Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Hilfe gegen Trojaner GVU

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.07.2013, 12:37   #1
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Hallo zusammen,

zuerst einmal Hallo an alle, ich bin neu hier.
Eigentlich wollte ich nach ähnlichen Problemen hier im Forum suchen um nicht erneut einen Thread zu öffnen. Doch dann habe ich gelesen dass jedes Problem individuell gelöst werden muss.

Hier nun mein Problem:
Ich habe einen Trojaner der von der GVU eine Meldung bringt, dass ich Geld überweisen müsse.
Ich habe keinen Zugriff mehr auf meine Daten, ich komme auch nicht mehr in den Task-Manager.
Wie bekomme ich diesen Virus wieder von meinem Laptop? (32Bit soweit ich weiß).

Bin leider überhaupt kein PC-Experte.

Ich würde mich total über eure Hilfe freuen.

Mit den besten Grüßen,
Tobias

Alt 03.07.2013, 12:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU





Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?



Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten
__________________

__________________

Alt 03.07.2013, 13:08   #3
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



hallo cosinus,

danke für deine schnelle Antwort.

Ich habe den abgesicherten Modus (mit und ohne Netzwerktreibern) probiert, aber ich gelangen dann jedesmal zum Eingabefenster meines Passworts. Wenn ich das eingebe kommt wieder die Meldung der "GVU".

viele Grüße,
Tobi
__________________

Alt 03.07.2013, 13:13   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Dann probier mal bitte OTLpe:

Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.


Lade OTLpe Download OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD


Bebilderte Anleitung: OTLpe-Scan
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2013, 13:51   #5
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



ich drücke ständig die Tasten f8 bzw f11 oder f12 und ich komme nicht in ein Menü fürs Booten. Die DVD lege ich ja erst rein, bevor ich auf Boot-device gehe, oder? (vorausgesetzt ich würde soweit kommen)


viele Grüße,
Tobi


Alt 03.07.2013, 14:12   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Handbuch lesen? Mehr kann ich dir nicht sagen da du nichtmal Herstellername und Modellbezeichnung das Notebook genannt hast
__________________
--> Hilfe gegen Trojaner GVU

Alt 03.07.2013, 14:14   #7
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



entschuldige, das hatte ich in meiner Angabe vergessen. Es handelt sich um einen Samsung R522.


wie auch immer bin ich jetzt in dieses Menü von Reatogo-X-PE gekommen.
Wenn ich jetzt im Fenster "Browse for folder" bin finde ich keine Local Disc C, sondern nur Local Disc D oder E. Ist ja auch egal, jedenfalls wenn ich davon was anklicke kommt die Meldung "Target is not windows 2000 or later"

Gibt es denn wirklich keine andere Möglichkeit? Was ist mit HitmanPro?

viele Grüße,
Tobi

Geändert von Tobi R. (03.07.2013 um 14:36 Uhr)

Alt 03.07.2013, 14:41   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Anleitung lesen

Zitat:
Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2013, 14:46   #9
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



entschuldige, diesen Punkt habe ich sogar gleich nach der Forumsanmeldung (da erscheint ein Link für dieses Programm) gelesen aber jetzt vor lauter Panik und Hektik wieder vergessen.
Die erstellte TXT-Datei benötigt ihr/du praktisch zur Info um rauslesen zu können was da nicht stimmt, richtig?

Alt 03.07.2013, 14:51   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2013, 15:03   #11
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 7/3/2013 5:50:48 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS
Drive D: | 141.49 Gb Total Space | 13.59 Gb Free Space | 9.61% Space Free | Partition Type: NTFS
Drive E: | 141.50 Gb Total Space | 136.44 Gb Free Space | 96.42% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (ENI Server)
SRV - [2013/06/12 07:44:03 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/03 13:44:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/09/03 13:43:55 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/09/03 13:43:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/10 04:34:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/14 12:57:10 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\MAX\nimxs.exe -- (mxssvr)
SRV - [2011/06/14 06:54:08 | 000,676,016 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\Tagger\tagsrv.exe -- (NITaggerService)
SRV - [2011/06/14 04:11:10 | 000,362,104 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2011/06/14 04:08:24 | 000,056,952 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Windows\System32\lktsrv.exe -- (lkTimeSync)
SRV - [2011/06/14 04:00:10 | 000,046,192 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Windows\System32\lkads.exe -- (lkClassAds)
SRV - [2011/06/10 09:11:20 | 000,121,032 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe -- (NINetworkDiscovery)
SRV - [2011/06/01 11:32:14 | 000,194,224 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)
SRV - [2011/05/27 08:44:20 | 000,050,328 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc)
SRV - [2011/05/27 08:43:48 | 000,050,336 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Users\Tobias *****\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer)
SRV - [2010/10/27 04:43:38 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto] -- D:\Windows\System32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2010/08/02 05:00:00 | 001,427,688 | ---- | M] (Macrovision Corporation) [On_Demand] -- D:\Users\Tobias *****\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010/06/23 08:14:54 | 000,131,776 | ---- | M] (National Instruments Corporation) [Auto] -- D:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery)
SRV - [2009/11/30 10:01:32 | 000,086,016 | ---- | M] () [Auto] -- D:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe -- (GPVPNService)
SRV - [2009/09/02 03:55:32 | 000,172,032 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/05 05:54:50 | 000,311,296 | ---- | M] () [Auto] -- D:\Windows\System32\Rezip.exe -- (Rezip)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (AgereSoftModem)
DRV - [2012/09/03 13:45:06 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/03 13:45:06 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/09/03 13:45:05 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/03 13:45:04 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/14 12:27:00 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nipalfwedl.sys -- (nipalfwedl)
DRV - [2011/02/14 12:23:42 | 000,011,968 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nipalusbedl.sys -- (nipalusbedl)
DRV - [2011/02/14 12:04:00 | 000,573,592 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\nipalk.sys -- (NIPALK)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/23 05:04:52 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\NiViPxiKl.sys -- (NiViPxiK)
DRV - [2010/06/23 05:03:06 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NiViPciKl.sys -- (NiViPciK)
DRV - [2010/06/11 09:30:04 | 000,011,432 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nidimkl.sys -- (nidimk)
DRV - [2010/03/24 06:27:44 | 000,015,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\nipbcfk.sys -- (nipbcfk)
DRV - [2009/12/08 15:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Users\Tobias *****\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/09/28 03:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/02 04:31:04 | 005,173,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/08/10 14:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009/07/16 23:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/06/14 10:32:28 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\niorbkl.sys -- (niorbk)
DRV - [2009/05/29 05:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto] -- D:\windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2009/03/29 21:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- D:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\NetworkService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
 
IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ecosia.org/?sc=de
IE - HKU\Tobias_*****_ON_D\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Tobias_*****_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Tobias_*****_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: D:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: D:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/02 10:50:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/01 09:52:08 | 000,000,000 | ---D | M]
 
[2012/03/05 04:28:25 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010/01/13 15:42:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/06/02 10:50:38 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/03/05 04:28:25 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/06/02 10:50:37 | 000,025,048 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2012/06/02 10:50:37 | 000,140,248 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2012/03/05 04:28:17 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/24 14:39:14 | 000,059,936 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\npIMAQAXControl.dll
[2011/06/09 13:05:10 | 000,025,088 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv2010win32.dll
[2011/06/22 06:43:54 | 000,026,112 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv2011win32.dll
[2009/10/22 04:28:40 | 000,028,448 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\NPLV82Win32.dll
[2008/12/10 09:49:34 | 000,023,040 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv86win32.dll
[2010/10/19 13:15:20 | 000,025,088 | ---- | M] (National Instruments) -- D:\Program Files\mozilla firefox\plugins\nplv90win32.dll
[2012/06/02 10:50:38 | 000,066,520 | ---- | M] (mozilla.org) -- D:\Program Files\mozilla firefox\plugins\npnul32.dll
[2012/07/27 16:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011/09/02 15:53:58 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/09/02 15:53:58 | 000,002,344 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/09/02 15:53:58 | 000,002,371 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\google.xml
[2011/09/02 15:53:58 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/09/02 15:53:58 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/09/02 15:53:58 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Users\Tobias *****\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Tobias_*****_ON_D\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Tobias_*****_ON_D\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] D:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ENISysTray]  File not found
O4 - HKLM..\Run: [IntelliPoint] D:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType Pro] D:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NI Update Service] D:\Users\Tobias *****\Desktop\Studium\Shared\Update Service\NIUpdateService.exe (National Instruments)
O4 - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Tobias_*****_ON_D..\Run: [NIRegistrationWizard] D:\Users\Tobias *****\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe ()
O4 - HKU\Tobias_*****_ON_D..\Run: [syshost32]  File not found
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - D:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Users\Tobias *****\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Tobias_*****_ON_D Winlogon: Shell - (explorer.exe) - D:\windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Tobias_*****_ON_D Winlogon: Shell - (C:\Users\Tobias *****\AppData\Roaming\skype.dat) - D:\Users\Tobias *****\AppData\Roaming\skype.dat ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - D:\windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - D:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - D:\windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - D:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - D:\windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - D:\windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - D:\windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/22 06:38:48 | 000,000,000 | ---D | C] -- D:\Users\Tobias *****\Desktop\verschiedenes
[2013/06/12 16:47:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\mshtml.tlb
[2013/06/12 16:47:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ieui.dll
[2013/06/12 16:44:57 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jscript.dll
[2013/06/12 16:44:56 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jscript9.dll
[2013/06/12 16:44:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iesetup.dll
[2013/06/12 16:44:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\jsproxy.dll
[2013/06/12 16:44:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\msfeeds.dll
[2013/06/12 16:44:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ie4uinit.exe
[2013/06/12 16:44:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iernonce.dll
[2013/06/12 16:44:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\iesysprep.dll
[2013/06/12 16:44:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\RegisterIEPKEYs.exe
[2013/06/12 12:55:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\d3d11.dll
[2013/06/12 12:55:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\cryptdlg.dll
[2013/06/12 12:55:05 | 000,492,544 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\win32spl.dll
[2013/06/12 12:55:02 | 000,903,168 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\certutil.exe
[2013/06/12 12:55:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\certenc.dll
[2013/06/12 12:54:56 | 003,968,872 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ntkrnlpa.exe
[2013/06/12 12:54:56 | 003,913,576 | ---- | C] (Microsoft Corporation) -- D:\windows\System32\ntoskrnl.exe
[2010/07/31 10:22:49 | 000,118,867 | ---- | C] ( ) -- D:\windows\System32\DSLLK175.dll
[2004/04/05 02:44:22 | 000,053,248 | ---- | C] ( ) -- D:\windows\System32\RCCOLLAB.DLL
[2 D:\Users\Tobias *****\Desktop\*.tmp files -> D:\Users\Tobias *****\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/03 18:52:43 | 000,067,584 | --S- | M] () -- D:\windows\bootstat.dat
[2013/07/03 08:43:08 | 2388,086,784 | -HS- | M] () -- D:\hiberfil.sys
[2013/07/03 08:14:25 | 000,015,056 | -H-- | M] () -- D:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/03 08:14:25 | 000,015,056 | -H-- | M] () -- D:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/03 08:08:00 | 000,000,884 | ---- | M] () -- D:\windows\tasks\Adobe Flash Player Updater.job
[2013/07/03 08:06:28 | 000,000,702 | ---- | M] () -- D:\windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013/07/03 08:04:24 | 000,000,004 | ---- | M] () -- D:\Users\Tobias *****\AppData\Roaming\skype.ini
[2013/07/03 08:03:22 | 000,001,112 | ---- | M] () -- D:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/03 07:11:55 | 000,003,224 | ---- | M] () -- D:\bootsqm.dat
[2013/07/03 06:08:53 | 000,001,116 | ---- | M] () -- D:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/29 10:35:47 | 000,080,481 | ---- | M] () -- D:\Users\Tobias *****\Desktop\Stromverlauf.jpg
[2013/06/27 06:07:33 | 000,763,254 | ---- | M] () -- D:\windows\System32\perfh007.dat
[2013/06/27 06:07:33 | 000,718,532 | ---- | M] () -- D:\windows\System32\perfh009.dat
[2013/06/27 06:07:33 | 000,173,608 | ---- | M] () -- D:\windows\System32\perfc007.dat
[2013/06/27 06:07:33 | 000,146,554 | ---- | M] () -- D:\windows\System32\perfc009.dat
[2013/06/20 19:42:48 | 000,002,089 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
[2013/06/20 04:16:56 | 000,001,966 | ---- | M] () -- D:\Users\Tobias *****\AppData\Local\recently-used.xbel
[2013/06/13 16:18:55 | 003,563,911 | ---- | M] () -- D:\Users\Tobias *****\Desktop\Wald.JPG
[2013/06/12 07:44:02 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\windows\System32\FlashPlayerApp.exe
[2013/06/12 07:44:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\windows\System32\FlashPlayerCPLApp.cpl
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- D:\windows\System32\ieui.dll
[2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- D:\windows\System32\mshtml.tlb
[2 D:\Users\Tobias *****\Desktop\*.tmp files -> D:\Users\Tobias *****\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/03 07:11:55 | 000,003,224 | ---- | C] () -- D:\bootsqm.dat
[2013/07/03 06:00:58 | 000,000,004 | ---- | C] () -- D:\Users\Tobias *****\AppData\Roaming\skype.ini
[2013/06/29 10:35:47 | 000,080,481 | ---- | C] () -- D:\Users\Tobias *****\Desktop\Stromverlauf.jpg
[2013/06/20 04:16:56 | 000,001,966 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\recently-used.xbel
[2013/06/13 16:18:55 | 003,563,911 | ---- | C] () -- D:\Users\Tobias *****\Desktop\Wald.JPG
[2013/03/20 15:38:11 | 000,075,264 | ---- | C] () -- D:\windows\System32\callrproxy.dll
[2012/01/11 04:01:24 | 000,114,688 | ---- | C] () -- D:\Users\Tobias *****\AppData\Roaming\skype.dat
[2011/11/16 09:22:04 | 000,003,843 | ---- | C] () -- D:\windows\scad3.INI
[2011/07/12 22:40:57 | 000,000,000 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\{F0D212F8-ABBE-4CF2-B8CE-0F99522FBD83}
[2011/07/12 19:40:42 | 000,000,000 | ---- | C] () -- D:\Users\Tobias *****\AppData\Local\{FE9F1CF2-22C6-49B6-87E6-39CD9422313F}
[2011/06/22 10:21:09 | 000,252,928 | ---- | C] () -- D:\windows\System32\DShowRdpFilter.dll
[2011/06/15 15:51:20 | 000,033,280 | ---- | C] () -- D:\windows\System32\LVWUtil32.dll
[2011/06/10 08:52:52 | 000,000,244 | ---- | C] () -- D:\windows\System32\nirpc.ini
[2010/01/12 15:00:45 | 000,000,002 | ---- | C] () -- D:\windows\HotFixList.ini
[2010/01/12 14:43:54 | 000,131,368 | ---- | C] () -- D:\ProgramData\FullRemove.exe
[2009/10/16 09:53:50 | 000,000,077 | ---- | C] () -- D:\windows\System32\VBAI Communication Server.ini
[2009/09/24 08:44:34 | 000,037,376 | ---- | C] () -- D:\windows\System32\tbbmalloc.dll
[2009/09/17 10:19:57 | 000,763,254 | ---- | C] () -- D:\windows\System32\perfh007.dat
[2009/09/17 10:19:57 | 000,295,922 | ---- | C] () -- D:\windows\System32\perfi007.dat
[2009/09/17 10:19:57 | 000,173,608 | ---- | C] () -- D:\windows\System32\perfc007.dat
[2009/09/17 10:19:57 | 000,038,104 | ---- | C] () -- D:\windows\System32\perfd007.dat
[2009/09/17 10:02:34 | 000,294,912 | ---- | C] () -- D:\windows\System32\ATIODE.exe
[2009/09/17 10:02:34 | 000,197,654 | ---- | C] () -- D:\windows\System32\atiicdxx.dat
[2009/09/17 10:02:34 | 000,045,056 | ---- | C] () -- D:\windows\System32\ATIODCLI.exe
[2009/09/17 09:41:26 | 000,000,000 | ---- | C] () -- D:\windows\ativpsrm.bin
[2009/09/16 18:27:24 | 000,307,200 | ---- | C] () -- D:\windows\SetDisplayResolution.exe
[2009/09/16 17:57:47 | 000,311,296 | ---- | C] () -- D:\windows\System32\Rezip.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- D:\windows\bootstat.dat
[2009/07/14 00:33:53 | 000,447,304 | ---- | C] () -- D:\windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,718,532 | ---- | C] () -- D:\windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- D:\windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,146,554 | ---- | C] () -- D:\windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- D:\windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- D:\windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- D:\windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- D:\windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- D:\windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\windows\System32\BWContextHandler.dll
[2009/07/13 18:09:19 | 000,982,196 | ---- | C] () -- D:\windows\System32\igkrng500.bin
[2009/07/13 18:09:19 | 000,417,344 | ---- | C] () -- D:\windows\System32\igcompkrng500.bin
[2009/07/13 18:09:19 | 000,139,824 | ---- | C] () -- D:\windows\System32\igfcg500.bin
[2009/07/13 18:09:19 | 000,097,448 | ---- | C] () -- D:\windows\System32\igfcg500m.bin
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\windows\System32\mlang.dat
[2009/05/29 05:00:00 | 000,004,096 | ---- | C] () -- D:\windows\System32\drivers\cvintdrv.sys
 
========== LOP Check ==========
 
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2013/03/20 15:37:28 | 000,000,000 | ---D | M] -- D:\ProgramData\CoDeSys V2.3
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2010/10/06 10:37:35 | 000,000,000 | ---D | M] -- D:\ProgramData\gateProtect
[2013/03/20 15:37:59 | 000,000,000 | ---D | M] -- D:\ProgramData\Gateway Files
[2010/01/13 15:42:56 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ
[2011/11/07 13:09:40 | 000,000,000 | ---D | M] -- D:\ProgramData\IVI Foundation
[2010/01/12 15:49:20 | 000,000,000 | ---D | M] -- D:\ProgramData\MumboJumbo
[2013/03/06 10:34:06 | 000,000,000 | ---D | M] -- D:\ProgramData\National Instruments
[2010/02/10 18:55:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Partner
[2011/08/25 08:24:14 | 000,000,000 | ---D | M] -- D:\ProgramData\PhotoStitch
[2010/01/16 18:49:58 | 000,000,000 | ---D | M] -- D:\ProgramData\PlayFirst
[2011/10/19 13:33:55 | 000,000,000 | ---D | M] -- D:\ProgramData\PreEmptive Solutions
[2009/09/16 18:28:13 | 000,000,000 | ---D | M] -- D:\ProgramData\SAMSUNG
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2010/01/16 18:51:25 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2013/03/06 10:34:06 | 000,000,000 | ---D | M] -- D:\ProgramData\WinClon
[2012/01/09 15:54:39 | 000,000,000 | ---D | M] -- D:\ProgramData\www.rene-zeidler.de
[2013/07/03 08:06:28 | 000,000,702 | ---- | M] () -- D:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
[2013/04/29 12:24:27 | 000,032,632 | ---- | M] () -- D:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> D:\ProgramData\Temp:5C5A503E
@Alternate Data Stream - 130 bytes -> D:\ProgramData\Temp:ABE89FFE
< End of report >
         
--- --- ---

[/CODE]

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 7/3/2013 5:50:48 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS
Drive D: | 141.49 Gb Total Space | 13.59 Gb Free Space | 9.61% Space Free | Partition Type: NTFS
Drive E: | 141.50 Gb Total Space | 136.44 Gb Free Space | 96.42% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{010A2C18-0830-45A0-BE2B-DD37A2D8A2FE}" = NI LabVIEW Run-Time Engine Interop 2011
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{01415FEA-D7D9-40CF-9370-AF74ABC1AE39}" = NI System API Web-Servce 32-bit 5.0.0
"{01AC4D6A-05F0-4158-95E7-FC299961B50A}" = NI Math Kernel Libraries
"{033F0FD6-07E0-414A-8367-51EB862EFE12}" = NI System Configuration Runtime 5.0.0
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{03A02E59-709E-42B0-BEE3-A3CB5C128921}" = NI LabVIEW 2011 System Identification Toolkit License
"{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{043955AD-7E11-4B6D-A317-B72F7BB87736}" = NI Assistant Framework LabVIEW 2011 Support
"{05617B99-0727-4FFB-AC8E-8F6427799C8F}" = NI-DAQmx/LabVIEW shared documentation 1.9.5
"{05C030B8-DC4F-489D-B86B-FC6B7DB3F607}" = NI SSL LabVIEW 2011 Support
"{0613F79E-C012-BC98-6E9C-5A47AEE6D37A}" = CCC Help Korean
"{066F687E-1CA0-4D94-A2C9-F8E6E817F4CB}" = NI LabVIEW Run-Time Engine 2011
"{070E052E-8D36-4B7E-B640-C75F12B2A76E}" = NI LabVIEW SignalExpress 2011 Licenses
"{07976ABB-1EBD-4A65-A7C7-155A0DC17173}" = CoDeSys for Automation Alliance
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A8CE3AA-99F2-5632-A8D2-636BE6CFE856}" = Catalyst Control Center Core Implementation
"{0C169DC9-8717-4458-B822-C79A25D08BE2}" = NI LabVIEW 2011 Control Design MathScript Support
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{105271B2-81E8-4C84-B820-590BFBC5F958}" = NI IVI Compliance Package 4.4
"{112DFF69-BD66-43B4-9F6A-FE2FFB60A075}" = NI LabVIEW 2011
"{13871A36-B819-4FB2-A29A-BDE475D8A6B3}" = NI LabVIEW 2011 Control Design Real-Time Support
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{1664EB8B-057B-0E23-7245-ECE92849FF4C}" = ccc-core-static
"{16BCFC83-D340-4E17-BF6F-78C05863F5D9}" = NI Vision Assistant 2011
"{16DF18C7-7F56-48A4-9CDE-CB699DBB5B16}" = NI IVI Class Driver LabVIEW 2011 Support
"{1709DBFC-E42A-4D32-A6B1-6EB067D4D9CE}" = IVI Shared Component
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{1848995E-B449-4549-A914-2CEBC0BA27F2}" = NI IVI Online Help
"{1968D913-702C-4418-9DC8-A095B15CE8A5}" = NI LabVIEW 2011
"{1A609A84-71AF-4D96-962B-E060D34FD4AB}" = NI MetaSuite Installer
"{1B5ABB51-8AAB-4FBA-8987-9A8820756E2B}" = NI USI 1.9.0
"{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client
"{1D1752FD-F4A9-4CA3-B9D3-0F4D22451D8C}" = NI LabVIEW 2011 System Identification Toolkit VIs
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1DBD8607-39EE-B7F3-CDE6-A2095B0EE0C9}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{20167022-64F2-4836-B9C9-1DBAA6721FD4}" = CCC Help Hungarian
"{204DD5C2-441A-DADC-E765-595B5C1EDE88}" = CCC Help Norwegian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218E2C0C-4740-DBCB-C8E8-D67201A6500A}" = CCC Help English
"{22923F17-B592-4A7F-84A8-18F3BFC13B94}" = NI Microsoft Silverlight Wrapper
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24EEDE86-3CB5-485D-91E3-F630273A08FF}" = NI LabVIEW SignalExpress 2011 Core LabVIEW Support
"{268B0789-E2BF-4836-BF05-A6140B4983CA}" = NI MAX Remote Configuration Installer 5.0
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26D20F5D-1D37-5BD1-34AB-6411AC34E2A9}" = ccc-utility
"{27111B7A-97FE-46BD-81F9-4E87737DF803}" = NI LabVIEW 2011 MeasAppChm File
"{292382C0-61F7-458A-9008-55F272A4DD9C}" = NI Logos 5.3.0
"{298008B1-AD82-4791-9BB8-863AD1408492}" = NI Uninstaller
"{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BC9B2CE-D569-4ADC-A8A0-170F2FD57139}" = NI LabVIEW 2010 Real-Time NBFifo
"{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses
"{31A184AC-4ACA-463B-BE84-F4ABA7FC4655}" = NI Logos LabVIEW 2011 Support
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{3363E5BE-7FBF-424B-B26C-0041CE837DD0}" = NI LabVIEW SignalExpress 2011 Core LabVIEW 2011 Support
"{33AAA123-A24A-46A7-8CD6-F03C5B375033}" = NI TDM Excel Add-In 3.3
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{3501AF2D-A97E-F6DB-521A-4E64EAEF5BDC}" = CCC Help Thai
"{37BD5C09-7CED-43F4-A1F5-2D892E12D483}" = NI LabVIEW 2011 MathScript RT Module License
"{397E268E-FB51-4C23-A496-1031B8F1CCEE}" = NI AFW UI Assemblies
"{3A1504FB-7067-4E46-9AFA-A3C29C95E4DC}" = NI LabVIEW Run-Time Engine 8.2.1
"{3A7C46AC-060B-6CBF-1862-969F79A5B758}" = CCC Help French
"{3AC01660-F640-4AFB-A25E-082B260C025C}" = WIF Core Dependencies Windows 5.0.0
"{3AE9153C-1E52-4B6B-9405-FE403342A3C8}" = NI Update Service 2.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D1F6E51-C98C-4C01-8170-D2DBF2837F13}" = NI LabVIEW Merge Utility 11.0.0
"{3EB37B26-432C-467C-9FBC-9BDA0E6FBDD7}" = Catalyst Control Center InstallProxy
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4067DBF1-91AF-445E-A34E-00707F214B49}" = NI IVI Class Simulation Drivers
"{411429D5-83D1-2F9B-9F53-4524DCE99E6D}" = CCC Help Portuguese
"{4135C790-0387-36D7-9C2A-1B09A5900460}" = Microsoft Visual Studio 2010 Ultimate - DEU
"{415780C0-4A19-4567-AAAE-10CCB9832B13}" = NI-RPC 4.2.2f0 for Phar Lap ETS
"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor
"{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{445D1CC7-9C3C-4823-9597-B7DDD8698FE6}" = NI LabVIEW 2011 Manuals
"{45C5DE6E-85AB-466E-9A6F-8BAB11EE0EDD}" = NI Web Interface Framework 2.0
"{46ADBF7F-868A-4625-9546-14355105AC50}" = NI IVI Provider for MAX
"{46BF7707-A511-47E7-B118-0E53DCA1A0EA}" = NI Remote PXI Provider for MAX 5.0.0
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3975BD-F85A-4CCB-9520-EB5604775A0F}" = NI LabVIEW 2011
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AA402A7-4547-4E1A-A034-1DF609A6CCA9}" = NI LabVIEW SignalExpress 2011 Datatypes LabVIEW 2011 Support
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4BDAF6F8-8C28-49FD-8FA7-CEE3E9E9BAD4}" = NI LabVIEW 2011 Simulation
"{4BEFB7C6-F103-42FB-9482-861C6D9690A0}" = NI LabVIEW Compare Utility 11.0.0
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{501DACFF-9399-4DBC-AA59-F35C9C6970D2}" = NI-DIM 1.11.0f0
"{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0
"{52252F5C-58CD-48ED-8C88-9AAD6FE887B4}" = NI Trace Engine
"{523B5D39-C209-41C8-9075-F6C14C2394D2}" = NI LabVIEW 2011 Search
"{523F21B6-D325-4515-9416-04A166437C43}" = NI LabVIEW SignalExpress 2011 Steps
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53957452-A916-4BBD-90A8-76C59020B9BD}" = NI LabVIEW 2011 System Identification Assistant
"{54FBC914-82D7-E646-2916-B3C6D320E0B4}" = Catalyst Control Center Graphics Previews Vista
"{555B2ADE-B3CB-4C95-A789-8A7C03A004B7}" = NI LabVIEW 2011 Deployment Framework
"{578A6214-6CC6-4043-A9A8-C045DDAE2B39}" = NI Remote Provider for MAX 5.0.0
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE7BB97-8215-4F88-90EC-B07C199CFBBF}" = NI Vision Builder AI 2010
"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo
"{5C468B0A-6DB3-402E-B4C0-6CA4CEFAE0AF}" = NI Sound and Vibration Frequency Analysis 2010
"{5D221DF2-F206-681F-75FE-1C7620BE69A7}" = CCC Help Greek
"{5F123C21-A5E2-4CFB-A6A7-034C9087099F}" = NI Logos XT Support
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{67A00571-3985-4051-97D1-5EA81F9F1319}" = NI LabVIEW SignalExpress 2011 LabVIEW 2011 Support
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{6848704E-C8D4-4F4F-9181-5926D4A11E98}" = ATI Catalyst Install Manager
"{68DE7BF6-AFA9-4609-9C96-8C15E46E2093}" = NI Example Finder 11.0
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6AA9D409-78E2-47A3-98CB-5D36E75232AF}" = NI Enhanced DSC Deployment Support for LabVIEW 2010
"{6B9EFC04-713D-F238-E388-F3CDA52E7880}" = Catalyst Control Center Graphics Light
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core
"{6CB778E6-693F-7A2A-C5AD-C7743500D249}" = CCC Help Turkish
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6E84AECC-91B8-4738-97D2-0E8083A093F2}" = NI Measurement Studio Common .NET Assemblies for .NET 2.0
"{6F1B061C-AB4B-4FB4-8715-269FFCC2FD07}" = NI LabVIEW 2011
"{70BA7761-629A-4118-BFE0-02753B9019C8}" = NI MXS 5.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712723FB-BF99-4406-8F91-A2DB766AB2C9}" = NI VC2008MSMs x86
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{73854BF9-E78E-4D6F-B8C2-A7A3CD855124}" = NI LabVIEW 2011 Help File
"{74543E90-425B-46D2-BB83-D91C7974834D}" = NI LabVIEW 2011
"{747D98C4-ADDB-47F6-9055-149DC280E478}" = NI Vision Assistant 2011 .NET
"{7571F0A3-AC23-4F7B-A64E-442C5C82CE01}" = NI LabVIEW 2011
"{75C812EE-06B8-4A47-B37D-9777BE9A644C}" = NI SSL Support
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7664BF64-BD18-47B7-A678-0F1D98FC8F13}" = NI LabVIEW 2011 MathScript RT Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7888F38C-E534-473D-B029-562173EEA2C8}" = NI-Mesa
"{7A29AA0C-202A-467E-9257-DE2E8DBC60B3}" = NI LabVIEW 2011 License
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{7C62B54A-E524-4F3D-83E7-0F2ABAFC978A}" = NI Xalan Delay Load 1.10.1
"{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo
"{7D4BA4CF-992A-4F10-83F6-B4DBB27704DF}" = NI LabVIEW 2011 Control Design Shared VIs
"{7D64A463-C3C9-40B6-BC46-4DD7D0DE2BFD}" = NI LabVIEW 2011 Run-Time Engine Non-English Support.
"{7D826D95-7FEE-4FC6-A3CC-BE4A53810441}" = NI IVI Engine
"{7D89ECEB-7E27-4898-812E-80862E91AB94}" = NI Portable Configuration 5.0.0
"{7E3668CB-1228-416E-B721-C2FA3247B985}" = NI LabVIEW Real-Time FIFO for Runtime
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{80C792E1-78BC-4F4A-839E-BCD107770938}" = NI System API Windows 32-bit 5.0.0
"{82D29FE9-9F5A-4EF7-BBA1-EF107DDB2E64}" = NI Certificates Deployment Support
"{85BA3FCF-AA00-4151-B97D-84A221E8198A}" = NI-VISA Runtime 5.0.3
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{886C3E95-4032-45C8-92F6-57861871635A}" = NI Software Provider for MAX 5.0.0
"{89089F33-94D7-4E9C-918F-75CC933FC88F}" = NI DataSocket 4.9
"{8923D179-24D1-475D-A381-0B8C1AF1A206}" = NI LabVIEW 2011 Web Server
"{896849EE-EEE6-4E45-B20B-9F4DDCF805DA}" = NI Assistant Framework
"{89CE9AA7-0615-4DB5-83DB-B0AA2FDAD454}" = NI LabVIEW 2011
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3E6AA0-992F-4957-A1DB-CC2CA521F790}" = NI LabVIEW SignalExpress 2011 Core
"{8BDFB0BC-FE2E-470C-9F43-F960057AC83D}" = NI LabVIEW 2011 Digital Filter Design Toolkit License
"{8D88074D-4378-C049-4264-EB3EE8AC155C}" = CCC Help Japanese
"{8D9F6EFD-6EAF-4327-AD59-92DEA050BDAF}" = NI Instrument IO Assistant for LabVIEW 2011 32-bit
"{8EAA9D70-C912-3708-92DD-0CCC26F386E1}" = Microsoft Visual Studio 2010 Performance Collection Tools - DEU
"{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin
"{8F1B9FE1-5777-4118-B982-B50B030101FF}" = NI LabVIEW 2011
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{912B04B3-7C7C-4929-AE68-EC2A4CCB4E73}" = Microsoft-Maus- und Tastatur-Center
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{929F5BFC-60F0-34EC-A50B-2001AAC03D56}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{930BD01D-A420-4BB4-8E85-A313FD7ED49E}" = NI-PAL 2.6.5f0
"{9320E1F0-31CB-4095-B430-017A35406E40}" = NI LabVIEW SignalExpress 2011 Datatypes
"{93E42FF5-065E-0D52-2777-8A1849CB8574}" = CCC Help Swedish
"{94D5097B-46D0-A1D9-8983-284E3C675CA9}" = Catalyst Control Center Localization All
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95C26FA7-5FDD-4C6D-AD6F-3D4B3FEB0D70}" = NI AFW Custom UI Assemblies
"{961B4059-D1C0-43C8-095B-75A18BD0F8C8}" = CCC Help Polish
"{98B874D4-D8A4-40BE-B82A-36E902C84289}" = NI-ORB 1.9.3f0
"{98F4DC3F-958E-4DE5-BE1D-DBD72B05A204}" = NI Search Shared
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009 SP1
"{9B84A151-81CC-6133-D844-A189FDA1C34F}" = CCC Help Chinese Standard
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2113B6-30DC-4827-9166-E6F4889D7594}" = NI LabVIEW 2011 Deployable License
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9E6D743D-630C-4610-A7C3-E3998B411FB5}" = NI LabVIEW 2011 Digital Filter Design Toolkit RT Support
"{9EC3B901-EE18-459A-ABF1-8EAEFD8A908C}" = NI LabVIEW 2011 MathScript RT Module
"{9FCEDDD0-4FEA-41CE-9739-565F39B2F607}" = NI MDF Support
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A11A542A-37BF-4943-9810-3F1DC0AD4A1C}" = NI LabWindows/CVI 2010 Code Generator
"{A259AA7B-BF60-4317-A6EA-4FA86BC99DEF}" = NI Vision Common Resources 2011
"{A259D0D8-1F44-4A5A-B1AB-F5AE6020FAF1}" = NI Vision Run-Time Engine 2011
"{A363C314-2242-4BBE-9ADE-B427AF646EFF}" = NI mDNS Responder 1.6.0
"{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education
"{A5FB6F3A-2120-45C8-B5E5-476BD5580BD6}" = NI LabVIEW EWB DeviceHandler 2010
"{A736A59D-FFAD-4EE5-962F-510DE151D6AA}" = NI AFW Channel Configuration Tool
"{A7B1ABA8-E2A2-4565-A8AF-F01657FF5CEA}" = NI LabVIEW Web Services Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
"{AB47630B-C1BF-4A0A-93EF-3492A59A4704}" = NI LabVIEW Run-Time Engine Interop 2010
"{AB55A100-AAC9-43EA-845E-2DCDC0D4D2B8}" = NI Math Kernel Libraries
"{AB9BBC2E-83F6-47A9-9FA3-08D3774F8E45}" = NI-RPC 4.2.2f0
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD118C09-CD56-4676-80D3-25221BA9A3E9}" = NI IVI Class Drivers
"{ADEB5E8B-AF72-49E5-BF36-3891B9F75FF3}" = NI Vision Builder AI 2010 API Interface
"{AE593237-3C8E-44F2-A9AA-2DDE0A472CDE}" = NI LabVIEW Web Server for Run-Time Engine
"{AE86495C-42F9-F5BE-E878-7798456A509A}" = CCC Help Spanish
"{AFFE41B4-6FB6-4E64-811C-5F57D05DF70F}" = NI Sound and Vibration Frequency Analysis LabVIEW 2011 Support
"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009
"{B179B6ED-5D5B-49B8-8929-5144738B81C3}" = NI LabVIEW SignalExpress 2011 Tools
"{B1DCBBC7-8ECE-497F-926F-02FE4E42216B}" = NI Distributed System Manager 2011
"{B1EE55C1-F98B-40AB-AF0C-422ECCC88454}" = NI Measurement & Automation Explorer 5.0.0
"{B25CE691-97D9-4A38-BC65-A889194BECEB}" = NI Vision 2011
"{B2BDA3BC-29BE-49C1-A30E-15DA8D041601}" = NI License Manager
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B61FFD74-8DAD-41E1-835F-3995E026EDB4}" = NI Measurement Studio Common .NET Assemblies for .NET 3.5
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{B7493783-F638-BEAE-C8C7-665C5A03E652}" = CCC Help Dutch
"{B82ABF2C-CBD3-5528-26DF-F1161A2B34BF}" = Catalyst Control Center Graphics Full New
"{B9B1B5D9-F96D-0257-A23C-8EA9ACCCF8CB}" = CCC Help Czech
"{BADAFD0C-2B14-4D4E-B2A8-0E6B5F6781F1}" = NI Control Design Assistant 2011
"{BB3EBB9E-1CA1-4B7F-9E67-09540CCE9F45}" = NI Assistant Framework LabVIEW Code Generator 2011
"{BD2BD62A-444B-4838-8931-B3E9679144AB}" = NI LabVIEW SignalExpress 2011 LabVIEW Support
"{BE5C49CF-A4B7-453B-953B-7C70375865C5}" = NI LabVIEW 2011 Digital Filter Design Toolkit
"{C09C5E8D-1706-4025-9919-07E010C7E74D}" = NI LabVIEW Modulation Toolkit 4.3.1
"{C0DE25AE-B0E5-4D4B-96CE-EE757066D0BA}" = NI Network Discovery 5.0
"{C2217F81-3429-418C-9F60-14F0E051E1A4}" = NI LabVIEW 2011 Control Design and Simulation Module
"{C3181764-B8F3-A705-5362-86E37C476710}" = Catalyst Control Center Graphics Full Existing
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAC9188C-83A0-4F9F-858A-DA430DC2E401}" = NI AFW Custom UI
"{CC17CE69-4AB6-4434-ADB4-27DB49D36080}" = NI Curl 1.1
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CF30E2B5-A7A7-47AD-8B03-22A27D4E9971}" = NI LabVIEW 2011 Real-Time Error Dialog
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D11EA398-49B5-4266-B9BC-E75F8E530A05}" = NI Vision Builder AI 2010 Shared Resources
"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services
"{D4877334-6730-4C84-B9C9-218EA466CA74}" = NI LabVIEW 2011
"{D5BB7AAE-62F4-4C4F-B272-F27AEE16BA7F}" = NI TDMS
"{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de
"{D6D68ABC-954B-4373-92A2-0FE7FA59AC1A}" = NI EulaDepot
"{D70CCDE0-44B0-460D-94AD-7BE162E49126}" = NI LabVIEW 2011
"{DA146D61-5542-2F55-C5E4-49D26EBAAA5B}" = CCC Help Russian
"{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) de
"{DB0D5AFF-0B60-4287-9BC2-F4AE797B02F4}" = NI Authentication 2.0
"{DB0EF3C1-8AF4-1E28-267E-024999C11828}" = CCC Help Finnish
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DB68B420-5382-48EE-9A2A-CB984FEBB192}" = NI LabVIEW Web Server for Run-Time Engine
"{DB77F50B-F88C-4D63-9103-EF4D71BA4C50}" = NI Vision .NET Run-Time Engine 2011
"{DBB62E6B-66F5-09D2-D2CC-C1877CDD9A8B}" = CCC Help Italian
"{DBE8431C-CF9A-38C3-B42D-28B6FCE1EA3B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{DC8D559F-7A15-45FE-9DC5-D954D49D7ED9}" = NI System Identification Assistant LabVIEW Support
"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0D8CD4E-4771-4848-A09D-60A31D883883}" = NI VC2005MSMs x86
"{E125DE33-5564-4531-A4EF-BBC7C78031BA}" = NI LabVIEW SignalExpress 2011
"{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3739FE9-3BAF-4250-82FA-230C7CC0EAD8}" = NI LabVIEW 2011 Help
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5141E62-8A90-D9A1-EB2D-C4D0D9940D90}" = CCC Help German
"{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3
"{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard
"{E8A99DC4-303C-4BC4-98B8-9C324BAD0006}" = VISA Shared Components
"{EA37AB72-EC8C-432C-A1C6-186850FB0559}" = NI System State Publisher
"{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}" = Microsoft Sync Framework Services v1.0 SP1 (x86) de
"{EB708DAB-CD04-46E4-88C9-E3BC80595982}" = NI System Web Server Base 2.0
"{EB8D0A82-E02A-437C-A7C4-90516F1CFB39}" = NI Web Application Server 2.0
"{EC45867D-83A8-4ECF-911A-154CD98BD592}" = NI Measurement Studio 8.6 Enterprise RunTime for VS2005
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EC868042-4A40-492C-A30B-170F30DB6686}" = NI Vision .NET 2011
"{EDE7C782-6E1F-4C07-9E58-B90BBA0658BD}" = NI-IMAQ Camera Files
"{EDFC39D7-B782-4B43-BF9C-D1B80ADEA863}" = NI LabVIEW Runtime Engine 2010 SP1
"{EF1B1A68-988E-4A68-8504-774373A4651C}" = NI OPC Support
"{EF1E7F06-246A-4501-A2B8-2C0C72600F66}" = NI LabVIEW Analog Modulation Toolkit 4.3.1
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F04A89CB-A185-4263-85ED-4BAD766F7DAE}" = NI Error Reporting 2011
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F293A67D-04BB-6960-5D13-13F158796960}" = CCC Help Danish
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F2E01659-A397-4F84-9B5E-484A431CE1C5}" = NI System Web Server 2.0
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker
"{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder
"{F6C682B6-7714-41CC-80B6-3288364910AF}" = NI GMP Windows 32-bit Installer 11.0.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7CCA6E5-1D14-4907-83BB-6B6BF36F1D90}" = NI Variable Engine LabVIEW 2011 Support
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9A74F70-7597-47B8-B04C-044824C23B15}" = NI LabVIEW 2011 VIPM Helper
"{F9E0880D-B263-48F9-B8E5-BAFCAE9BE150}" = NI System API Client for WIF 5.0.0
"{FDED748C-432B-4B44-BB33-3BB8550A2AD2}" = NI Variable Engine 2.5.0
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FEDBFDE2-61C2-4009-AC34-7FE12107C28B}" = NI LabVIEW 2011 System Identification Toolkit
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"DPP" = Canon Utilities Digital Photo Professional 3.8
"DRI Tool 2.0_is1" = DRI Tool 2.0
"EOS Utility" = Canon Utilities EOS Utility
"gateProtect VPN Client 2.5" = gateProtect VPN Client 2.5
"Google Chrome" = Google Chrome
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"Inkscape" = Inkscape 0.48.4
"IviSharedComponent" = IVI Shared Components 2.2.1
"LTspice IV" = LTspice IV
"Matlab R2011b" = MATLAB R2011b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Microsoft Visual Studio 2010 Ultimate - DEU" = Microsoft Visual Studio 2010 Ultimate - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Firefox (3.6.26)" = Mozilla Firefox (3.6.26)
"NI Uninstaller" = National Instruments - Software
"ODSK" = Canon Utilities Original Data Security Tools
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Blender" = PDF Blender
"PhotoStitch" = Canon Utilities PhotoStitch
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Uninstall_is1" = Uninstall 1.0.0.1
"VISASharedComponents" = VISA Shared Components
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Tobias_*****_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
< End of report >
         
--- --- ---

[/CODE]

hab gesehen dass bei OTL noch der Nachname drin war. Habe das nochmal korrigiert.
passt das so, oder ist das zu viel was ich da eingefügt habe?

Geändert von Tobi R. (03.07.2013 um 15:15 Uhr)

Alt 03.07.2013, 15:11   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Fixen mit OTLpe

  • Starte den infizierten Rechner mit der OTLpe-CD und öffne OTLpe.
  • Kopiere nun den folgenden Inhalt aus der Codebox in die Textbox.
    Wichtig: Falls du deinen Benutzernamen im Log unkenntlich gemacht hast (z.B. durch ***), dann mach das hier wieder rückgängig.

Code:
ATTFilter
:OTL
O20 - HKU\Tobias_Rossmann_ON_D Winlogon: Shell - (C:\Users\Tobias Rossmann\AppData\Roaming\skype.dat) - D:\Users\Tobias Rossmann\AppData\Roaming\skype.dat ()
[2013/07/03 06:00:58 | 000,000,004 | ---- | C] () -- D:\Users\Tobias Rossmann\AppData\Roaming\skype.ini
[2012/01/11 04:01:24 | 000,114,688 | ---- | C] () -- D:\Users\Tobias Rossmann\AppData\Roaming\skype.dat
@Alternate Data Stream - 146 bytes -> D:\ProgramData\Temp:5C5A503E
@Alternate Data Stream - 130 bytes -> D:\ProgramData\Temp:ABE89FFE
         
  • Klicke jetzt auf den Fix Button.
  • Starte danach neu und versuche wieder in den normalen Modus von Windows zu booten.
  • Nach dem Neustart findest du ein Textdokument auf deinem Desktop.
    (Auch zu finden unter C:\OTL\MovedFiles\<time_date.log>)
  • Kopiere nun dessen Inhalt hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2013, 15:32   #13
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



wow, es ist alles wieder da

auf meinem Desktop habe ich keine txt.datei gefunden.
Es erschien jedoch nach der "Fix"-Aktion eine neue txt-datei:

Alt 03.07.2013, 15:34   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



Eine Kontrolle mit OTL bitte aus dem normalen installierten Windows bitte (KEIN OTLPE!)
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2013, 16:08   #15
Tobi R.
 
Hilfe gegen Trojaner GVU - Standard

Hilfe gegen Trojaner GVU



ich kann auf dem betroffenen Rechner das Programm nicht downloaden.
Beim Hilfs-PC hat es geklappt.
ich brauche dieses Programm otlpe, dann werde ich gefragt ob ich das auf cd brennen mag und dann ist es doch auf dem Rechner (beim anderen hat es so geklappt).

Grüße,
Tobi

Antwort

Themen zu Hilfe gegen Trojaner GVU
beste, besten, daten, erneut, forum, freue, geld, gelöst, hallo zusammen, laptop, meldung, neu, nicht mehr, probleme, problemen, suche, thread, total, troja, trojaner, virus, würde, überhaupt, zugriff, zusammen



Ähnliche Themen: Hilfe gegen Trojaner GVU


  1. Das Erste-Hilfe-Kit gegen Krypto-Trojaner
    Nachrichten - 21.05.2015 (0)
  2. brauche hilfe gegen bundestrojaner.....
    Log-Analyse und Auswertung - 24.06.2012 (2)
  3. Suche Hilfe gegen Trojaner Win32/AgentBypass.gen!K
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (0)
  4. Bitte um Hilfe gegen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.11.2008 (1)
  5. HILFE gegen TR/Vundo.Gen
    Log-Analyse und Auswertung - 16.07.2008 (4)
  6. Hilfe gegen Trojaner TR\Agent.aec bzw. Backdoor.Win32.Rukap.Gen
    Log-Analyse und Auswertung - 18.09.2007 (3)
  7. Brauche Hilfe gegen einen Trojaner (VirusBursters)
    Log-Analyse und Auswertung - 15.11.2006 (4)
  8. HILFE HILFE HILFE HABE MIR EIN TROJANER EINGEFANGEN MIT DEN NAMEN TR/Drop.Toolbar.A.2
    Log-Analyse und Auswertung - 13.09.2006 (4)
  9. Bitte um verständliche Hilfe gegen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.08.2006 (1)
  10. Suche Hilfe gegen einen nervigen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.04.2006 (2)
  11. Hilfe gegen New Malware.bot???
    Antiviren-, Firewall- und andere Schutzprogramme - 05.12.2005 (10)
  12. hilfe gegen popups
    Plagegeister aller Art und deren Bekämpfung - 30.11.2005 (1)
  13. Bitte um Hilfe gegen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.09.2005 (7)
  14. Bitte Bitte um Hilfe gegen Trojaner!
    Log-Analyse und Auswertung - 07.04.2005 (9)
  15. hilfe gegen troyaner
    Plagegeister aller Art und deren Bekämpfung - 07.04.2005 (1)
  16. Hilfe gegen TR/Dldr.Keenval.3
    Log-Analyse und Auswertung - 26.02.2005 (5)
  17. Viren-Newbie braucht Hilfe beim Kampf gegen Trojaner
    Log-Analyse und Auswertung - 08.02.2005 (8)

Zum Thema Hilfe gegen Trojaner GVU - Hallo zusammen, zuerst einmal Hallo an alle, ich bin neu hier. Eigentlich wollte ich nach ähnlichen Problemen hier im Forum suchen um nicht erneut einen Thread zu öffnen. Doch dann - Hilfe gegen Trojaner GVU...
Archiv
Du betrachtest: Hilfe gegen Trojaner GVU auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.