|
Plagegeister aller Art und deren Bekämpfung: Hilfe gegen Trojaner GVUWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.07.2013, 12:37 | #1 |
| Hilfe gegen Trojaner GVU Hallo zusammen, zuerst einmal Hallo an alle, ich bin neu hier. Eigentlich wollte ich nach ähnlichen Problemen hier im Forum suchen um nicht erneut einen Thread zu öffnen. Doch dann habe ich gelesen dass jedes Problem individuell gelöst werden muss. Hier nun mein Problem: Ich habe einen Trojaner der von der GVU eine Meldung bringt, dass ich Geld überweisen müsse. Ich habe keinen Zugriff mehr auf meine Daten, ich komme auch nicht mehr in den Task-Manager. Wie bekomme ich diesen Virus wieder von meinem Laptop? (32Bit soweit ich weiß). Bin leider überhaupt kein PC-Experte. Ich würde mich total über eure Hilfe freuen. Mit den besten Grüßen, Tobias |
03.07.2013, 12:45 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVUFunktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung? Abgesicherter Modus zur Bereinigung
__________________ |
03.07.2013, 13:08 | #3 |
| Hilfe gegen Trojaner GVU hallo cosinus,
__________________danke für deine schnelle Antwort. Ich habe den abgesicherten Modus (mit und ohne Netzwerktreibern) probiert, aber ich gelangen dann jedesmal zum Eingabefenster meines Passworts. Wenn ich das eingebe kommt wieder die Meldung der "GVU". viele Grüße, Tobi |
03.07.2013, 13:13 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Dann probier mal bitte OTLpe: Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten: Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD. Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Bebilderte Anleitung: OTLpe-Scan
__________________ Logfiles bitte immer in CODE-Tags posten |
03.07.2013, 13:51 | #5 |
| Hilfe gegen Trojaner GVU ich drücke ständig die Tasten f8 bzw f11 oder f12 und ich komme nicht in ein Menü fürs Booten. Die DVD lege ich ja erst rein, bevor ich auf Boot-device gehe, oder? (vorausgesetzt ich würde soweit kommen) viele Grüße, Tobi |
03.07.2013, 14:12 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Handbuch lesen? Mehr kann ich dir nicht sagen da du nichtmal Herstellername und Modellbezeichnung das Notebook genannt hast
__________________ --> Hilfe gegen Trojaner GVU |
03.07.2013, 14:14 | #7 |
| Hilfe gegen Trojaner GVU entschuldige, das hatte ich in meiner Angabe vergessen. Es handelt sich um einen Samsung R522. wie auch immer bin ich jetzt in dieses Menü von Reatogo-X-PE gekommen. Wenn ich jetzt im Fenster "Browse for folder" bin finde ich keine Local Disc C, sondern nur Local Disc D oder E. Ist ja auch egal, jedenfalls wenn ich davon was anklicke kommt die Meldung "Target is not windows 2000 or later" Gibt es denn wirklich keine andere Möglichkeit? Was ist mit HitmanPro? viele Grüße, Tobi Geändert von Tobi R. (03.07.2013 um 14:36 Uhr) |
03.07.2013, 14:41 | #8 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Anleitung lesen Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
03.07.2013, 14:46 | #9 |
| Hilfe gegen Trojaner GVU entschuldige, diesen Punkt habe ich sogar gleich nach der Forumsanmeldung (da erscheint ein Link für dieses Programm) gelesen aber jetzt vor lauter Panik und Hektik wieder vergessen. Die erstellte TXT-Datei benötigt ihr/du praktisch zur Info um rauslesen zu können was da nicht stimmt, richtig? |
03.07.2013, 14:51 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVULesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
03.07.2013, 15:03 | #11 |
| Hilfe gegen Trojaner GVU OTL Logfile: Code:
ATTFilter OTL logfile created on: 7/3/2013 5:50:48 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 9.10.9200.16614) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS Drive D: | 141.49 Gb Total Space | 13.59 Gb Free Space | 9.61% Space Free | Partition Type: NTFS Drive E: | 141.50 Gb Total Space | 136.44 Gb Free Space | 96.42% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - File not found [Auto] -- -- (ENI Server) SRV - [2013/06/12 07:44:03 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/09/03 13:44:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012/09/03 13:43:55 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012/09/03 13:43:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/03/10 04:34:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011/06/14 12:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\MAX\nimxs.exe -- (mxssvr) SRV - [2011/06/14 06:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\Tagger\tagsrv.exe -- (NITaggerService) SRV - [2011/06/14 04:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\Security\nidmsrv.exe -- (NIDomainService) SRV - [2011/06/14 04:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Windows\System32\lktsrv.exe -- (lkTimeSync) SRV - [2011/06/14 04:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Windows\System32\lkads.exe -- (lkClassAds) SRV - [2011/06/10 09:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery) SRV - [2011/06/01 11:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder) SRV - [2011/05/27 08:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc) SRV - [2011/05/27 08:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer) SRV - [2010/10/27 04:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto] -- D:\Windows\System32\lkcitdl.exe -- (LkCitadelServer) SRV - [2010/08/02 05:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand] -- D:\Users\Tobias *****\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager) SRV - [2010/06/23 08:14:54 | 000,131,776 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery) SRV - [2009/11/30 10:01:32 | 000,086,016 | ---- | M] () [Auto] -- D:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe -- (GPVPNService) SRV - [2009/09/02 03:55:32 | 000,172,032 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/03/05 05:54:50 | 000,311,296 | ---- | M] () [Auto] -- D:\Windows\System32\Rezip.exe -- (Rezip) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (AgereSoftModem) DRV - [2012/09/03 13:45:06 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012/09/03 13:45:06 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012/09/03 13:45:05 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/09/03 13:45:04 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/02/14 12:27:00 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nipalfwedl.sys -- (nipalfwedl) DRV - [2011/02/14 12:23:42 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nipalusbedl.sys -- (nipalusbedl) DRV - [2011/02/14 12:04:00 | 000,573,592 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\nipalk.sys -- (NIPALK) DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/06/23 05:04:52 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\NiViPxiKl.sys -- (NiViPxiK) DRV - [2010/06/23 05:03:06 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NiViPciKl.sys -- (NiViPciK) DRV - [2010/06/11 09:30:04 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nidimkl.sys -- (nidimk) DRV - [2010/03/24 06:27:44 | 000,015,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\nipbcfk.sys -- (nipbcfk) DRV - [2009/12/08 15:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Users\Tobias *****\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100) DRV - [2009/09/28 03:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/09/02 04:31:04 | 005,173,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/08/10 14:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VMC326.sys -- (VMC326) DRV - [2009/07/16 23:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/06/14 10:32:28 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\niorbkl.sys -- (niorbk) DRV - [2009/05/29 05:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto] -- D:\windows\System32\drivers\cvintdrv.sys -- (cvintdrv) DRV - [2009/03/29 21:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- D:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\LocalService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\NetworkService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ecosia.org/?sc=de IE - HKU\Tobias_*****_ON_D\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\Tobias_*****_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: D:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: D:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/02 10:50:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/01 09:52:08 | 000,000,000 | ---D | M] [2012/03/05 04:28:25 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2010/01/13 15:42:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012/06/02 10:50:38 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/03/05 04:28:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012/06/02 10:50:37 | 000,025,048 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browserdirprovider.dll [2012/06/02 10:50:37 | 000,140,248 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\brwsrcmp.dll [2012/03/05 04:28:17 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/05/24 14:39:14 | 000,059,936 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\npIMAQAXControl.dll [2011/06/09 13:05:10 | 000,025,088 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv2010win32.dll [2011/06/22 06:43:54 | 000,026,112 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv2011win32.dll [2009/10/22 04:28:40 | 000,028,448 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\NPLV82Win32.dll [2008/12/10 09:49:34 | 000,023,040 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv86win32.dll [2010/10/19 13:15:20 | 000,025,088 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv90win32.dll [2012/06/02 10:50:38 | 000,066,520 | ---- | M] (mozilla.org) -- D:\Program Files\mozilla firefox\plugins\npnul32.dll [2012/07/27 16:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011/09/02 15:53:58 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/09/02 15:53:58 | 000,002,344 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011/09/02 15:53:58 | 000,002,371 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml [2011/09/02 15:53:58 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011/09/02 15:53:58 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011/09/02 15:53:58 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Users\Tobias *****\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\Tobias_*****_ON_D\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\Tobias_*****_ON_D\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] D:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ENISysTray] File not found O4 - HKLM..\Run: [IntelliPoint] D:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) O4 - HKLM..\Run: [IntelliType Pro] D:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [NI Update Service] D:\Users\Tobias *****\Desktop\Studium\Shared\Update Service\NIUpdateService.exe (National Instruments) O4 - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\Tobias_*****_ON_D..\Run: [NIRegistrationWizard] D:\Users\Tobias *****\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe () O4 - HKU\Tobias_*****_ON_D..\Run: [syshost32] File not found O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: Error locating startup folders. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - D:\Windows\System32\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Users\Tobias *****\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - D:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\Tobias_*****_ON_D Winlogon: Shell - (explorer.exe) - D:\windows\explorer.exe (Microsoft Corporation) O20 - HKU\Tobias_*****_ON_D Winlogon: Shell - (C:\Users\Tobias *****\AppData\Roaming\skype.dat) - D:\Users\Tobias *****\AppData\Roaming\skype.dat () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O29 - HKLM SecurityProviders - (credssp.dll) - D:\windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - D:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - D:\windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - D:\windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - D:\windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - D:\windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - D:\windows\System32\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - D:\windows\System32\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2013/06/22 06:38:48 | 000,000,000 | ---D | C] -- D:\Users\Tobias *****\Desktop\verschiedenes [2013/06/12 16:47:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\mshtml.tlb [2013/06/12 16:47:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ieui.dll [2013/06/12 16:44:57 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jscript.dll [2013/06/12 16:44:56 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jscript9.dll [2013/06/12 16:44:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iesetup.dll [2013/06/12 16:44:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jsproxy.dll [2013/06/12 16:44:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\msfeeds.dll [2013/06/12 16:44:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ie4uinit.exe [2013/06/12 16:44:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iernonce.dll [2013/06/12 16:44:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iesysprep.dll [2013/06/12 16:44:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\RegisterIEPKEYs.exe [2013/06/12 12:55:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\d3d11.dll [2013/06/12 12:55:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\cryptdlg.dll [2013/06/12 12:55:05 | 000,492,544 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\win32spl.dll [2013/06/12 12:55:02 | 000,903,168 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\certutil.exe [2013/06/12 12:55:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\certenc.dll [2013/06/12 12:54:56 | 003,968,872 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ntkrnlpa.exe [2013/06/12 12:54:56 | 003,913,576 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ntoskrnl.exe [2010/07/31 10:22:49 | 000,118,867 | ---- | C] ( ) -- D:\windows\System32\DSLLK175.dll [2004/04/05 02:44:22 | 000,053,248 | ---- | C] ( ) -- D:\windows\System32\RCCOLLAB.DLL [2 D:\Users\Tobias *****\Desktop\*.tmp files -> D:\Users\Tobias *****\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/07/03 18:52:43 | 000,067,584 | --S- | M] () -- D:\windows\bootstat.dat [2013/07/03 08:43:08 | 2388,086,784 | -HS- | M] () -- D:\hiberfil.sys [2013/07/03 08:14:25 | 000,015,056 | -H-- | M] () -- D:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/07/03 08:14:25 | 000,015,056 | -H-- | M] () -- D:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/07/03 08:08:00 | 000,000,884 | ---- | M] () -- D:\windows\tasks\Adobe Flash Player Updater.job [2013/07/03 08:06:28 | 000,000,702 | ---- | M] () -- D:\windows\tasks\MATLAB R2011b Startup Accelerator.job [2013/07/03 08:04:24 | 000,000,004 | ---- | M] () -- D:\Users\Tobias *****\AppData\Roaming\skype.ini [2013/07/03 08:03:22 | 000,001,112 | ---- | M] () -- D:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/07/03 07:11:55 | 000,003,224 | ---- | M] () -- D:\bootsqm.dat [2013/07/03 06:08:53 | 000,001,116 | ---- | M] () -- D:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/29 10:35:47 | 000,080,481 | ---- | M] () -- D:\Users\Tobias *****\Desktop\Stromverlauf.jpg [2013/06/27 06:07:33 | 000,763,254 | ---- | M] () -- D:\windows\System32\perfh007.dat [2013/06/27 06:07:33 | 000,718,532 | ---- | M] () -- D:\windows\System32\perfh009.dat [2013/06/27 06:07:33 | 000,173,608 | ---- | M] () -- D:\windows\System32\perfc007.dat [2013/06/27 06:07:33 | 000,146,554 | ---- | M] () -- D:\windows\System32\perfc009.dat [2013/06/20 19:42:48 | 000,002,089 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk [2013/06/20 04:16:56 | 000,001,966 | ---- | M] () -- D:\Users\Tobias *****\AppData\Local\recently-used.xbel [2013/06/13 16:18:55 | 003,563,911 | ---- | M] () -- D:\Users\Tobias *****\Desktop\Wald.JPG [2013/06/12 07:44:02 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\windows\System32\FlashPlayerApp.exe [2013/06/12 07:44:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\windows\System32\FlashPlayerCPLApp.cpl [2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- D:\windows\System32\ieui.dll [2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- D:\windows\System32\mshtml.tlb [2 D:\Users\Tobias *****\Desktop\*.tmp files -> D:\Users\Tobias *****\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/07/03 07:11:55 | 000,003,224 | ---- | C] () -- D:\bootsqm.dat [2013/07/03 06:00:58 | 000,000,004 | ---- | C] () -- D:\Users\Tobias *****\AppData\Roaming\skype.ini [2013/06/29 10:35:47 | 000,080,481 | ---- | C] () -- D:\Users\Tobias *****\Desktop\Stromverlauf.jpg [2013/06/20 04:16:56 | 000,001,966 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\recently-used.xbel [2013/06/13 16:18:55 | 003,563,911 | ---- | C] () -- D:\Users\Tobias *****\Desktop\Wald.JPG [2013/03/20 15:38:11 | 000,075,264 | ---- | C] () -- D:\windows\System32\callrproxy.dll [2012/01/11 04:01:24 | 000,114,688 | ---- | C] () -- D:\Users\Tobias *****\AppData\Roaming\skype.dat [2011/11/16 09:22:04 | 000,003,843 | ---- | C] () -- D:\windows\scad3.INI [2011/07/12 22:40:57 | 000,000,000 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\{F0D212F8-ABBE-4CF2-B8CE-0F99522FBD83} [2011/07/12 19:40:42 | 000,000,000 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\{FE9F1CF2-22C6-49B6-87E6-39CD9422313F} [2011/06/22 10:21:09 | 000,252,928 | ---- | C] () -- D:\windows\System32\DShowRdpFilter.dll [2011/06/15 15:51:20 | 000,033,280 | ---- | C] () -- D:\windows\System32\LVWUtil32.dll [2011/06/10 08:52:52 | 000,000,244 | ---- | C] () -- D:\windows\System32\nirpc.ini [2010/01/12 15:00:45 | 000,000,002 | ---- | C] () -- D:\windows\HotFixList.ini [2010/01/12 14:43:54 | 000,131,368 | ---- | C] () -- D:\ProgramData\FullRemove.exe [2009/10/16 09:53:50 | 000,000,077 | ---- | C] () -- D:\windows\System32\VBAI Communication Server.ini [2009/09/24 08:44:34 | 000,037,376 | ---- | C] () -- D:\windows\System32\tbbmalloc.dll [2009/09/17 10:19:57 | 000,763,254 | ---- | C] () -- D:\windows\System32\perfh007.dat [2009/09/17 10:19:57 | 000,295,922 | ---- | C] () -- D:\windows\System32\perfi007.dat [2009/09/17 10:19:57 | 000,173,608 | ---- | C] () -- D:\windows\System32\perfc007.dat [2009/09/17 10:19:57 | 000,038,104 | ---- | C] () -- D:\windows\System32\perfd007.dat [2009/09/17 10:02:34 | 000,294,912 | ---- | C] () -- D:\windows\System32\ATIODE.exe [2009/09/17 10:02:34 | 000,197,654 | ---- | C] () -- D:\windows\System32\atiicdxx.dat [2009/09/17 10:02:34 | 000,045,056 | ---- | C] () -- D:\windows\System32\ATIODCLI.exe [2009/09/17 09:41:26 | 000,000,000 | ---- | C] () -- D:\windows\ativpsrm.bin [2009/09/16 18:27:24 | 000,307,200 | ---- | C] () -- D:\windows\SetDisplayResolution.exe [2009/09/16 17:57:47 | 000,311,296 | ---- | C] () -- D:\windows\System32\Rezip.exe [2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- D:\windows\bootstat.dat [2009/07/14 00:33:53 | 000,447,304 | ---- | C] () -- D:\windows\System32\FNTCACHE.DAT [2009/07/13 22:05:48 | 000,718,532 | ---- | C] () -- D:\windows\System32\perfh009.dat [2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- D:\windows\System32\perfi009.dat [2009/07/13 22:05:48 | 000,146,554 | ---- | C] () -- D:\windows\System32\perfc009.dat [2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- D:\windows\System32\perfd009.dat [2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- D:\windows\System32\NOISE.DAT [2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- D:\windows\System32\dssec.dat [2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- D:\windows\mib.bin [2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- D:\windows\System32\BthpanContextHandler.dll [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\windows\System32\BWContextHandler.dll [2009/07/13 18:09:19 | 000,982,196 | ---- | C] () -- D:\windows\System32\igkrng500.bin [2009/07/13 18:09:19 | 000,417,344 | ---- | C] () -- D:\windows\System32\igcompkrng500.bin [2009/07/13 18:09:19 | 000,139,824 | ---- | C] () -- D:\windows\System32\igfcg500.bin [2009/07/13 18:09:19 | 000,097,448 | ---- | C] () -- D:\windows\System32\igfcg500m.bin [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\windows\System32\mlang.dat [2009/05/29 05:00:00 | 000,004,096 | ---- | C] () -- D:\windows\System32\drivers\cvintdrv.sys ========== LOP Check ========== [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data [2013/03/20 15:37:28 | 000,000,000 | ---D | M] -- D:\ProgramData\CoDeSys V2.3 [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites [2010/10/06 10:37:35 | 000,000,000 | ---D | M] -- D:\ProgramData\gateProtect [2013/03/20 15:37:59 | 000,000,000 | ---D | M] -- D:\ProgramData\Gateway Files [2010/01/13 15:42:56 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ [2011/11/07 13:09:40 | 000,000,000 | ---D | M] -- D:\ProgramData\IVI Foundation [2010/01/12 15:49:20 | 000,000,000 | ---D | M] -- D:\ProgramData\MumboJumbo [2013/03/06 10:34:06 | 000,000,000 | ---D | M] -- D:\ProgramData\National Instruments [2010/02/10 18:55:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Partner [2011/08/25 08:24:14 | 000,000,000 | ---D | M] -- D:\ProgramData\PhotoStitch [2010/01/16 18:49:58 | 000,000,000 | ---D | M] -- D:\ProgramData\PlayFirst [2011/10/19 13:33:55 | 000,000,000 | ---D | M] -- D:\ProgramData\PreEmptive Solutions [2009/09/16 18:28:13 | 000,000,000 | ---D | M] -- D:\ProgramData\SAMSUNG [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu [2010/01/16 18:51:25 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp [2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates [2013/03/06 10:34:06 | 000,000,000 | ---D | M] -- D:\ProgramData\WinClon [2012/01/09 15:54:39 | 000,000,000 | ---D | M] -- D:\ProgramData\www.rene-zeidler.de [2013/07/03 08:06:28 | 000,000,702 | ---- | M] () -- D:\windows\Tasks\MATLAB R2011b Startup Accelerator.job [2013/04/29 12:24:27 | 000,032,632 | ---- | M] () -- D:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> D:\ProgramData\Temp:5C5A503E @Alternate Data Stream - 130 bytes -> D:\ProgramData\Temp:ABE89FFE < End of report > [/CODE] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 7/3/2013 5:50:48 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System Internet Explorer (Version = 9.10.9200.16614) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS Drive D: | 141.49 Gb Total Space | 13.59 Gb Free Space | 9.61% Space Free | Partition Type: NTFS Drive E: | 141.50 Gb Total Space | 136.44 Gb Free Space | 96.42% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- D:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- D:\windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{010A2C18-0830-45A0-BE2B-DD37A2D8A2FE}" = NI LabVIEW Run-Time Engine Interop 2011 "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{01415FEA-D7D9-40CF-9370-AF74ABC1AE39}" = NI System API Web-Servce 32-bit 5.0.0 "{01AC4D6A-05F0-4158-95E7-FC299961B50A}" = NI Math Kernel Libraries "{033F0FD6-07E0-414A-8367-51EB862EFE12}" = NI System Configuration Runtime 5.0.0 "{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) "{03A02E59-709E-42B0-BEE3-A3CB5C128921}" = NI LabVIEW 2011 System Identification Toolkit License "{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}" = Microsoft Sync Framework SDK v1.0 SP1 de "{043955AD-7E11-4B6D-A317-B72F7BB87736}" = NI Assistant Framework LabVIEW 2011 Support "{05617B99-0727-4FFB-AC8E-8F6427799C8F}" = NI-DAQmx/LabVIEW shared documentation 1.9.5 "{05C030B8-DC4F-489D-B86B-FC6B7DB3F607}" = NI SSL LabVIEW 2011 Support "{0613F79E-C012-BC98-6E9C-5A47AEE6D37A}" = CCC Help Korean "{066F687E-1CA0-4D94-A2C9-F8E6E817F4CB}" = NI LabVIEW Run-Time Engine 2011 "{070E052E-8D36-4B7E-B640-C75F12B2A76E}" = NI LabVIEW SignalExpress 2011 Licenses "{07976ABB-1EBD-4A65-A7C7-155A0DC17173}" = CoDeSys for Automation Alliance "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0A8CE3AA-99F2-5632-A8D2-636BE6CFE856}" = Catalyst Control Center Core Implementation "{0C169DC9-8717-4458-B822-C79A25D08BE2}" = NI LabVIEW 2011 Control Design MathScript Support "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1 "{105271B2-81E8-4C84-B820-590BFBC5F958}" = NI IVI Compliance Package 4.4 "{112DFF69-BD66-43B4-9F6A-FE2FFB60A075}" = NI LabVIEW 2011 "{13871A36-B819-4FB2-A29A-BDE475D8A6B3}" = NI LabVIEW 2011 Control Design Real-Time Support "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4 "{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU "{1664EB8B-057B-0E23-7245-ECE92849FF4C}" = ccc-core-static "{16BCFC83-D340-4E17-BF6F-78C05863F5D9}" = NI Vision Assistant 2011 "{16DF18C7-7F56-48A4-9CDE-CB699DBB5B16}" = NI IVI Class Driver LabVIEW 2011 Support "{1709DBFC-E42A-4D32-A6B1-6EB067D4D9CE}" = IVI Shared Component "{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{1848995E-B449-4549-A914-2CEBC0BA27F2}" = NI IVI Online Help "{1968D913-702C-4418-9DC8-A095B15CE8A5}" = NI LabVIEW 2011 "{1A609A84-71AF-4D96-962B-E060D34FD4AB}" = NI MetaSuite Installer "{1B5ABB51-8AAB-4FBA-8987-9A8820756E2B}" = NI USI 1.9.0 "{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client "{1D1752FD-F4A9-4CA3-B9D3-0F4D22451D8C}" = NI LabVIEW 2011 System Identification Toolkit VIs "{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{1DBD8607-39EE-B7F3-CDE6-A2095B0EE0C9}" = CCC Help Chinese Traditional "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime "{20167022-64F2-4836-B9C9-1DBAA6721FD4}" = CCC Help Hungarian "{204DD5C2-441A-DADC-E765-595B5C1EDE88}" = CCC Help Norwegian "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{218E2C0C-4740-DBCB-C8E8-D67201A6500A}" = CCC Help English "{22923F17-B592-4A7F-84A8-18F3BFC13B94}" = NI Microsoft Silverlight Wrapper "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24EEDE86-3CB5-485D-91E3-F630273A08FF}" = NI LabVIEW SignalExpress 2011 Core LabVIEW Support "{268B0789-E2BF-4836-BF05-A6140B4983CA}" = NI MAX Remote Configuration Installer 5.0 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26D20F5D-1D37-5BD1-34AB-6411AC34E2A9}" = ccc-utility "{27111B7A-97FE-46BD-81F9-4E87737DF803}" = NI LabVIEW 2011 MeasAppChm File "{292382C0-61F7-458A-9008-55F272A4DD9C}" = NI Logos 5.3.0 "{298008B1-AD82-4791-9BB8-863AD1408492}" = NI Uninstaller "{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2BC9B2CE-D569-4ADC-A8A0-170F2FD57139}" = NI LabVIEW 2010 Real-Time NBFifo "{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses "{31A184AC-4ACA-463B-BE84-F4ABA7FC4655}" = NI Logos LabVIEW 2011 Support "{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU "{3363E5BE-7FBF-424B-B26C-0041CE837DD0}" = NI LabVIEW SignalExpress 2011 Core LabVIEW 2011 Support "{33AAA123-A24A-46A7-8CD6-F03C5B375033}" = NI TDM Excel Add-In 3.3 "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{3501AF2D-A97E-F6DB-521A-4E64EAEF5BDC}" = CCC Help Thai "{37BD5C09-7CED-43F4-A1F5-2D892E12D483}" = NI LabVIEW 2011 MathScript RT Module License "{397E268E-FB51-4C23-A496-1031B8F1CCEE}" = NI AFW UI Assemblies "{3A1504FB-7067-4E46-9AFA-A3C29C95E4DC}" = NI LabVIEW Run-Time Engine 8.2.1 "{3A7C46AC-060B-6CBF-1862-969F79A5B758}" = CCC Help French "{3AC01660-F640-4AFB-A25E-082B260C025C}" = WIF Core Dependencies Windows 5.0.0 "{3AE9153C-1E52-4B6B-9405-FE403342A3C8}" = NI Update Service 2.0 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D1F6E51-C98C-4C01-8170-D2DBF2837F13}" = NI LabVIEW Merge Utility 11.0.0 "{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{4067DBF1-91AF-445E-A34E-00707F214B49}" = NI IVI Class Simulation Drivers "{411429D5-83D1-2F9B-9F53-4524DCE99E6D}" = CCC Help Portuguese "{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU "{415780C0-4A19-4567-AAAE-10CCB9832B13}" = NI-RPC 4.2.2f0 for Phar Lap ETS "{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor "{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML "{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{445D1CC7-9C3C-4823-9597-B7DDD8698FE6}" = NI LabVIEW 2011 Manuals "{45C5DE6E-85AB-466E-9A6F-8BAB11EE0EDD}" = NI Web Interface Framework 2.0 "{46ADBF7F-868A-4625-9546-14355105AC50}" = NI IVI Provider for MAX "{46BF7707-A511-47E7-B118-0E53DCA1A0EA}" = NI Remote PXI Provider for MAX 5.0.0 "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0 "{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A3975BD-F85A-4CCB-9520-EB5604775A0F}" = NI LabVIEW 2011 "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4AA402A7-4547-4E1A-A034-1DF609A6CCA9}" = NI LabVIEW SignalExpress 2011 Datatypes LabVIEW 2011 Support "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{4BDAF6F8-8C28-49FD-8FA7-CEE3E9E9BAD4}" = NI LabVIEW 2011 Simulation "{4BEFB7C6-F103-42FB-9482-861C6D9690A0}" = NI LabVIEW Compare Utility 11.0.0 "{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center "{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{501DACFF-9399-4DBC-AA59-F35C9C6970D2}" = NI-DIM 1.11.0f0 "{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0 "{52252F5C-58CD-48ED-8C88-9AAD6FE887B4}" = NI Trace Engine "{523B5D39-C209-41C8-9075-F6C14C2394D2}" = NI LabVIEW 2011 Search "{523F21B6-D325-4515-9416-04A166437C43}" = NI LabVIEW SignalExpress 2011 Steps "{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{53957452-A916-4BBD-90A8-76C59020B9BD}" = NI LabVIEW 2011 System Identification Assistant "{54FBC914-82D7-E646-2916-B3C6D320E0B4}" = Catalyst Control Center Graphics Previews Vista "{555B2ADE-B3CB-4C95-A789-8A7C03A004B7}" = NI LabVIEW 2011 Deployment Framework "{578A6214-6CC6-4043-A9A8-C045DDAE2B39}" = NI Remote Provider for MAX 5.0.0 "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{5BE7BB97-8215-4F88-90EC-B07C199CFBBF}" = NI Vision Builder AI 2010 "{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo "{5C468B0A-6DB3-402E-B4C0-6CA4CEFAE0AF}" = NI Sound and Vibration Frequency Analysis 2010 "{5D221DF2-F206-681F-75FE-1C7620BE69A7}" = CCC Help Greek "{5F123C21-A5E2-4CFB-A6A7-034C9087099F}" = NI Logos XT Support "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1 "{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers "{67A00571-3985-4051-97D1-5EA81F9F1319}" = NI LabVIEW SignalExpress 2011 LabVIEW 2011 Support "{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU "{6848704E-C8D4-4F4F-9181-5926D4A11E98}" = ATI Catalyst Install Manager "{68DE7BF6-AFA9-4609-9C96-8C15E46E2093}" = NI Example Finder 11.0 "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6AA9D409-78E2-47A3-98CB-5D36E75232AF}" = NI Enhanced DSC Deployment Support for LabVIEW 2010 "{6B9EFC04-713D-F238-E388-F3CDA52E7880}" = Catalyst Control Center Graphics Light "{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core "{6CB778E6-693F-7A2A-C5AD-C7743500D249}" = CCC Help Turkish "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{6E84AECC-91B8-4738-97D2-0E8083A093F2}" = NI Measurement Studio Common .NET Assemblies for .NET 2.0 "{6F1B061C-AB4B-4FB4-8715-269FFCC2FD07}" = NI LabVIEW 2011 "{70BA7761-629A-4118-BFE0-02753B9019C8}" = NI MXS 5.0.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{712723FB-BF99-4406-8F91-A2DB766AB2C9}" = NI VC2008MSMs x86 "{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime "{73854BF9-E78E-4D6F-B8C2-A7A3CD855124}" = NI LabVIEW 2011 Help File "{74543E90-425B-46D2-BB83-D91C7974834D}" = NI LabVIEW 2011 "{747D98C4-ADDB-47F6-9055-149DC280E478}" = NI Vision Assistant 2011 .NET "{7571F0A3-AC23-4F7B-A64E-442C5C82CE01}" = NI LabVIEW 2011 "{75C812EE-06B8-4A47-B37D-9777BE9A644C}" = NI SSL Support "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7664BF64-BD18-47B7-A678-0F1D98FC8F13}" = NI LabVIEW 2011 MathScript RT Module "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7888F38C-E534-473D-B029-562173EEA2C8}" = NI-Mesa "{7A29AA0C-202A-467E-9257-DE2E8DBC60B3}" = NI LabVIEW 2011 License "{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo "{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools "{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1 "{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo "{7D4BA4CF-992A-4F10-83F6-B4DBB27704DF}" = NI LabVIEW 2011 Control Design Shared VIs "{7D64A463-C3C9-40B6-BC46-4DD7D0DE2BFD}" = NI LabVIEW 2011 Run-Time Engine Non-English Support. "{7D826D95-7FEE-4FC6-A3CC-BE4A53810441}" = NI IVI Engine "{7D89ECEB-7E27-4898-812E-80862E91AB94}" = NI Portable Configuration 5.0.0 "{7E3668CB-1228-416E-B721-C2FA3247B985}" = NI LabVIEW Real-Time FIFO for Runtime "{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client "{80C792E1-78BC-4F4A-839E-BCD107770938}" = NI System API Windows 32-bit 5.0.0 "{82D29FE9-9F5A-4EF7-BBA1-EF107DDB2E64}" = NI Certificates Deployment Support "{85BA3FCF-AA00-4151-B97D-84A221E8198A}" = NI-VISA Runtime 5.0.3 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{886C3E95-4032-45C8-92F6-57861871635A}" = NI Software Provider for MAX 5.0.0 "{89089F33-94D7-4E9C-918F-75CC933FC88F}" = NI DataSocket 4.9 "{8923D179-24D1-475D-A381-0B8C1AF1A206}" = NI LabVIEW 2011 Web Server "{896849EE-EEE6-4E45-B20B-9F4DDCF805DA}" = NI Assistant Framework "{89CE9AA7-0615-4DB5-83DB-B0AA2FDAD454}" = NI LabVIEW 2011 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B3E6AA0-992F-4957-A1DB-CC2CA521F790}" = NI LabVIEW SignalExpress 2011 Core "{8BDFB0BC-FE2E-470C-9F43-F960057AC83D}" = NI LabVIEW 2011 Digital Filter Design Toolkit License "{8D88074D-4378-C049-4264-EB3EE8AC155C}" = CCC Help Japanese "{8D9F6EFD-6EAF-4327-AD59-92DEA050BDAF}" = NI Instrument IO Assistant for LabVIEW 2011 32-bit "{8EAA9D70-C912-3708-92DD-0CCC26F386E1}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU "{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin "{8F1B9FE1-5777-4118-B982-B50B030101FF}" = NI LabVIEW 2011 "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{912B04B3-7C7C-4929-AE68-EC2A4CCB4E73}" = Microsoft-Maus- und Tastatur-Center "{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch "{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU "{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB "{930BD01D-A420-4BB4-8E85-A313FD7ED49E}" = NI-PAL 2.6.5f0 "{9320E1F0-31CB-4095-B430-017A35406E40}" = NI LabVIEW SignalExpress 2011 Datatypes "{93E42FF5-065E-0D52-2777-8A1849CB8574}" = CCC Help Swedish "{94D5097B-46D0-A1D9-8983-284E3C675CA9}" = Catalyst Control Center Localization All "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95C26FA7-5FDD-4C6D-AD6F-3D4B3FEB0D70}" = NI AFW Custom UI Assemblies "{961B4059-D1C0-43C8-095B-75A18BD0F8C8}" = CCC Help Polish "{98B874D4-D8A4-40BE-B82A-36E902C84289}" = NI-ORB 1.9.3f0 "{98F4DC3F-958E-4DE5-BE1D-DBD72B05A204}" = NI Search Shared "{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety "{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009 SP1 "{9B84A151-81CC-6133-D844-A189FDA1C34F}" = CCC Help Chinese Standard "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2113B6-30DC-4827-9166-E6F4889D7594}" = NI LabVIEW 2011 Deployable License "{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework "{9E6D743D-630C-4610-A7C3-E3998B411FB5}" = NI LabVIEW 2011 Digital Filter Design Toolkit RT Support "{9EC3B901-EE18-459A-ABF1-8EAEFD8A908C}" = NI LabVIEW 2011 MathScript RT Module "{9FCEDDD0-4FEA-41CE-9739-565F39B2F607}" = NI MDF Support "{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects "{A11A542A-37BF-4943-9810-3F1DC0AD4A1C}" = NI LabWindows/CVI 2010 Code Generator "{A259AA7B-BF60-4317-A6EA-4FA86BC99DEF}" = NI Vision Common Resources 2011 "{A259D0D8-1F44-4A5A-B1AB-F5AE6020FAF1}" = NI Vision Run-Time Engine 2011 "{A363C314-2242-4BBE-9ADE-B427AF646EFF}" = NI mDNS Responder 1.6.0 "{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education "{A5FB6F3A-2120-45C8-B5E5-476BD5580BD6}" = NI LabVIEW EWB DeviceHandler 2010 "{A736A59D-FFAD-4EE5-962F-510DE151D6AA}" = NI AFW Channel Configuration Tool "{A7B1ABA8-E2A2-4565-A8AF-F01657FF5CEA}" = NI LabVIEW Web Services Runtime "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender "{AB47630B-C1BF-4A0A-93EF-3492A59A4704}" = NI LabVIEW Run-Time Engine Interop 2010 "{AB55A100-AAC9-43EA-845E-2DCDC0D4D2B8}" = NI Math Kernel Libraries "{AB9BBC2E-83F6-47A9-9FA3-08D3774F8E45}" = NI-RPC 4.2.2f0 "{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{AD118C09-CD56-4676-80D3-25221BA9A3E9}" = NI IVI Class Drivers "{ADEB5E8B-AF72-49E5-BF36-3891B9F75FF3}" = NI Vision Builder AI 2010 API Interface "{AE593237-3C8E-44F2-A9AA-2DDE0A472CDE}" = NI LabVIEW Web Server for Run-Time Engine "{AE86495C-42F9-F5BE-E878-7798456A509A}" = CCC Help Spanish "{AFFE41B4-6FB6-4E64-811C-5F57D05DF70F}" = NI Sound and Vibration Frequency Analysis LabVIEW 2011 Support "{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009 "{B179B6ED-5D5B-49B8-8929-5144738B81C3}" = NI LabVIEW SignalExpress 2011 Tools "{B1DCBBC7-8ECE-497F-926F-02FE4E42216B}" = NI Distributed System Manager 2011 "{B1EE55C1-F98B-40AB-AF0C-422ECCC88454}" = NI Measurement & Automation Explorer 5.0.0 "{B25CE691-97D9-4A38-BC65-A889194BECEB}" = NI Vision 2011 "{B2BDA3BC-29BE-49C1-A30E-15DA8D041601}" = NI License Manager "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B61FFD74-8DAD-41E1-835F-3995E026EDB4}" = NI Measurement Studio Common .NET Assemblies for .NET 3.5 "{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager "{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding "{B7493783-F638-BEAE-C8C7-665C5A03E652}" = CCC Help Dutch "{B82ABF2C-CBD3-5528-26DF-F1161A2B34BF}" = Catalyst Control Center Graphics Full New "{B9B1B5D9-F96D-0257-A23C-8EA9ACCCF8CB}" = CCC Help Czech "{BADAFD0C-2B14-4D4E-B2A8-0E6B5F6781F1}" = NI Control Design Assistant 2011 "{BB3EBB9E-1CA1-4B7F-9E67-09540CCE9F45}" = NI Assistant Framework LabVIEW Code Generator 2011 "{BD2BD62A-444B-4838-8931-B3E9679144AB}" = NI LabVIEW SignalExpress 2011 LabVIEW Support "{BE5C49CF-A4B7-453B-953B-7C70375865C5}" = NI LabVIEW 2011 Digital Filter Design Toolkit "{C09C5E8D-1706-4025-9919-07E010C7E74D}" = NI LabVIEW Modulation Toolkit 4.3.1 "{C0DE25AE-B0E5-4D4B-96CE-EE757066D0BA}" = NI Network Discovery 5.0 "{C2217F81-3429-418C-9F60-14F0E051E1A4}" = NI LabVIEW 2011 Control Design and Simulation Module "{C3181764-B8F3-A705-5362-86E37C476710}" = Catalyst Control Center Graphics Full Existing "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CAC9188C-83A0-4F9F-858A-DA430DC2E401}" = NI AFW Custom UI "{CC17CE69-4AB6-4434-ADB4-27DB49D36080}" = NI Curl 1.1 "{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU "{CF30E2B5-A7A7-47AD-8B03-22A27D4E9971}" = NI LabVIEW 2011 Real-Time Error Dialog "{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer "{D11EA398-49B5-4266-B9BC-E75F8E530A05}" = NI Vision Builder AI 2010 Shared Resources "{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services "{D4877334-6730-4C84-B9C9-218EA466CA74}" = NI LabVIEW 2011 "{D5BB7AAE-62F4-4C4F-B272-F27AEE16BA7F}" = NI TDMS "{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de "{D6D68ABC-954B-4373-92A2-0FE7FA59AC1A}" = NI EulaDepot "{D70CCDE0-44B0-460D-94AD-7BE162E49126}" = NI LabVIEW 2011 "{DA146D61-5542-2F55-C5E4-49D26EBAAA5B}" = CCC Help Russian "{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) de "{DB0D5AFF-0B60-4287-9BC2-F4AE797B02F4}" = NI Authentication 2.0 "{DB0EF3C1-8AF4-1E28-267E-024999C11828}" = CCC Help Finnish "{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries "{DB68B420-5382-48EE-9A2A-CB984FEBB192}" = NI LabVIEW Web Server for Run-Time Engine "{DB77F50B-F88C-4D63-9103-EF4D71BA4C50}" = NI Vision .NET Run-Time Engine 2011 "{DBB62E6B-66F5-09D2-D2CC-C1877CDD9A8B}" = CCC Help Italian "{DBE8431C-CF9A-38C3-B42D-28B6FCE1EA3B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU "{DC8D559F-7A15-45FE-9DC5-D954D49D7ED9}" = NI System Identification Assistant LabVIEW Support "{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E0D8CD4E-4771-4848-A09D-60A31D883883}" = NI VC2005MSMs x86 "{E125DE33-5564-4531-A4EF-BBC7C78031BA}" = NI LabVIEW SignalExpress 2011 "{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3739FE9-3BAF-4250-82FA-230C7CC0EAD8}" = NI LabVIEW 2011 Help "{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5141E62-8A90-D9A1-EB2D-C4D0D9940D90}" = CCC Help German "{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3 "{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard "{E8A99DC4-303C-4BC4-98B8-9C324BAD0006}" = VISA Shared Components "{EA37AB72-EC8C-432C-A1C6-186850FB0559}" = NI System State Publisher "{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}" = Microsoft Sync Framework Services v1.0 SP1 (x86) de "{EB708DAB-CD04-46E4-88C9-E3BC80595982}" = NI System Web Server Base 2.0 "{EB8D0A82-E02A-437C-A7C4-90516F1CFB39}" = NI Web Application Server 2.0 "{EC45867D-83A8-4ECF-911A-154CD98BD592}" = NI Measurement Studio 8.6 Enterprise RunTime for VS2005 "{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack "{EC868042-4A40-492C-A30B-170F30DB6686}" = NI Vision .NET 2011 "{EDE7C782-6E1F-4C07-9E58-B90BBA0658BD}" = NI-IMAQ Camera Files "{EDFC39D7-B782-4B43-BF9C-D1B80ADEA863}" = NI LabVIEW Runtime Engine 2010 SP1 "{EF1B1A68-988E-4A68-8504-774373A4651C}" = NI OPC Support "{EF1E7F06-246A-4501-A2B8-2C0C72600F66}" = NI LabVIEW Analog Modulation Toolkit 4.3.1 "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F04A89CB-A185-4263-85ED-4BAD766F7DAE}" = NI Error Reporting 2011 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F293A67D-04BB-6960-5D13-13F158796960}" = CCC Help Danish "{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software "{F2E01659-A397-4F84-9B5E-484A431CE1C5}" = NI System Web Server 2.0 "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker "{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder "{F6C682B6-7714-41CC-80B6-3288364910AF}" = NI GMP Windows 32-bit Installer 11.0.0 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7CCA6E5-1D14-4907-83BB-6B6BF36F1D90}" = NI Variable Engine LabVIEW 2011 Support "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{F9A74F70-7597-47B8-B04C-044824C23B15}" = NI LabVIEW 2011 VIPM Helper "{F9E0880D-B263-48F9-B8E5-BAFCAE9BE150}" = NI System API Client for WIF 5.0.0 "{FDED748C-432B-4B44-BB33-3BB8550A2AD2}" = NI Variable Engine 2.5.0 "{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine "{FEDBFDE2-61C2-4009-AC34-7FE12107C28B}" = NI LabVIEW 2011 System Identification Toolkit "{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "DPP" = Canon Utilities Digital Photo Professional 3.8 "DRI Tool 2.0_is1" = DRI Tool 2.0 "EOS Utility" = Canon Utilities EOS Utility "gateProtect VPN Client 2.5" = gateProtect VPN Client 2.5 "Google Chrome" = Google Chrome "HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0 "Inkscape" = Inkscape 0.48.4 "IviSharedComponent" = IVI Shared Components 2.2.1 "LTspice IV" = LTspice IV "Matlab R2011b" = MATLAB R2011b "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU "Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU "Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack "Mozilla Firefox (3.6.26)" = Mozilla Firefox (3.6.26) "NI Uninstaller" = National Instruments - Software "ODSK" = Canon Utilities Original Data Security Tools "Office14.SingleImage" = Microsoft Office Home and Student 2010 "PDF Blender" = PDF Blender "PhotoStitch" = Canon Utilities PhotoStitch "PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0 "Picture Style Editor" = Canon Utilities Picture Style Editor "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "Uninstall_is1" = Uninstall 1.0.0.1 "VISASharedComponents" = VISA Shared Components "WFTK" = Canon Utilities WFT-E1/E2/E3 Utility "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\Tobias_*****_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater < End of report > [/CODE] hab gesehen dass bei OTL noch der Nachname drin war. Habe das nochmal korrigiert. passt das so, oder ist das zu viel was ich da eingefügt habe? Geändert von Tobi R. (03.07.2013 um 15:15 Uhr) |
03.07.2013, 15:11 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVUFixen mit OTLpe
Code:
ATTFilter :OTL O20 - HKU\Tobias_Rossmann_ON_D Winlogon: Shell - (C:\Users\Tobias Rossmann\AppData\Roaming\skype.dat) - D:\Users\Tobias Rossmann\AppData\Roaming\skype.dat () [2013/07/03 06:00:58 | 000,000,004 | ---- | C] () -- D:\Users\Tobias Rossmann\AppData\Roaming\skype.ini [2012/01/11 04:01:24 | 000,114,688 | ---- | C] () -- D:\Users\Tobias Rossmann\AppData\Roaming\skype.dat @Alternate Data Stream - 146 bytes -> D:\ProgramData\Temp:5C5A503E @Alternate Data Stream - 130 bytes -> D:\ProgramData\Temp:ABE89FFE
__________________ Logfiles bitte immer in CODE-Tags posten |
03.07.2013, 15:32 | #13 |
| Hilfe gegen Trojaner GVU wow, es ist alles wieder da auf meinem Desktop habe ich keine txt.datei gefunden. Es erschien jedoch nach der "Fix"-Aktion eine neue txt-datei: |
03.07.2013, 15:34 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hilfe gegen Trojaner GVU Eine Kontrolle mit OTL bitte aus dem normalen installierten Windows bitte (KEIN OTLPE!)
__________________ Logfiles bitte immer in CODE-Tags posten |
03.07.2013, 16:08 | #15 |
| Hilfe gegen Trojaner GVU ich kann auf dem betroffenen Rechner das Programm nicht downloaden. Beim Hilfs-PC hat es geklappt. ich brauche dieses Programm otlpe, dann werde ich gefragt ob ich das auf cd brennen mag und dann ist es doch auf dem Rechner (beim anderen hat es so geklappt). Grüße, Tobi |
Themen zu Hilfe gegen Trojaner GVU |
beste, besten, daten, erneut, forum, freue, geld, gelöst, hallo zusammen, laptop, meldung, neu, nicht mehr, probleme, problemen, suche, thread, total, troja, trojaner, virus, würde, überhaupt, zugriff, zusammen |