Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Malware / Windowsbloczierung mit zahlungsaufforderung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.12.2011, 20:37   #1
Luke85
 
Malware / Windowsbloczierung mit zahlungsaufforderung - Standard

Malware / Windowsbloczierung mit zahlungsaufforderung



Hallo zusammen,

Muss mich beeilen wegen der Blockierung.
Danke im Vorraus für eure Hilfe und euer Engagement.
Weiteres schreibe ich auf anfrage, ist schon der 2. versuch das zu posten.

Jetzt wo das wichtigeste gepostet ist kann ich es ja editieren.
Habe eine Universal "Bootcd" von Chip.de heruntergeladen und Avira Free hat beim Installieren Malware gefunden, musste diese Ignorieren um das Programm nutzen zu können ( war wichtig) bevor ich danach die Malware wiederfinden konnte bzw. beseitigen konnte wurde diese schon aktiv. Jetzt habe ich den Salat und hoffe man kann mir hier netterweise helfen.

Mein System werde ich danach baldmöglich neu aufsetzen,habe gelesen , dass das empfohlen weird nach solch einem Fehler. Ist immer eine riesen Qual aufgrund vieler großer Programme die teilweise ewige Installationszeiten haben . Stichwort LabView, Matlab oder Wolfram mathematica.


System ist Win7 pro 32 Bit


Danke !!!!!!!

OTL Logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 20.12.2011 21:22:04 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Luke\Downloads
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 68,54% Memory free
8,74 Gb Paging File | 7,58 Gb Available in Paging File | 86,66% Paging File free
Paging file location(s): c:\pagefile.sys 5373 5373 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 45,30 Gb Free Space | 30,92% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 169,49 Gb Free Space | 86,78% Space Free | Partition Type: NTFS
Drive E: | 123,84 Gb Total Space | 61,08 Gb Free Space | 49,32% Space Free | Partition Type: NTFS
Drive F: | 297,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LUKE-NOTEBOOK | User Name: Luke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.20 21:21:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Luke\Downloads\OTL.exe
PRC - [2011.11.27 15:17:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.11.11 12:59:34 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.11.11 12:59:30 | 001,510,720 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011.07.07 19:43:20 | 000,018,584 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\nipxism.exe
PRC - [2011.07.02 14:47:48 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.20 14:53:08 | 000,233,664 | ---- | M] (National Instruments Corporation) -- C:\Programme\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
PRC - [2011.06.14 17:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\MAX\nimxs.exe
PRC - [2011.06.14 11:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\Tagger\tagsrv.exe
PRC - [2011.06.14 09:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2011.06.14 09:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\lktsrv.exe
PRC - [2011.06.14 09:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\lkads.exe
PRC - [2011.06.10 14:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
PRC - [2011.06.01 16:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
PRC - [2011.05.27 13:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\NI WebServer\SystemWebServer.exe
PRC - [2011.05.27 13:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) -- C:\Programme\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
PRC - [2011.04.28 15:27:20 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.06 19:02:13 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.27 09:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\System32\lkcitdl.exe
PRC - [2010.03.24 15:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) -- C:\Windows\System32\nipalsm.exe
PRC - [2010.01.28 15:57:40 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.10.31 06:45:39 | 000,069,632 | ---- | M] () -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\firefox.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007.09.20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\AEstSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.03 07:47:29 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.27 15:17:48 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2009.10.31 06:45:39 | 000,069,632 | ---- | M] () -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\firefox.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.12.16 21:14:08 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.11.11 12:59:30 | 001,510,720 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.11.11 12:59:24 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.07.07 19:43:20 | 000,018,584 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipxism.exe -- (nipxirmu)
SRV - [2011.07.02 14:47:48 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.20 14:53:08 | 000,233,664 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery)
SRV - [2011.06.14 17:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\MAX\nimxs.exe -- (mxssvr)
SRV - [2011.06.14 11:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService)
SRV - [2011.06.14 09:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2011.06.14 09:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\lktsrv.exe -- (lkTimeSync)
SRV - [2011.06.14 09:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\lkads.exe -- (lkClassAds)
SRV - [2011.06.10 14:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery)
SRV - [2011.06.01 16:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.27 13:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc)
SRV - [2011.05.27 13:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer)
SRV - [2011.04.28 15:27:20 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.10 13:29:00 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.10.27 09:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\System32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2010.08.02 10:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010.03.24 15:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipalsm.exe -- (nitsuu)
SRV - [2010.03.24 15:23:06 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\System32\nipalsm.exe -- (nidevldu)
SRV - [2010.01.28 15:57:40 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.12.29 10:09:26 | 000,028,744 | ---- | M] (National Instruments Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NiRioRpc.exe -- (NiRioRpc)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.09.20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\AEstSrv.exe -- (AESTFilters)
SRV - [2004.12.02 08:28:32 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\System32\Opcenum.exe -- (OpcEnum)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.11.08 12:47:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.10.18 02:43:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011.10.18 02:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011.08.17 16:51:54 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NiViPxiKl.sys -- (NiViPxiK)
DRV - [2011.08.17 16:50:32 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NiViPciKl.sys -- (NiViPciK)
DRV - [2011.07.20 11:17:08 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niswdkl.sys -- (niswdk)
DRV - [2011.07.19 18:12:52 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niufurkl.sys -- (niufurk)
DRV - [2011.07.19 18:12:50 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niufurkw.sys -- (niufurkw)
DRV - [2011.07.19 17:12:48 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nixsrkl.sys -- (nixsrk)
DRV - [2011.07.19 16:43:42 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niemrkl.sys -- (niemrk)
DRV - [2011.07.19 02:35:06 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nidsarkl.sys -- (nidsark)
DRV - [2011.07.19 02:08:18 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicsrkl.sys -- (nicsrk)
DRV - [2011.07.19 02:08:16 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicsrkw.sys -- (nicsrkw)
DRV - [2011.07.19 01:34:14 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niraptrkl.sys -- (niraptrk)
DRV - [2011.07.19 01:20:22 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicondrkl.sys -- (nicondrk)
DRV - [2011.07.19 01:03:06 | 000,011,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicmrkl.sys -- (nicmrk)
DRV - [2011.07.18 22:21:04 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niwfrkl.sys -- (niwfrk)
DRV - [2011.07.18 22:04:34 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nissrkl.sys -- (nissrk)
DRV - [2011.07.18 21:43:00 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niesrkl.sys -- (niesrk)
DRV - [2011.07.18 21:21:22 | 000,011,912 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistc3rkl.sys -- (nistc3rk)
DRV - [2011.07.18 21:00:56 | 000,011,936 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisdigkl.sys -- (nisdigk)
DRV - [2011.07.18 20:45:38 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nitiorkl.sys -- (nitiork)
DRV - [2011.07.18 20:32:32 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistcrkl.sys -- (nistcrk)
DRV - [2011.07.18 20:15:12 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicdcckl.sys -- (nicdcck)
DRV - [2011.07.12 17:08:46 | 000,011,976 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nimsdrkl.sys -- (nimsdrk)
DRV - [2011.07.12 16:11:02 | 000,011,920 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nidmxfkl.sys -- (nidmxfk)
DRV - [2011.07.12 15:39:08 | 000,011,952 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nimxpkl.sys -- (nimxpk)
DRV - [2011.07.12 15:36:40 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimstskl.sys -- (nimstsk)
DRV - [2011.07.08 06:04:58 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisftkl.sys -- (nisftk)
DRV - [2011.07.07 20:03:34 | 000,021,144 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipxigpk.sys -- (nipxigpk)
DRV - [2011.07.07 19:49:12 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nipxirmkl.sys -- (nipxirmk)
DRV - [2011.07.02 14:47:48 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.02 14:47:48 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.01 15:46:12 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimru2kl.sys -- (nimru2k)
DRV - [2011.07.01 15:25:10 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimxdfkl.sys -- (nimxdfk)
DRV - [2011.07.01 14:52:26 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nidimkl.sys -- (nidimk)
DRV - [2011.07.01 14:37:36 | 000,011,936 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nimdbgkl.sys -- (nimdbgk)
DRV - [2011.07.01 14:19:00 | 000,011,928 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\niorbkl.sys -- (niorbk)
DRV - [2011.06.29 13:49:48 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipalfwedl.sys -- (nipalfwedl)
DRV - [2011.06.29 13:48:18 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipalusbedl.sys -- (nipalusbedl)
DRV - [2011.06.29 13:41:00 | 000,584,856 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipalk.sys -- (NIPALK)
DRV - [2011.05.17 06:04:16 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ninshsdkl.sys -- (ninshsdk)
DRV - [2011.04.08 18:21:10 | 000,022,608 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1065k.sys -- (ni1065k)
DRV - [2011.04.08 18:21:08 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1045kl.sys -- (ni1045k)
DRV - [2011.04.08 18:21:06 | 000,042,136 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipxibrc.sys -- (nipxibrc)
DRV - [2011.04.08 18:21:06 | 000,026,192 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni1006k.sys -- (ni1006k)
DRV - [2011.04.08 18:21:04 | 000,058,504 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipxibaf.sys -- (nipxibaf)
DRV - [2010.08.12 21:36:14 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nicdrkl.sys -- (nicdrk)
DRV - [2010.07.12 21:53:18 | 000,011,960 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nispdkl.sys -- (nispdk)
DRV - [2010.07.12 21:41:32 | 000,011,960 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niscdkl.sys -- (niscdk)
DRV - [2010.06.15 17:14:34 | 000,032,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\niede.sys -- (NIEthernetDeviceEnumerator)
DRV - [2010.04.15 13:36:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010.03.24 12:27:44 | 000,015,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nipbcfk.sys -- (nipbcfk)
DRV - [2010.03.17 01:01:53 | 011,597,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2010.01.19 10:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2009.10.28 20:43:00 | 000,018,512 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nistreamkl.sys -- (nistreamk)
DRV - [2009.08.12 18:42:40 | 000,011,328 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niRFSA2kl.sys -- (niRFSA2k)
DRV - [2009.08.03 13:17:12 | 000,011,392 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nipsdkl.sys -- (nipsdk)
DRV - [2009.07.21 14:47:42 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niSynckl.sys -- (niSynck)
DRV - [2009.07.21 13:56:58 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nitsukl.sys -- (nitsuk)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.06.26 13:01:18 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisrcdkl.sys -- (nisrcdk)
DRV - [2009.06.18 01:50:34 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nisldkl.sys -- (nisldk)
DRV - [2009.06.17 14:18:48 | 000,011,640 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nigplkl.sys -- (nigplk)
DRV - [2009.06.16 08:42:54 | 000,027,744 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niwdk.sys -- (niwdk)
DRV - [2009.05.27 15:58:08 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nidwgkl.sys -- (nidwgk)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.27 23:35:30 | 000,011,328 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\niRFSGkl.sys -- (niRFSGk)
DRV - [2009.04.10 08:20:52 | 000,011,328 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nitnr2kl.sys -- (nitnr2k)
DRV - [2009.04.08 18:01:42 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nihsdrkl.sys -- (nihsdrk)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.01.05 10:19:28 | 000,011,312 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nistc2kl.sys -- (nistc2k)
DRV - [2008.12.05 16:21:24 | 000,020,104 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvalarmk.sys -- (lvalarmk)
DRV - [2008.02.15 17:27:02 | 000,330,752 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.10.10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.08.14 13:09:00 | 000,215,632 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ni488k.sys -- (ni488k)
DRV - [2007.04.16 17:06:28 | 000,050,688 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nidmmk.dll -- (nidmmk)
DRV - [2007.04.16 17:04:12 | 000,674,304 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nidaq32k.sys -- (Nidaq32k)
DRV - [2007.04.16 15:42:28 | 000,111,616 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\niSTCk.dll -- (nistck)
DRV - [2007.04.16 15:41:52 | 000,030,208 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nimdsk.dll -- (nimdsk)
DRV - [2007.04.16 15:40:38 | 000,021,504 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nibffrk.dll -- (nibffrk)
DRV - [2007.04.16 15:40:36 | 000,037,376 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\niarbk.dll -- (niarbk)
DRV - [2007.03.05 09:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006.11.14 16:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2001.09.18 11:00:00 | 000,167,816 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\omcamvid.sys -- (OVT511Plus)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 96 04 BA DE D1 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 15:17:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 20:42:56 | 000,000,000 | ---D | M]
 
[2011.03.13 18:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luke\AppData\Roaming\mozilla\Extensions
[2011.03.13 18:16:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luke\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.12.20 20:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luke\AppData\Roaming\mozilla\Firefox\Profiles\8imhsc0z.default\extensions
[2010.08.31 21:09:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Luke\AppData\Roaming\mozilla\Firefox\Profiles\8imhsc0z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.06 21:05:29 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Luke\AppData\Roaming\mozilla\Firefox\Profiles\8imhsc0z.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.05.09 22:54:24 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Luke\AppData\Roaming\mozilla\Firefox\Profiles\8imhsc0z.default\extensions\engine@conduit.com
[2011.11.27 15:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.27 15:17:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.05.24 18:39:14 | 000,059,936 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\npIMAQAXControl.dll
[2011.06.09 18:05:10 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2010win32.dll
[2011.06.22 11:43:54 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2011win32.dll
[2006.01.23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\NPLV80Win32.dll
[2009.10.22 09:28:40 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\NPLV82Win32.dll
[2007.07.24 18:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv85win32.dll
[2008.12.10 14:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv86win32.dll
[2010.10.19 18:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv90win32.dll
[2011.05.24 12:15:34 | 000,599,424 | ---- | M] (3D RealityMaps GmbH) -- C:\Program Files\mozilla firefox\plugins\nprm3d.dll
[2011.03.17 20:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.10.03 17:06:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.03 17:06:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.03 17:06:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 17:06:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 17:06:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 17:06:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.22 15:40:20 | 000,414,782 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 14320 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [firefox.exe] C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Luke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Programme\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFF844F1-F8CB-447C-B1FA-BC1C0429AADE}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4544DD6-D25D-4247-A375-31555A101B3C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 17:13:04 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{24e2c8a0-1991-11e1-a3d8-002269bf80c1}\Shell - "" = AutoRun
O33 - MountPoints2\{24e2c8a0-1991-11e1-a3d8-002269bf80c1}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{3f63ccfa-3dcc-11df-8b97-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3f63ccfa-3dcc-11df-8b97-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Start.exe -- [2010.06.01 17:13:11 | 000,528,384 | R--- | M] (VISUS Technology Transfer)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.20 09:28:01 | 000,000,000 | ---D | C] -- C:\Users\Luke\.jivex
[2011.12.18 18:46:08 | 000,000,000 | ---D | C] -- C:\UBCD4Win
[2011.12.12 14:22:26 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Agilent
[2011.12.12 14:20:30 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Agilent
[2011.12.12 14:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Agilent
[2011.12.12 13:32:06 | 000,081,920 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\drivers\ser2pl.sys
[2011.12.12 11:52:33 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\NotNI_Device_tests
[2011.12.09 20:36:27 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Ilivid Player
[2011.12.09 20:35:30 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\PackageAware
[2011.12.08 14:00:10 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\ni
[2011.12.08 13:54:08 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\SER9PL.sys
[2011.12.06 22:05:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\Shared Memory
[2011.12.03 12:05:59 | 000,000,000 | ---D | C] -- C:\Users\Luke\Documents\National Instruments
[2011.12.03 07:47:29 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.12.02 14:35:34 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2011.12.02 14:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Keithley Instruments
[2011.12.02 14:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Keithley Instruments
[2011.12.02 13:18:45 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\DVDVideoSoft_Ltd
[2011.12.02 12:58:12 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\DVDVideoSoft
[2011.11.29 21:15:31 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Hermitech Laboratory
[2011.11.29 11:12:14 | 000,000,000 | ---D | C] -- C:\Users\Luke\Desktop\NI-DAQ-TESTS
[2011.11.27 16:58:23 | 000,000,000 | ---D | C] -- C:\Users\Luke\Documents\LabVIEW Data
[2011.11.27 16:41:52 | 000,000,000 | ---D | C] -- C:\Users\Luke\Documents\SignalExpress Data
[2011.11.27 15:58:35 | 000,000,000 | ---D | C] -- C:\Windows\nidaq
[2011.11.26 14:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011.11.26 13:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\IVI Foundation
[2011.11.26 13:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\IVI Foundation
[2011.11.26 11:46:55 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\National Instruments
[2011.11.25 18:42:47 | 004,218,880 | ---- | C] (Amyuni Technologies
hxxp://www.amyuni.com) -- C:\Windows\System32\CDINTF400.DLL
[2011.11.25 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HI-TECH Software
[2011.11.25 18:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\HI-TECH Software
[2011.11.25 18:25:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\National Instruments
[2011.11.25 18:24:47 | 000,000,000 | ---D | C] -- C:\National Instruments Downloads
[2011.11.25 18:24:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\cvirte
[2011.11.25 18:09:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\Common Files
[2011.11.25 18:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio .NET 2003
[2011.11.25 18:08:16 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Microsoft Help
[2011.11.25 18:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.11.25 18:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments
[2011.11.25 18:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2011.11.25 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\National Instruments
[2011.11.25 17:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\National Instruments
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.20 21:23:24 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.20 21:23:24 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.20 21:20:16 | 000,647,366 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.20 21:20:16 | 000,610,094 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.20 21:20:16 | 000,127,412 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.20 21:20:16 | 000,104,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.20 21:15:57 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.20 21:15:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.20 20:53:32 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.20 10:04:30 | 000,000,001 | R--- | M] () -- C:\Users\Luke\serverport
[2011.12.16 23:09:16 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 - Mehrspieler.lnk
[2011.12.16 23:09:16 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 - Einzelspieler.lnk
[2011.12.16 23:09:16 | 000,000,280 | ---- | M] () -- C:\Windows\game.ini
[2011.12.14 09:49:04 | 000,000,644 | ---- | M] () -- C:\Windows\AutoConfig.daq
[2011.12.13 22:53:13 | 000,079,101 | ---- | M] () -- C:\Users\Luke\Desktop\0017.pdf
[2011.12.12 14:34:43 | 000,000,048 | ---- | M] () -- C:\Users\Luke\AppData\Local\analyzer.set
[2011.12.12 14:31:20 | 005,351,936 | ---- | M] () -- C:\Users\Luke\Desktop\redirector.jspx
[2011.12.10 19:37:54 | 000,931,926 | ---- | M] () -- C:\Users\Luke\Desktop\Skitest.pdf
[2011.12.10 18:31:59 | 000,045,031 | ---- | M] () -- C:\Users\Luke\Desktop\NY6RrzbA.htm.part.htm
[2011.12.03 07:47:29 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.12.01 08:54:30 | 000,000,644 | ---- | M] () -- C:\Windows\niconfig.daq
[2011.11.28 09:50:36 | 000,208,533 | ---- | M] () -- C:\Windows\System32\niorbmap
[2011.11.27 15:09:55 | 000,439,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.25 18:17:37 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\Measurement & Automation.lnk
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.20 09:28:00 | 000,000,001 | R--- | C] () -- C:\Users\Luke\serverport
[2011.12.16 23:09:16 | 000,001,832 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 - Mehrspieler.lnk
[2011.12.16 23:09:16 | 000,001,832 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 - Einzelspieler.lnk
[2011.12.13 22:53:13 | 000,079,101 | ---- | C] () -- C:\Users\Luke\Desktop\0017.pdf
[2011.12.12 14:29:29 | 005,351,936 | ---- | C] () -- C:\Users\Luke\Desktop\redirector.jspx
[2011.12.10 19:37:54 | 000,931,926 | ---- | C] () -- C:\Users\Luke\Desktop\Skitest.pdf
[2011.12.10 18:31:58 | 000,045,031 | ---- | C] () -- C:\Users\Luke\Desktop\NY6RrzbA.htm.part.htm
[2011.12.08 13:54:08 | 000,026,719 | ---- | C] () -- C:\Windows\System32\SERSPL.VXD
[2011.12.03 12:00:26 | 000,000,048 | ---- | C] () -- C:\Users\Luke\AppData\Local\analyzer.set
[2011.12.01 08:54:30 | 000,000,644 | ---- | C] () -- C:\Windows\AutoConfig.daq
[2011.11.27 19:04:12 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments LabVIEW 2011.lnk
[2011.11.26 13:59:07 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\National Instruments Vision Assistant 2010 SP1.lnk
[2011.11.26 13:22:26 | 000,208,533 | ---- | C] () -- C:\Windows\System32\niorbmap
[2011.11.25 18:17:37 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\Measurement & Automation.lnk
[2011.07.21 17:50:44 | 000,022,919 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB72F30200.bin
[2011.07.21 17:50:44 | 000,022,919 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB72F3.bin
[2011.07.21 17:50:44 | 000,022,919 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB72CC0200.bin
[2011.07.21 17:50:44 | 000,022,919 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB72CC.bin
[2011.07.21 17:50:44 | 000,012,329 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB71D7.bin
[2011.07.21 17:50:44 | 000,012,329 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71D80200.bin
[2011.07.21 17:50:44 | 000,012,329 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71D70200.bin
[2011.07.21 17:50:44 | 000,012,329 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71D60200.bin
[2011.07.21 17:50:44 | 000,012,329 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB717B0200.bin
[2011.07.21 17:50:44 | 000,012,329 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB717A0200.bin
[2011.07.21 17:50:44 | 000,010,674 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71DF0200.bin
[2011.07.21 17:50:44 | 000,010,674 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71DF.bin
[2011.07.21 17:50:44 | 000,009,381 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB717B.bin
[2011.07.21 17:50:44 | 000,009,381 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB717B0100.bin
[2011.07.21 17:50:44 | 000,009,295 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB71D8.bin
[2011.07.21 17:50:44 | 000,009,295 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71D80100.bin
[2011.07.21 17:50:44 | 000,009,158 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB71D6.bin
[2011.07.21 17:50:44 | 000,009,158 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB71D60100.bin
[2011.07.21 17:50:44 | 000,009,146 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB717A.bin
[2011.07.21 17:50:44 | 000,009,146 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB717A0100.bin
[2011.07.21 17:50:44 | 000,008,091 | R--- | C] () -- C:\Windows\System32\drivers\NIUSB718A.bin
[2011.07.21 17:50:44 | 000,008,091 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB718A0100.bin
[2011.07.21 17:50:44 | 000,007,697 | ---- | C] () -- C:\Windows\System32\drivers\NIUSB718A0200.bin
[2011.07.18 22:30:08 | 000,050,272 | ---- | C] () -- C:\Windows\System32\nispdu.dll
[2011.06.10 13:52:52 | 000,000,244 | ---- | C] () -- C:\Windows\System32\nirpc.ini
[2011.05.10 17:22:08 | 000,000,244 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.05.10 17:22:08 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.05.10 17:21:01 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011.05.10 17:20:54 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011.05.10 17:20:54 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011.05.10 17:20:53 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.04.27 13:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.04.27 13:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.04.27 13:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.04.27 13:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.04.27 13:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.03.27 09:28:34 | 000,000,017 | ---- | C] () -- C:\Users\Luke\AppData\Local\resmon.resmoncfg
[2010.11.29 13:24:38 | 000,033,280 | ---- | C] () -- C:\Windows\System32\LVWUtil32.dll
[2010.10.05 18:25:26 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.07.22 15:55:44 | 000,000,095 | ---- | C] () -- C:\Windows\wininit.ini
[2010.07.12 21:53:10 | 000,071,776 | ---- | C] () -- C:\Windows\System32\drivers\nispdk.dll
[2010.07.12 21:44:02 | 000,032,256 | ---- | C] () -- C:\Windows\System32\niscdrau.dll
[2010.05.02 20:01:38 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.05.02 20:01:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.05.02 20:01:34 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2010.05.02 20:01:34 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010.05.02 20:00:40 | 000,000,074 | ---- | C] () -- C:\Windows\Brownie.ini
[2010.04.06 12:27:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.04.04 20:29:37 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.04 20:29:37 | 000,022,328 | ---- | C] () -- C:\Users\Luke\AppData\Roaming\PnkBstrK.sys
[2010.04.04 20:29:03 | 000,233,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.04.04 20:29:01 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.04.04 20:29:00 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini
[2010.04.02 21:42:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.03.16 20:45:52 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2010.01.19 10:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\cvintdrv.sys
[2009.10.16 12:28:24 | 000,066,080 | ---- | C] () -- C:\Windows\System32\cfswitch.dll
[2009.10.06 08:16:00 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.09.24 12:44:34 | 000,037,376 | ---- | C] () -- C:\Windows\System32\tbbmalloc.dll
[2009.07.14 09:47:43 | 000,647,366 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,127,412 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,439,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,610,094 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,104,412 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.05.17 18:05:20 | 000,098,336 | ---- | C] () -- C:\Windows\System32\nihsdccexportu.dll
[2007.04.16 17:22:06 | 000,005,632 | ---- | C] () -- C:\Windows\System32\nipxiini.dll
[2007.04.16 16:52:36 | 000,008,704 | ---- | C] () -- C:\Windows\System32\niidaqlv.dll
[2007.04.16 15:46:16 | 000,005,081 | ---- | C] () -- C:\Windows\System32\ni7030.dat
[2007.04.16 15:39:36 | 000,028,672 | ---- | C] () -- C:\Windows\System32\NIAutoConfig.exe
[2007.04.16 15:39:36 | 000,028,672 | ---- | C] () -- C:\Windows\System32\NIAutoCfgRda.exe
[2005.05.06 18:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001.09.18 11:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bmpproc.dll
[2001.09.18 11:00:00 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[1999.11.04 11:00:38 | 000,001,840 | ---- | C] () -- C:\Windows\System32\niidaqs.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2011.09.13 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\3D RealityMaps Viewer
[2011.12.12 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Agilent
[2011.09.13 21:22:52 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Alpen 3D Online
[2011.06.27 19:03:46 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Audio Recorder for Free
[2010.04.29 07:33:46 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\CadSoft
[2010.04.01 22:32:58 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.01.02 19:59:01 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Design Science
[2011.12.02 12:58:13 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\DVDVideoSoft
[2011.04.14 21:39:27 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.27 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Free Sound Editor
[2011.06.10 13:04:28 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\gtk-2.0
[2011.11.29 21:15:31 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Hermitech Laboratory
[2011.12.17 21:07:58 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\ICQ
[2011.06.20 19:39:07 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\OpenOffice.org
[2011.06.12 22:30:17 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Samsung
[2011.12.18 19:11:24 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\TeamViewer
[2011.03.13 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\TomTom
[2010.11.23 20:51:16 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\TS3Client
[2011.11.20 12:54:24 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\TuneUp Software
[2011.09.29 08:10:02 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Geändert von Luke85 (20.12.2011 um 20:55 Uhr) Grund: Wollte zuerst da wichtigste posten bevor die Blockierung eintritt

Alt 21.12.2011, 11:15   #2
markusg
/// Malware-holic
 
Malware / Windowsbloczierung mit zahlungsaufforderung - Standard

Malware / Windowsbloczierung mit zahlungsaufforderung



hi
starte neu drücke f8
wähle abgesicherter modus mit netzwerk, da kannst du arbeiten und hast internet.
das neu aufsetzen ist eigendlich keine große qual, ich werde dir, wenn du willst, helfen das system dann richtig zu konfigurieren, dass wäre dann zwar noch mal arbeit, würde dir in zukunft aber einiges erleichtern.

hast du eine ahnung wo genau du dir das eingefangen hast?
Infos an mich als private nachicht

achtung!

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [firefox.exe] C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
:Files
C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\firefox.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         



• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html
__________________

__________________

Antwort

Themen zu Malware / Windowsbloczierung mit zahlungsaufforderung
0x00000001, antivir, avira, bho, call of duty, chip.de, converter, defender, desktop, device driver, excel, excel.exe, explorer, firefox, format, frage, google earth, home, langs, logfile, malware, malware gefunden, mozilla, mp3, national, neu aufsetzen, nvidia, nvlddmkm.sys, object, registry, safer networking, scan, security, software, usb, version=1.0, webcheck, windows



Ähnliche Themen: Malware / Windowsbloczierung mit zahlungsaufforderung


  1. BKA Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (10)
  2. Zahlungsaufforderung von 100€
    Plagegeister aller Art und deren Bekämpfung - 22.12.2012 (15)
  3. GVU Zahlungsaufforderung
    Log-Analyse und Auswertung - 19.12.2012 (2)
  4. email link Malware Funde Heur.PE@4294967295, Malware@#nwdk01o66rpro, Malware@#2x6qrvr63cjrw
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (10)
  5. GUV Trojaner - Zahlungsaufforderung - Pc gesperrt
    Log-Analyse und Auswertung - 29.09.2012 (24)
  6. GVU Trojaner mit 100€ Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 11.09.2012 (9)
  7. Suisa - Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (4)
  8. GVU Zahlungsaufforderung Trojaner mit Malwarebytes Anti-Malware beseitigt Schritt 2
    Plagegeister aller Art und deren Bekämpfung - 31.07.2012 (2)
  9. Verschlüsselungstrojaner mit Zahlungsaufforderung
    Log-Analyse und Auswertung - 19.05.2012 (17)
  10. Bundespolizei Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (1)
  11. Trojaner mit Zahlungsaufforderung!
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (1)
  12. Windows XP Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 23.01.2012 (19)
  13. BKA-Trojaner und Zahlungsaufforderung
    Log-Analyse und Auswertung - 14.01.2012 (3)
  14. 50€ Zahlungsaufforderung
    Log-Analyse und Auswertung - 13.01.2012 (21)
  15. BKA-Virus 100€ Zahlungsaufforderung
    Log-Analyse und Auswertung - 09.01.2012 (1)
  16. Desktopsperrung mit Zahlungsaufforderung
    Log-Analyse und Auswertung - 21.12.2011 (6)
  17. Windowssperrung mit Zahlungsaufforderung
    Log-Analyse und Auswertung - 17.12.2011 (20)

Zum Thema Malware / Windowsbloczierung mit zahlungsaufforderung - Hallo zusammen, Muss mich beeilen wegen der Blockierung. Danke im Vorraus für eure Hilfe und euer Engagement. Weiteres schreibe ich auf anfrage, ist schon der 2. versuch das zu posten. - Malware / Windowsbloczierung mit zahlungsaufforderung...
Archiv
Du betrachtest: Malware / Windowsbloczierung mit zahlungsaufforderung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.