| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Erneuter VirusbefallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.11.2013, 22:18
| #3 |
 |  Erneuter Virusbefall Ich hatte gar nicht die Möglichkeit Farbar's Recovery Scan Tool auf den Desktop zu speichern. Bei meinem Internet-Explorer hatte sich unten eine Datei geöffnet, die ich nur von dort starten konnte (Rechtsklick und "Speichern-untern" ging nicht). Bei dem Scan wurde die Text-Datei FRST erstellt, jedoch nicht die erwähnte Addition.txt.
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-11-2013 01
Ran by Tobias Rossmann (administrator) on TOBIASROSSMANN on 25-11-2013 22:08:40
Running from C:\Users\Tobias Rossmann\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
() C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe
(National Instruments Corporation) C:\Windows\System32\lkads.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\nierserver.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\System32\Rezip.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(National Instruments, Inc.) C:\Windows\System32\lkcitdl.exe
(National Instruments Corporation) C:\Windows\System32\lktsrv.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Corporate Inc) C:\Program Files\Pricora 6.1\Pricora 6.1-chromeinstaller.exe
(Farbar) C:\Users\Tobias Rossmann\Downloads\FRST (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [NI Update Service] - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Update Service\NIUpdateService.exe [3002976 2011-06-07] (National Instruments)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1109072 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [1629280 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [NIRegistrationWizard] - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [846520 2010-06-21] ()
Startup: C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Pricora 6.1 - {11111111-1111-1111-1111-110311861131} - C:\Program Files\Pricora 6.1\Pricora 6.1-bho.dll (Corporate Inc)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Users\Tobias Rossmann\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default
FF NewTab: hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
FF Homepage: hxxp://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-25.xml
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\winamp-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Pricora 6.1 - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\54818767-c1e0-4c84-b033-72ea65a4edba@ee56dd5d-3d74-4339-aeed-d52f03c7f36f.com
FF Extension: Garmin Communicator - C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Chrome:
=======
CHR HomePage: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=6C6E0024541AA6C3&affID=124247&tsp=4997"
CHR DefaultSearchURL: (Babylon) - hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
CHR DefaultSuggestURL: (Babylon) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (National Instruments IMAQ 1.0 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\npIMAQAXControl.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 2010 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 2011 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv2011win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 8.2 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 8.6 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 9.0 Netscape Plug-in for Windows) - C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll (National Instruments)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Extension: (Adblock Plus) - C:\Users\TOBIAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Delta Toolbar) - C:\Users\TOBIAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.2_0
CHR Extension: (Pricora 6.1) - C:\Users\TOBIAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\foenjmpocjdplgcoopnkgljjimdkjmkn\1.25.56_0
CHR Extension: (Google Wallet) - C:\Users\TOBIAS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Tobias Rossmann\AppData\Roaming\BabSolution\CR\Delta.crx
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 GPVPNService; C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe [86016 2009-11-30] ()
R2 LkCitadelServer; C:\windows\system32\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\windows\system32\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
R2 lkTimeSync; C:\windows\system32\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mxssvr; C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe [12696 2011-06-14] (National Instruments Corporation)
R2 NIApplicationWebServer; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
R2 NIDomainService; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe [362104 2011-06-14] (National Instruments Corporation)
S3 NILM License Manager; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [131776 2010-06-23] (National Instruments Corporation)
R2 nimDNSResponder; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe [194224 2011-06-01] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe [121032 2011-06-10] (National Instruments Corporation)
R2 niSvcLoc; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
R2 NITaggerService; C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe [676016 2011-06-14] (National Instruments Corporation)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] ()
S2 ENI Server; C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENI.exe [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 cvintdrv; C:\Windows\System32\Drivers\cvintdrv.sys [4096 2009-05-29] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 nidimk; C:\windows\system32\drivers\nidimkl.sys [11432 2010-06-11] (National Instruments Corporation)
S3 niorbk; C:\windows\system32\drivers\niorbkl.sys [11344 2009-06-14] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [11968 2011-02-14] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [573592 2011-02-14] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [11968 2011-02-14] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [15448 2010-03-24] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [11432 2010-06-23] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [11432 2010-06-23] (National Instruments Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-08] (Avira GmbH)
S3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S3 VSPerfDrv100; C:\Users\Tobias Rossmann\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [x]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\TOBIAS~1\AppData\Local\Temp\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-25 22:08 - 2013-11-25 22:08 - 00023761 _____ C:\Users\Tobias Rossmann\Downloads\FRST.txt
2013-11-25 22:07 - 2013-11-25 22:07 - 01091605 _____ (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST (1).exe
2013-11-25 22:06 - 2013-11-25 22:06 - 01091605 _____ (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST.exe
2013-11-22 18:44 - 2013-11-22 18:46 - 00000882 _____ C:\Users\Tobias Rossmann\Desktop\eclipse.lnk
2013-11-22 18:37 - 2013-11-22 20:30 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Local\Eclipse
2013-11-22 18:36 - 2013-11-22 18:37 - 00000000 ____D C:\Users\Tobias Rossmann\workspace
2013-11-22 18:33 - 2013-11-22 20:29 - 00000000 ____D C:\Users\Tobias Rossmann\Downloads\eclipse
2013-11-22 18:24 - 2013-11-22 18:27 - 147031654 _____ C:\Users\Tobias Rossmann\Downloads\eclipse-cpp-kepler-SR1-win32.zip
2013-11-22 17:24 - 2013-11-22 17:24 - 00086528 _____ (MinGW.org Project) C:\Users\Tobias Rossmann\Downloads\mingw-get-setup (3).exe
2013-11-21 17:47 - 2013-11-21 17:47 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-16 15:50 - 2013-11-16 15:50 - 00080571 _____ C:\Users\Tobias Rossmann\Downloads\LTC2_Präsi.pptx
2013-11-15 08:35 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-15 08:35 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-15 08:35 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-15 08:35 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-15 08:35 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-15 08:35 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-14 17:42 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-14 17:42 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-14 17:42 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-14 17:42 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-14 17:42 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 17:42 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-14 17:42 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-14 17:42 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-14 17:42 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-14 17:42 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-14 17:42 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-14 17:42 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-14 17:42 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-14 17:42 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-14 17:42 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-14 17:42 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-14 17:42 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-14 17:42 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-10 17:42 - 2013-11-18 09:31 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\AikaHöhle
2013-11-10 14:03 - 2013-11-10 17:06 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\AikaPorträt
2013-11-06 10:25 - 2013-11-07 18:57 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Bachelor-Angebote
2013-11-03 14:11 - 2013-09-04 02:15 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-11-03 14:11 - 2013-09-04 02:14 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
==================== One Month Modified Files and Folders =======
2013-11-25 22:11 - 2013-11-25 22:08 - 00023761 _____ C:\Users\Tobias Rossmann\Downloads\FRST.txt
2013-11-25 22:10 - 2013-09-06 15:05 - 00001898 _____ C:\windows\Tasks\Pricora 6.1-chromeinstaller.job
2013-11-25 22:08 - 2012-07-16 07:26 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-25 22:07 - 2013-11-25 22:07 - 01091605 _____ (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST (1).exe
2013-11-25 22:06 - 2013-11-25 22:06 - 01091605 _____ (Farbar) C:\Users\Tobias Rossmann\Downloads\FRST.exe
2013-11-25 22:06 - 2013-09-06 15:06 - 00001298 _____ C:\windows\Tasks\Pricora 6.1-updater.job
2013-11-25 22:06 - 2013-09-06 15:06 - 00001204 _____ C:\windows\Tasks\Pricora 6.1-codedownloader.job
2013-11-25 22:06 - 2013-09-06 15:06 - 00001102 _____ C:\windows\Tasks\Pricora 6.1-enabler.job
2013-11-25 22:05 - 2013-09-06 15:05 - 00001824 _____ C:\windows\Tasks\Pricora 6.1-firefoxinstaller.job
2013-11-25 22:01 - 2012-07-15 17:49 - 00001116 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-25 22:01 - 2009-07-14 05:39 - 00246533 _____ C:\windows\setupact.log
2013-11-25 19:59 - 2009-09-16 22:52 - 01644059 _____ C:\windows\WindowsUpdate.log
2013-11-25 19:08 - 2013-07-06 14:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-25 19:08 - 2010-01-13 20:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-25 11:21 - 2009-07-14 05:34 - 00015056 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-25 11:21 - 2009-07-14 05:34 - 00015056 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-24 08:26 - 2012-07-15 17:49 - 00001112 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-23 15:15 - 2011-09-19 08:22 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Studium
2013-11-23 13:48 - 2012-06-07 16:15 - 00000702 _____ C:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
2013-11-23 12:02 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-23 11:53 - 2013-09-14 06:41 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-23 11:53 - 2009-09-16 23:44 - 00900472 _____ C:\windows\PFRO.log
2013-11-23 10:30 - 2009-07-26 21:06 - 01800066 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-22 20:31 - 2013-09-08 14:29 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Java
2013-11-22 20:30 - 2013-11-22 18:37 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Local\Eclipse
2013-11-22 20:29 - 2013-11-22 18:33 - 00000000 ____D C:\Users\Tobias Rossmann\Downloads\eclipse
2013-11-22 18:46 - 2013-11-22 18:44 - 00000882 _____ C:\Users\Tobias Rossmann\Desktop\eclipse.lnk
2013-11-22 18:37 - 2013-11-22 18:36 - 00000000 ____D C:\Users\Tobias Rossmann\workspace
2013-11-22 18:36 - 2010-01-12 19:41 - 00000000 ____D C:\Users\Tobias Rossmann
2013-11-22 18:27 - 2013-11-22 18:24 - 147031654 _____ C:\Users\Tobias Rossmann\Downloads\eclipse-cpp-kepler-SR1-win32.zip
2013-11-22 17:37 - 2013-09-08 14:37 - 00000000 ____D C:\MinGW
2013-11-22 17:27 - 2013-09-08 14:39 - 00000959 _____ C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk
2013-11-22 17:27 - 2013-09-08 14:39 - 00000935 _____ C:\Users\Tobias Rossmann\Desktop\MinGW Installer.lnk
2013-11-22 17:24 - 2013-11-22 17:24 - 00086528 _____ (MinGW.org Project) C:\Users\Tobias Rossmann\Downloads\mingw-get-setup (3).exe
2013-11-21 17:47 - 2013-11-21 17:47 - 00000000 ____D C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-19 10:20 - 2013-08-08 13:13 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 10:20 - 2013-08-08 13:13 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-18 09:31 - 2013-11-10 17:42 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\AikaHöhle
2013-11-18 09:20 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\de-DE
2013-11-16 15:50 - 2013-11-16 15:50 - 00080571 _____ C:\Users\Tobias Rossmann\Downloads\LTC2_Präsi.pptx
2013-11-15 08:51 - 2012-07-15 17:49 - 00002081 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-15 08:43 - 2010-01-12 19:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 08:35 - 2013-07-17 08:49 - 00000000 ____D C:\windows\system32\MRT
2013-11-15 08:30 - 2010-01-16 15:49 - 80340640 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-13 22:13 - 2013-04-22 22:13 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Kibera
2013-11-13 15:13 - 2012-03-28 18:37 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\NS
2013-11-10 17:06 - 2013-11-10 14:03 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\AikaPorträt
2013-11-09 17:43 - 2013-10-25 09:12 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Buchenwald
2013-11-08 18:37 - 2011-10-19 18:23 - 00000000 ____D C:\Users\Tobias Rossmann\Documents\Visual Studio 2010
2013-11-07 18:57 - 2013-11-06 10:25 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Bachelor-Angebote
2013-11-04 19:53 - 2013-10-03 17:08 - 00000000 ____D C:\Users\Tobias Rossmann\Desktop\Facebook
Some content of TEMP:
====================
C:\Users\Tobias Rossmann\AppData\Local\Temp\AskSLib.dll
C:\Users\Tobias Rossmann\AppData\Local\Temp\avgnt.exe
C:\Users\Tobias Rossmann\AppData\Local\Temp\IminentSetup-1-.exe
C:\Users\Tobias Rossmann\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Tobias Rossmann\AppData\Local\Temp\silent_pricora_DE.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-21 08:18
==================== End Of Log ============================
[/CODE] viele Grüße, Tobi |
Baum-Darstellung