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {4D62CFEF-E1DA-4727-A5D9-7C241B131A90} - System32\Tasks\EPUpdater => C:\Users\TOBIAS~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {4EE2A8A1-9346-423F-8EC2-1760E5073B97} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2009-08-06] (SEC)
Task: {517B8940-26B3-4DA7-BE49-1E901A334901} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-15] (Google Inc.)
Task: {5A3185F0-7A94-4818-98FD-AC887B1150BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-15] (Google Inc.)
Task: {65CAA3FC-6411-4E38-A61B-05EDDDD07C53} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe No File
Task: {7366B38C-B7CB-49A5-AE9B-DC9EF847FB55} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-08-12] (Samsung Electronics. Co. Ltd.)
Task: {7B028705-E219-4FBB-9B71-F4B9075AF767} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {7C233FF6-E3D6-4EB2-8CF4-F7BF21E174CF} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {86AABC58-8DA0-4A1A-90C8-7AE51DC464DB} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {C8D56468-0A91-4A6F-9C36-C77001445253} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {CB39B251-0B89-4313-A487-12780C5257C7} - System32\Tasks\MATLAB R2011b Startup Accelerator => C:\Users\Tobias Rossmann\Desktop\Studium\Regelungstechnik1\Final\bin\win32\MATLABStartupAccelerator.exe [2011-07-08] ()
Task: {CDDEC046-0DFC-4356-81B8-830F4D9A9142} - System32\Tasks\BrowserDefendert => C:\windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {E3FEADA3-2315-46C3-80FE-1A5A6DBAE2F5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MATLAB R2011b Startup Accelerator.job => C:\Users\Tobias Rossmann\Desktop\Studium\Regelungstechnik1\Final\bin\win32\MATLABStartupAccelerator.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2013 07:40:38 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4c4
Startzeit: 01ce78127ba6fa2b
Endzeit: 73
Anwendungspfad: C:\Users\Tobias Rossmann\Downloads\OTL.exe
Berichts-ID:
Error: (07/03/2013 06:45:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: OptimizerPro.exe, Version: 3.0.1.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000029
Fehleroffset: 0x00090572
ID des fehlerhaften Prozesses: 0x1580
Startzeit der fehlerhaften Anwendung: 0xOptimizerPro.exe0
Pfad der fehlerhaften Anwendung: OptimizerPro.exe1
Pfad des fehlerhaften Moduls: OptimizerPro.exe2
Berichtskennung: OptimizerPro.exe3
Error: (07/03/2013 06:31:07 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/03/2013 06:30:57 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/03/2013 06:30:57 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/03/2013 00:10:40 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/03/2013 00:06:05 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/03/2013 00:06:05 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (07/02/2013 09:26:21 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Office 2007 Primary Interop Assemblies - Update "Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (07/02/2013 09:26:21 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.
System errors:
=============
Error: (07/03/2013 06:35:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/03/2013 06:28:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ENI Server" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/03/2013 02:06:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ENI Server" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/03/2013 02:05:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (07/03/2013 07:40:38 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.04c401ce78127ba6fa2b73C:\Users\Tobias Rossmann\Downloads\OTL.exe
Error: (07/03/2013 06:45:05 PM) (Source: Application Error)(User: )
Description: OptimizerPro.exe3.0.1.02a425e19ntdll.dll6.1.7601.177254ec49b60c000002900090572158001ce780c56849876C:\Program Files\Optimizer Pro\OptimizerPro.exeC:\windows\SYSTEM32\ntdll.dlle985dceb-e3ff-11e2-8b07-0024541aa6c3
Error: (07/03/2013 06:31:07 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/03/2013 06:30:57 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/03/2013 06:30:57 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/03/2013 00:10:40 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/03/2013 00:06:05 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/03/2013 00:06:05 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "c:/users/tobias rossmann/desktop/studium/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL
Error: (07/02/2013 09:26:21 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Microsoft Office 2007 Primary Interop AssembliesSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition1603(NULL)(NULL)(NULL)
Error: (07/02/2013 09:26:21 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 3036.61 MB
Available physical RAM: 1251.79 MB
Total Pagefile: 6069.46 MB
Available Pagefile: 3992.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:12.73 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:136.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B4B6F23B)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-07-2013 02
Ran by Tobias Rossmann (administrator) on 04-07-2013 01:25:22
Running from C:\Users\Tobias Rossmann\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe
(National Instruments Corporation) C:\windows\system32\lkads.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe
() C:\windows\SYSTEM32\Rezip.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(National Instruments, Inc.) C:\windows\system32\lkcitdl.exe
(National Instruments Corporation) C:\windows\system32\lktsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\nierserver.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WebCake LLC) C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe
(WebCake LLC) C:\Program Files\WebCake\WebCakeDesktop.Updater.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\windows\system32\schtasks.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(www.rene-zeidler.de) C:\Users\Tobias Rossmann\Desktop\Snipping Tool Plus.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-09-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [NI Update Service] "C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Update Service\NIUpdateService.exe" -startupTask [3002976 2011-06-07] (National Instruments)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe" [1109072 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe" [1629280 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [] [x]
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1568976 2012-06-20] (Ask)
HKLM\...\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-09-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ENISysTray] C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENISysTray.exe [x]
HKCU\...\Run: [NIRegistrationWizard] C:\Users\Tobias Rossmann\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031 [846520 2010-06-21] ()
HKCU\...\Run: [syshost32] C:\Users\Tobias Rossmann\AppData\Local\{195FA8DB-7AD9-07B3-62C6-37234284098A}\syshost.exe [x]
HKCU\...\Run: [WebCake Desktop] "C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC)
HKCU\...\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe [135672 2013-06-07] (PC Utilities Pro)
HKCU\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-1016556084-3091970497-507946437-1000\$09091a959288d0d384b99fa633307145\n. ATTENTION! ====> ZeroAccess?
MountPoints2: {3014416f-d3d8-11de-9118-806e6f6e6963} - E:\SETUP.EXE
Startup: C:\ProgramData\Start Menu\Programs\Startup\NI Error Reporting.lnk
ShortcutTarget: NI Error Reporting.lnk -> C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
Startup: C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
SearchScopes: HKCU - {3CABF988-1FE2-420A-B03D-20092295B650} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=3b5b11f5-155c-4a6f-b77f-3f31c9e22758&apn_sauid=402C6D5E-1B51-437B-AABB-FC9170EE64D1
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\WebCake\WebCakeIEClient.dll (WebCake LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Users\Tobias Rossmann\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU -Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default
FF user.js: detected! => C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\user.js
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=3b5b11f5-155c-4a6f-b77f-3f31c9e22758&apn_ptnrs=%5EABT&apn_sauid=402C6D5E-1B51-437B-AABB-FC9170EE64D1&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-25.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\winamp-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\ffxtlbr@babylon.com
FF Extension: Delta Toolbar - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\ffxtlbr@delta.com
FF Extension: WebCake - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\plugin@getwebcake.com
FF Extension: Winamp Toolbar - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF Extension: Garmin Communicator - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DVDVideoSoftTB Toolbar - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: DVDVideoSoft Toolbar - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932"
CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (registryAccess) - C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (National Instruments IMAQ 1.0 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\npIMAQAXControl.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 2010 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 2011 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv2011win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 8.2 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 8.6 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 9.0 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll (National Instruments)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Avira Toolbar) - C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.33344_0
CHR Extension: (Delta Toolbar) - C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-09-03] (Avira Operations GmbH & Co. KG)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 GPVPNService; C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe [86016 2009-11-30] ()
R2 LkCitadelServer; C:\windows\system32\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\windows\system32\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
R2 lkTimeSync; C:\windows\system32\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 MSSQLServerADHelper100; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [47128 2009-07-21] (Microsoft Corporation)
R2 mxssvr; C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe [12696 2011-06-14] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
R2 NIDomainService; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe [362104 2011-06-14] (National Instruments Corporation)
S3 NILM License Manager; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [131776 2010-06-23] (National Instruments Corporation)
R2 nimDNSResponder; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe [194224 2011-06-01] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe [121032 2011-06-10] (National Instruments Corporation)
R2 niSvcLoc; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
R2 NITaggerService; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe [676016 2011-06-14] (National Instruments Corporation)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 WebCake Desktop Updater; C:\Users\Tobias Rossmann\AppData\Roaming\WebCake\WebCakeDesktop.exe [47896 2013-06-21] (WebCake LLC)
S2 ENI Server; C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENI.exe [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-09-03] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-09-03] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-09-03] (Avira GmbH)
R2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [4096 2009-05-29] ()
S3 nidimk; C:\windows\system32\drivers\nidimkl.sys [11432 2010-06-11] (National Instruments Corporation)
S3 niorbk; C:\windows\system32\drivers\niorbkl.sys [11344 2009-06-14] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [11968 2011-02-14] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [573592 2011-02-14] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [11968 2011-02-14] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [15448 2010-03-24] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [11432 2010-06-23] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [11432 2010-06-23] (National Instruments Corporation)
S4 RsFx0103; C:\Windows\System32\DRIVERS\RsFx0103.sys [239336 2009-03-30] (Microsoft Corporation)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (SAMSUNG ELECTRONICS)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-09-03] (Avira GmbH)
S3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S3 VSPerfDrv100; C:\Users\Tobias Rossmann\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-04 01:25 - 2013-07-04 01:25 - 00000000 ____D C:\FRST
2013-07-04 01:24 - 2013-07-04 01:25 - 01372941 ____A (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST.exe
2013-07-04 00:22 - 2013-07-04 00:22 - 00000000 ____D C:\_OTL
2013-07-03 23:49 - 2013-07-03 23:57 - 00072050 ____A C:\Extras.Txt
2013-07-03 23:46 - 2013-07-03 23:51 - 00093888 ____A C:\OTL.Txt
2013-07-03 20:02 - 2013-07-03 20:02 - 00158106 ____A C:\Users\Tobias Rossmann\Desktop\OTL.Txt
2013-07-03 20:02 - 2013-07-03 20:02 - 00102416 ____A C:\Users\Tobias Rossmann\Desktop\Extras.Txt
2013-07-03 19:58 - 2013-07-03 19:58 - 00102416 ____A C:\Users\Tobias Rossmann\Downloads\Extras.Txt
2013-07-03 19:56 - 2013-07-03 19:56 - 00158106 ____A C:\Users\Tobias Rossmann\Downloads\OTL.Txt
2013-07-03 19:26 - 2013-07-03 19:26 - 00602112 ____A (OldTimer Tools) C:\Users\Tobias Rossmann\Downloads\OTL.exe
2013-07-03 18:48 - 2013-07-03 18:55 - 127231689 ____A (Igor Pavlov) C:\Users\Tobias Rossmann\Downloads\OTLPENet.exe
2013-07-03 18:46 - 2013-07-03 18:46 - 00793536 ____A C:\Users\Tobias Rossmann\Downloads\ZipOpenerSetup.exe
2013-07-03 18:46 - 2013-07-03 18:46 - 00001966 ____A C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel
2013-07-03 18:46 - 2013-07-03 18:46 - 00001144 ____A C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Delta
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\BabSolution
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Program Files\Delta
2013-07-03 18:42 - 2013-07-03 18:42 - 00002581 ____A C:\Users\Public\Desktop\Zipper.lnk
2013-07-03 18:42 - 2013-07-03 18:42 - 00000980 ____A C:\Users\Tobias Rossmann\Desktop\Optimizer Pro.lnk
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Optimizer Pro
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Program Files\Tuguu SL
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-07-03 18:41 - 2013-07-03 18:45 - 00000000 ____D C:\Program Files\WebCake
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\WebCake
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Babylon
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\ProgramData\Babylon
2013-07-03 18:40 - 2013-07-03 18:40 - 00519224 ____A C:\Users\Tobias Rossmann\Downloads\Zipper.exe
2013-07-03 13:11 - 2013-07-03 13:11 - 00003224 ____N C:\bootsqm.dat
2013-07-03 09:32 - 2013-07-03 09:32 - 01971200 ____A C:\Users\Tobias Rossmann\Desktop\EndpräsentationRossmannLoiblFINAL.ppt
2013-07-01 19:11 - 2013-07-01 19:11 - 08286040 ____A C:\Users\Tobias Rossmann\Downloads\Sprachmemo 001.m4a
2013-06-22 12:38 - 2013-06-22 12:53 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\verschiedenes
2013-06-18 21:45 - 2013-06-18 21:45 - 00000022 ____A C:\Users\Tobias Rossmann\Downloads\Forderung an Tobias Rossmann Inkasso Druckerzubehoer Online GmbH AG.zip
2013-06-12 22:47 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 22:47 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 22:47 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 22:47 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 22:47 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 22:47 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 22:44 - 2013-05-17 03:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:44 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:44 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:44 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 18:55 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 18:55 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 18:55 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 18:55 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 18:55 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 18:55 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 18:55 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 18:55 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 18:54 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 18:54 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-12 18:54 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-12 18:54 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-04 10:07 - 2013-06-04 10:07 - 00034425 ____A C:\Users\Tobias Rossmann\Downloads\baustelle.zip
2013-06-04 10:07 - 2013-06-04 10:07 - 00024774 ____A C:\Users\Tobias Rossmann\Downloads\parkhaus.zip
2013-06-04 10:05 - 2013-06-04 10:05 - 00011844 ____A C:\Users\Tobias Rossmann\Downloads\refiner.zip
2013-06-04 10:04 - 2013-06-04 10:04 - 00034124 ____A C:\Users\Tobias Rossmann\Downloads\Jalousie.pro
==================== One Month Modified Files and Folders ========
2013-07-04 01:25 - 2013-07-04 01:25 - 00000000 ____D C:\FRST
2013-07-04 01:25 - 2013-07-04 01:24 - 01372941 ____A (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST.exe
2013-07-04 01:22 - 2012-07-16 08:26 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 01:22 - 2012-07-15 18:49 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-04 00:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-04 00:22 - 2013-07-04 00:22 - 00000000 ____D C:\_OTL
2013-07-03 23:57 - 2013-07-03 23:49 - 00072050 ____A C:\Extras.Txt
2013-07-03 23:51 - 2013-07-03 23:46 - 00093888 ____A C:\OTL.Txt
2013-07-03 23:44 - 2010-01-12 20:41 - 00000000 ____D C:\users\Tobias Rossmann
2013-07-03 23:25 - 2009-09-16 23:52 - 02042394 ____A C:\Windows\WindowsUpdate.log
2013-07-03 20:02 - 2013-07-03 20:02 - 00158106 ____A C:\Users\Tobias Rossmann\Desktop\OTL.Txt
2013-07-03 20:02 - 2013-07-03 20:02 - 00102416 ____A C:\Users\Tobias Rossmann\Desktop\Extras.Txt
2013-07-03 19:58 - 2013-07-03 19:58 - 00102416 ____A C:\Users\Tobias Rossmann\Downloads\Extras.Txt
2013-07-03 19:56 - 2013-07-03 19:56 - 00158106 ____A C:\Users\Tobias Rossmann\Downloads\OTL.Txt
2013-07-03 19:26 - 2013-07-03 19:26 - 00602112 ____A (OldTimer Tools) C:\Users\Tobias Rossmann\Downloads\OTL.exe
2013-07-03 18:55 - 2013-07-03 18:48 - 127231689 ____A (Igor Pavlov) C:\Users\Tobias Rossmann\Downloads\OTLPENet.exe
2013-07-03 18:46 - 2013-07-03 18:46 - 00793536 ____A C:\Users\Tobias Rossmann\Downloads\ZipOpenerSetup.exe
2013-07-03 18:46 - 2013-07-03 18:46 - 00001966 ____A C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel
2013-07-03 18:46 - 2013-07-03 18:46 - 00001144 ____A C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk
2013-07-03 18:45 - 2013-07-03 18:41 - 00000000 ____D C:\Program Files\WebCake
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Delta
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\BabSolution
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-03 18:43 - 2013-07-03 18:43 - 00000000 ____D C:\Program Files\Delta
2013-07-03 18:42 - 2013-07-03 18:42 - 00002581 ____A C:\Users\Public\Desktop\Zipper.lnk
2013-07-03 18:42 - 2013-07-03 18:42 - 00000980 ____A C:\Users\Tobias Rossmann\Desktop\Optimizer Pro.lnk
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Optimizer Pro
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Program Files\Tuguu SL
2013-07-03 18:42 - 2013-07-03 18:42 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\WebCake
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Babylon
2013-07-03 18:41 - 2013-07-03 18:41 - 00000000 ____D C:\ProgramData\Babylon
2013-07-03 18:41 - 2009-07-14 06:34 - 00015056 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:41 - 2009-07-14 06:34 - 00015056 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:40 - 2013-07-03 18:40 - 00519224 ____A C:\Users\Tobias Rossmann\Downloads\Zipper.exe
2013-07-03 18:39 - 2009-07-26 22:06 - 01800066 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-03 18:33 - 2012-06-07 17:15 - 00000702 ____A C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job
2013-07-03 18:28 - 2012-07-15 18:49 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-03 18:27 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 18:27 - 2009-07-14 06:39 - 00241237 ____A C:\Windows\setupact.log
2013-07-03 13:11 - 2013-07-03 13:11 - 00003224 ____N C:\bootsqm.dat
2013-07-03 12:04 - 2009-09-17 00:44 - 00743334 ____A C:\Windows\PFRO.log
2013-07-03 09:32 - 2013-07-03 09:32 - 01971200 ____A C:\Users\Tobias Rossmann\Desktop\EndpräsentationRossmannLoiblFINAL.ppt
2013-07-01 19:11 - 2013-07-01 19:11 - 08286040 ____A C:\Users\Tobias Rossmann\Downloads\Sprachmemo 001.m4a
2013-06-27 14:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-24 10:27 - 2013-04-22 23:13 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Kibera
2013-06-22 12:53 - 2013-06-22 12:38 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\verschiedenes
2013-06-21 01:42 - 2012-07-15 18:49 - 00002089 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-18 21:45 - 2013-06-18 21:45 - 00000022 ____A C:\Users\Tobias Rossmann\Downloads\Forderung an Tobias Rossmann Inkasso Druckerzubehoer Online GmbH AG.zip
2013-06-18 12:23 - 2011-09-19 09:22 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Studium
2013-06-13 10:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-06-12 22:45 - 2010-01-16 16:49 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 13:44 - 2012-07-16 08:26 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-12 13:44 - 2012-07-16 08:26 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-08 13:42 - 2013-06-12 22:47 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 13:40 - 2013-06-12 22:47 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 13:40 - 2013-06-12 22:47 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 13:40 - 2013-06-12 22:47 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 13:40 - 2013-06-12 22:47 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 13:13 - 2013-06-12 22:47 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-04 10:07 - 2013-06-04 10:07 - 00034425 ____A C:\Users\Tobias Rossmann\Downloads\baustelle.zip
2013-06-04 10:07 - 2013-06-04 10:07 - 00024774 ____A C:\Users\Tobias Rossmann\Downloads\parkhaus.zip
2013-06-04 10:05 - 2013-06-04 10:05 - 00011844 ____A C:\Users\Tobias Rossmann\Downloads\refiner.zip
2013-06-04 10:05 - 2013-05-13 08:55 - 00000445 ____A C:\Users\Tobias Rossmann\Downloads\DEFAULT.DFR
2013-06-04 10:04 - 2013-06-04 10:04 - 00034124 ____A C:\Users\Tobias Rossmann\Downloads\Jalousie.pro
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1016556084-3091970497-507946437-1000\$09091a959288d0d384b99fa633307145
Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-03-17 16:13
==================== End Of Log ============================
--- --- --- [/CODE] das sind die beiden Dateien. seit einen Tag nun lade bzw. erzeuge ich ständig irgendwelche txt-Dateien, kopiere sie irgendwo rein wo du es mir sagst, und auf einmal läuft mein PC wieder.  Jetzt muss ich doch mal fragen, was ich da eigentlich die ganze Zeit mache und wer du bist? ^^Ich mein, ich bin ja bei weitem nicht der einzige der in diesem Forum dieses Problem postet... viele Grüße, Tobi |
|
04.07.2013, 11:23
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVUZitat:
  Lesestoff:Rootkit-Warnung Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 19:38
| #21 |
| | Hilfe gegen Trojaner GVU ich bin leider absolut kein Experte in der Hinsicht, daher fällt es mir schwer mich richtig zu entscheiden. Ich habe eigentlich nur Bilder (bin Hobby-Fotograf) und ein paar selbst erarbeitete Dokumente die mein Studium betreffen. Die Bilder habe ich zum Glück alle auf einer externen Festplatte gespeichert. Das einzig Wertvolle (in Hinsicht auf Geldwert) ist Microsoft Visual Studio das ich aber eh von der Hochschule umsonst bekommen habe. Online-Banking mache ich nur noch über einen optische Tan-Generator der den Code vom Bildschirm ließt. Meine Tan-Liste in Papierformat ist seit der Einführung des Tan-Generators nicht mehr gültig. Also müsste ich doch hinsichtlich illegalem Abbuchen vom Geld geschützt sein, oder? Was würdest du mir empfehlen, wenn du meinen Text oben ließt? viele Grüße, Tobi |
|
04.07.2013, 20:17
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Ich halte hier eine Neuinstallation für sinnvoll...wenn du aber eine Bereinigung trotzdem willst, dann probieren wir sie
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 20:27
| #23 |
| | Hilfe gegen Trojaner GVU ok, was passiert bei Neuinstallation und was passiert bei Bereinigung hinsichtlich mit meinen Dateien? werden diese gelöscht? |
|
04.07.2013, 20:31
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Vor einer Neuinstallation muss man alle Daten sichern, selbst vor einer Bereinigung sollte man zusehen, dass möglichst alles wichtige extern gesichert wurde Aber um das regelmäßige Sichern der Daten auf externe atenträger kommt man eh nicht herum. Wer das nicht macht wird irgendwann richtig rumheulen wenn was versehentlich gelöscht wurde oder ein Verschlüsselungstrojaner zuschläft. Hin und wieder geben auch Festplatten den Geist auf.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 20:37
| #25 |
| | Hilfe gegen Trojaner GVU ich habe eine externe Festplatte wo nur meine Fotografien drauf sind. Wenn ich diese externe Festplatte anschließe, um auch die restlichen Dateien (Dokumente, Powerpointpräsentationen, Excel-Listen) dort zu sichern, muss ich mir dann Sorgen machen dass der Virus auf diese externe Festplatte "rüber springt"? |
|
04.07.2013, 20:53
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Nein musst du nicht. Falls du noch etwas sichern musst: Zum Thema Datensicherung von infizierten Systemen; mach das über ne Live-CD wie Knoppix, Ubuntu (zweiter Link in meiner Signatur) oder über PartedMagic. Grund: Bei einem Live-System sind keine Schädlinge des infizierten Windows-Systems aktiv, damit ist dann auch eine negative Beeinflussung des Backups durch Schädlinge ausgeschlossen.Du brauchst natürlich auch ein Sicherungsmedium, am besten dürfte eine externe Platte sein. Sofern du nicht allzuviel sichern musst, kann auch ein USB-Stick ausreichen. Hier eine kurze Anleitung zu PartedMagic, funktioniert prinzipiell so aber fast genauso mit allen anderen Live-Systemen auch.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 21:25
| #27 |
| | Hilfe gegen Trojaner GVU ok, jetzt noch zwei letzte Fragen bevor ich loslege: 1) muss der Virus so schnell wie möglich entfernt werden, oder reicht es auch in einer Woche unter der Voraussetzung, dass man bis dahin nicht mit irgendwelchen Daten "handtiert"? (ich frage nur deswegen, weil ich sehr intensiv im Prüfungsstress bin und ich jede Stunde zum Lernen brauche) 2) als der Virus erschien, war ich auf einer Internetseite wo Fotografien hochgeladen werden die andere Fotografen bewerten können. Falls der Virus von da kam (was ich mit meinem Wissen nicht prüfen kann), sollte ich dann nicht mehr auf diese Seite gehen, oder hätte mich der Virus auch auf zig anderen Seiten erwischen können? viele Grüße, Tobi |
|
04.07.2013, 21:32
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Was heißt so schnell wie möglich, dein Rechner ist doch eh nicht bedienbar  Die andere Frage ist viel zu pauschal, sowas läst sich nicht beantworten. Mit dieser ich sagmal Panik "Fotoseite nicht mehr besuchen" kannst du ja auch gleich ein Abklemmen des Internet rechtfertigen. Wobei du noch nicht mal weißt ob es überhaupt an dieser Seite lag... Lies mal wie man sich absichert: Lesestoff:Goldene Sicherheitsregeln Halte Dich am besten grob an diese Regeln:
Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.07.2013, 23:07
| #29 |
| | Hilfe gegen Trojaner GVU was meinst du mit "nicht bedienbar"? Ich kann an meinem Laptop alles wie früher machen. Oder besser gesagt: wenn du mir vorhin nicht gesagt hättest, dass mein PC mit einem besonderen Schädling infiziert ist, würde ich meinen dass alles wieder beim alten ist. ^^ Daher die Frage ob der Virus so schnell wie möglich entfernt werden muss, oder ob ich das vorerst mal so lassen kann, solange ich nichts anderes mache als im Internet zu recherchieren oder mal ein Word-Dokument zu öffnen? In gut einer Woche wäre das zeitintensive Lernen vorbei... viele Grüße, Tobi |
|
04.07.2013, 23:24
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Vergiss das nicht bedienbar, ich hatte hier was verwechselt Wenn du noch etwas brauchst bis zum Neuaufsetzen würde ich erstmal CF empfehlen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Hilfe gegen Trojaner GVU |
| beste, besten, daten, erneut, forum, freue, geld, gelöst, hallo zusammen, laptop, meldung, neu, nicht mehr, probleme, problemen, suche, thread, total, troja, trojaner, virus, würde, überhaupt, zugriff, zusammen |
Linear-Darstellung
