Hier die Datei JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.5 (07.26.2013:2)
OS: Windows 7 Home Premium x86
Ran by Tobias Rossmann on 28.07.2013 at 11:36:30,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Failed to stop: [Service] webcake desktop updater
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\webcake desktop
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{7169bbb3-3289-4696-b35d-4a88bcf6fb12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{261dd098-8a3e-43d4-87aa-63324fa897d8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4fcb4630-2a1c-4aa1-b422-345e8dc8a6de}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{86838207-681d-469d-9511-d0dcc6f19f9b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{a0b10ebe-4e51-4cae-949b-e6b9e7d68cea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{af6b0594-6008-4327-93e5-608ad710a6fa}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{bb975e58-e769-4e5a-ba12-b765bc559ff3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{df84e609-c3a4-49cb-a160-61767daf8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e97a663b-81a6-49c5-a6d3-bcb05ba1de26}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f511afdb-726e-4458-90e7-1ecb97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{0afd55c8-adf8-4a33-a6e1-dedb7a36aeb4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{df84e609-c3a4-49cb-a160-61767daf8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{39cb8175-e224-4446-8746-00566302df8d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\domaiq
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3CABF988-1FE2-420A-B03D-20092295B650}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
~~~ Files
Successfully deleted: [File] "C:\Users\Tobias Rossmann\desktop\optimizer pro.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\browserdefender"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\delta"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\optimizer pro"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\AppData\Roaming\webcake"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Tobias Rossmann\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\delta"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files\webcake"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\Tobias Rossmann\appdata\local\{195FA8DB-7AD9-07B3-62C6-37234284098A}
~~~ FireFox
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\user.js
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\delta.xml
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\winamptoolbardata
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\extensions\ffxtlbr@delta.com
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\extensions\staged
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Successfully deleted the following from C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\prefs.js
user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2269050.CTID", "CT2269050");
user_pref("CT2269050.CurrentServerDate", "6-10-2010");
user_pref("CT2269050.DialogsAlignMode", "LTR");
user_pref("CT2269050.DownloadReferralCookieData", "");
user_pref("CT2269050.EMailNotifierPollDate", "Wed Oct 06 2010 19:49:51 GMT+0200");
user_pref("CT2269050.ExternalComponentPollDate8877840225553681985", "Fri Sep 24 2010 13:08:02 GMT+0200");
user_pref("CT2269050.FirstServerDate", "24-9-2010");
user_pref("CT2269050.FirstTime", true);
user_pref("CT2269050.FirstTimeFF3", true);
user_pref("CT2269050.FirstTimeSettingsDone", true);
user_pref("CT2269050.FixPageNotFoundErrors", true);
user_pref("CT2269050.GroupingServerCheckInterval", 1440);
user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2269050.Initialize", true);
user_pref("CT2269050.InitializeCommonPrefs", true);
user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
user_pref("CT2269050.InstalledDate", "Sun Jan 17 2010 12:32:49 GMT+0100");
user_pref("CT2269050.InvalidateCache", false);
user_pref("CT2269050.IsGrouping", false);
user_pref("CT2269050.IsMulticommunity", false);
user_pref("CT2269050.IsOpenThankYouPage", false);
user_pref("CT2269050.IsOpenUninstallPage", false);
user_pref("CT2269050.LanguagePackLastCheckTime", "Wed Oct 06 2010 19:44:55 GMT+0200");
user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2269050.LastLogin_2.4.0.4", "Sun Mar 14 2010 13:38:50 GMT+0100");
user_pref("CT2269050.LastLogin_2.7.2.0", "Wed Oct 06 2010 19:44:51 GMT+0200");
user_pref("CT2269050.LatestVersion", "2.7.2.0");
user_pref("CT2269050.Locale", "en");
user_pref("CT2269050.LoginCache", 4);
user_pref("CT2269050.MCDetectTooltipHeight", "83");
user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2269050.MCDetectTooltipWidth", "295");
user_pref("CT2269050.RadioIsPodcast", false);
user_pref("CT2269050.RadioLastCheckTime", "Wed Oct 06 2010 19:44:51 GMT+0200");
user_pref("CT2269050.RadioLastUpdateIPServer", "3");
user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
user_pref("CT2269050.RadioMediaID", "12473383");
user_pref("CT2269050.RadioMediaType", "Media Player");
user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
user_pref("CT2269050.RadioStationName", "Hotmix%20108");
user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
user_pref("CT2269050.SHRINK_TOOLBAR", 1);
user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2269050.SearchFromAddressBarIsInit", true);
user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=");
user_pref("CT2269050.SearchInNewTabEnabled", true);
user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
user_pref("CT2269050.SearchInNewTabLastCheckTime", "Wed Oct 06 2010 19:44:51 GMT+0200");
user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SettingsCheckIntervalMin", 120);
user_pref("CT2269050.SettingsLastCheckTime", "Wed Oct 06 2010 19:44:50 GMT+0200");
user_pref("CT2269050.SettingsLastUpdate", "1285583098");
user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Sep 24 2010 13:08:02 GMT+0200");
user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1267632738");
user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
user_pref("CT2269050.UserID", "UN83714726142160359");
user_pref("CT2269050.ValidationData_Search", 1);
user_pref("CT2269050.ValidationData_Toolbar", 2);
user_pref("CT2269050.WeatherNetwork", "");
user_pref("CT2269050.WeatherPollDate", "Wed Oct 06 2010 19:44:52 GMT+0200");
user_pref("CT2269050.WeatherUnit", "C");
user_pref("CT2269050.alertChannelId", "666138");
user_pref("CT2269050.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
user_pref("CT2269050.clientLogIsEnabled", true);
user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2269050.myStuffEnabled", true);
user_pref("CT2269050.myStuffPublihserMinWidth", 400);
user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampab&query=");
user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Oct 06 2010 19:44:51 GMT+0200");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932");
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "Delta Search");
user_pref("browser.search.selectedEngine", "Delta Search");
user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932");
user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.bbDpng", "12");
user_pref("extensions.delta.cntry", "DE");
user_pref("extensions.delta.dfltLng", "de");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.hdrMd5", "6C1B284AD4B5DD4003CAAC7FE0F941A3");
user_pref("extensions.delta.id", "6c6e06ca0000000000000024541aa6c3");
user_pref("extensions.delta.instlDay", "15889");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.lastVrsnTs", "1.8.21.518:43:25");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.sg", "azb");
user_pref("extensions.delta.smplGrp", "azb");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.518:43:25");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=120521&tsp=4932");
user_pref("extensions.delta_i.srcExt", "ss");
user_pref("extensions.newAddons", "plugin@getwebcake.com,ffxtlbr@delta.com");
user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=3b5b11f5-155c-4a6f-b77f-3f31c9e22758&apn_ptnrs=%5EABT&apn
user_pref("winamp_toolbar.search.searchtype", "web");
Emptied folder: C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\minidumps [2 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\appdata\local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Folder] C:\Users\Tobias Rossmann\appdata\local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2013 at 11:39:21,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hier die Datei AdwCleaner[S1].txt
AdwCleaner Logfile: Code:
# AdwCleaner v2.306 - Datei am 28/07/2013 um 11:41:47 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tobias Rossmann - TOBIASROSSMANN
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias Rossmann\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : WebCake Desktop Updater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-10.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-7.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-8.xml
Datei Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\searchplugins\icqplugin-9.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\Conduit
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\CT2269050
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
Ordner Gelöscht : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\extensions\plugin@getwebcake.com
Ordner Gelöscht : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\5d55d88cb43abf10
Schlüssel Gelöscht : HKCU\Software\a6efa49133e92ad0
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\5d55d88cb43abf10
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D0E499F53381f84992C7A212CF1D8F5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v12.0 (de)
Datei : C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\prefs.js
Gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr@delta.com:1.5.0,plugin@getwebcake.com:1.00.01,{195A30[...]
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", false);
Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
Gelöscht : user_pref("icqtoolbar.history", "youtube%20spielt%20nicht%20ab||youtube||viva%20kibera||trucks%20ven[...]
Gelöscht : user_pref("icqtoolbar.installsource", "1");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.6.26");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uniqueID", "126341074112634107351263411779122");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1372252489);
Gelöscht : user_pref("icqtoolbar.version", "1.1.5");
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
Gelöscht : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Gelöscht : user_pref("winamp_toolbar.firsttime.showwindow", false);
Gelöscht : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampdate", "26");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampmonth", "5");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampyear", "2013");
Gelöscht : user_pref("winamp_toolbar.metrics.originalDate", "16");
Gelöscht : user_pref("winamp_toolbar.metrics.originalHours", "16");
Gelöscht : user_pref("winamp_toolbar.metrics.originalMinutes", "20");
Gelöscht : user_pref("winamp_toolbar.metrics.originalMonth", "1");
Gelöscht : user_pref("winamp_toolbar.metrics.originalSeconds", "1");
Gelöscht : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Gelöscht : user_pref("winamp_toolbar.search.populateoncomplete", false);
Gelöscht : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Gelöscht : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Gelöscht : user_pref("winamp_toolbar.upgrade.showwindow", false);
Gelöscht : user_pref("winamp_toolbar.winamp.appversion", "-1");
Gelöscht : user_pref("winamp_toolbar.winamp.artist", "");
Gelöscht : user_pref("winamp_toolbar.winamp.title", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.volume", "0");
-\\ Google Chrome v28.0.1500.72
Datei : C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.27] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Gelöscht [l.30] : keyword = "babylon.com",
Gelöscht [l.34] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=6C6E002454[...]
Gelöscht [l.1984] : homepage = "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=6C6E0024541AA6C3&affID=120521&t[...]
Gelöscht [l.2541] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=6C6E0024[...]
*************************
AdwCleaner[S1].txt - [13733 octets] - [28/07/2013 11:41:47]
########## EOF - C:\AdwCleaner[S1].txt - [13794 octets] ########## --- --- ---
[/CODE]
Und zum Schluss die Dateien von OTL :daumenhoc
OTL Logfile: Code:
OTL logfile created on: 7/28/2013 11:56:39 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias Rossmann\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 48.27% Memory free
5.93 Gb Paging File | 4.26 Gb Available in Paging File | 71.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 21.00 Gb Free Space | 14.84% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 136.43 Gb Free Space | 96.42% Space Free | Partition Type: NTFS
Computer Name: TOBIASROSSMANN | User Name: Tobias Rossmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tobias Rossmann\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\System32\consent.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
PRC - C:\Windows\System32\lkads.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)
PRC - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)
PRC - C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe ()
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Windows\System32\PrintIsolationHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Rezip.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\28.0.1500.72\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\28.0.1500.72\libegl.dll ()
MOD - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Error Reporting\niwsrp.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3531.38598__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3531.38481__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3531.38538__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3531.38551__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3531.38490__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3531.38533__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3531.38571__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3531.38569__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3531.38490__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3531.38595__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3531.38526__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3531.38502__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3531.38546__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3531.38532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3531.38506__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3531.38505__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3531.38520__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3531.38531__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3531.38593__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3531.38575__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3531.38478__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3531.38565__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3531.38563__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3531.38559__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3531.38480__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3531.38479__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3531.38486__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3531.38565__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3531.38477__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3531.38478__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
========== Services (SafeList) ==========
SRV - (ENI Server) -- C:\Users\Tobias Rossmann\Desktop\CoDeSys\CoDeSys ENI Server\ENI.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (mxssvr) -- C:\Users\Tobias Rossmann\Desktop\Studium\MAX\nimxs.exe (National Instruments Corporation)
SRV - (NITaggerService) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Tagger\tagsrv.exe (National Instruments Corporation)
SRV - (NIDomainService) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Security\nidmsrv.exe (National Instruments Corporation)
SRV - (lkTimeSync) -- C:\Windows\System32\lktsrv.exe (National Instruments Corporation)
SRV - (lkClassAds) -- C:\Windows\System32\lkads.exe (National Instruments Corporation)
SRV - (NINetworkDiscovery) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation)
SRV - (nimDNSResponder) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)
SRV - (niSvcLoc) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)
SRV - (NIApplicationWebServer) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)
SRV - (LkCitadelServer) -- C:\Windows\System32\lkcitdl.exe (National Instruments, Inc.)
SRV - (NILM License Manager) -- C:\Users\Tobias Rossmann\Desktop\Studium\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)
SRV - (niLXIDiscovery) -- C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)
SRV - (GPVPNService) -- C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe ()
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\Users\TOBIAS~1\AppData\Local\Temp\catchme.sys File not found
DRV - (AgereSoftModem) -- system32\DRIVERS\AGRSM.sys File not found
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nipalfwedl) -- C:\Windows\System32\drivers\nipalfwedl.sys (National Instruments Corporation)
DRV - (nipalusbedl) -- C:\Windows\System32\drivers\nipalusbedl.sys (National Instruments Corporation)
DRV - (NIPALK) -- C:\Windows\System32\drivers\nipalk.sys (National Instruments Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NiViPxiK) -- C:\Windows\System32\drivers\NiViPxiKl.sys (National Instruments Corporation)
DRV - (NiViPciK) -- C:\Windows\System32\drivers\NiViPciKl.sys (National Instruments Corporation)
DRV - (nidimk) -- C:\Windows\System32\drivers\nidimkl.sys (National Instruments Corporation)
DRV - (nipbcfk) -- C:\Windows\System32\drivers\nipbcfk.sys (National Instruments Corporation)
DRV - (VSPerfDrv100) -- C:\Users\Tobias Rossmann\Desktop\Studium\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (VMC326) -- C:\Windows\System32\drivers\VMC326.sys (Vimicro Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (niorbk) -- C:\Windows\System32\drivers\niorbkl.sys (National Instruments Corporation)
DRV - (cvintdrv) -- C:\windows\System32\drivers\cvintdrv.sys ()
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: ffxtlbr@delta.com:1.5.0
FF - prefs.js..extensions.enabledItems: plugin@getwebcake.com:1.00.01
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/06 15:00:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/06 15:00:01 | 000,000,000 | ---D | M]
[2010/01/13 21:25:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Extensions
[2013/07/28 11:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions
[2011/07/31 15:07:44 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\Firefox\Profiles\eb85k963.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/10/29 17:59:51 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-11.xml
[2010/12/19 13:00:24 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-12.xml
[2011/03/03 23:36:13 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-13.xml
[2011/03/06 10:36:03 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-14.xml
[2011/03/26 18:10:40 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-15.xml
[2011/05/11 14:44:52 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-16.xml
[2011/06/25 09:13:41 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-17.xml
[2011/08/21 11:15:24 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-18.xml
[2011/09/02 21:54:16 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-19.xml
[2011/09/08 12:59:36 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-20.xml
[2011/10/19 13:47:37 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-21.xml
[2011/11/26 19:44:49 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-22.xml
[2012/01/02 22:00:44 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-23.xml
[2012/06/02 16:50:56 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-24.xml
[2013/03/07 14:33:20 | 000,000,950 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\icqplugin-25.xml
[2010/01/16 21:20:03 | 000,001,201 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Roaming\mozilla\firefox\profiles\eb85k963.default\searchplugins\winamp-search.xml
[2013/07/06 15:00:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/13 21:42:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\USERS\TOBIAS ROSSMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EB85K963.DEFAULT\EXTENSIONS\FFXTLBR@DELTA.COM
File not found (No name found) -- C:\USERS\TOBIAS ROSSMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EB85K963.DEFAULT\EXTENSIONS\PLUGIN@GETWEBCAKE.COM
[2013/07/06 15:00:01 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/05 10:28:17 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/05/24 20:39:14 | 000,059,936 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\npIMAQAXControl.dll
[2011/06/09 19:05:10 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2010win32.dll
[2011/06/22 12:43:54 | 000,026,112 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv2011win32.dll
[2009/10/22 10:28:40 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\NPLV82Win32.dll
[2008/12/10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv86win32.dll
[2010/10/19 19:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\mozilla firefox\plugins\nplv90win32.dll
[2013/07/06 14:59:58 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/07/06 14:59:58 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/07/06 14:59:58 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013/07/06 14:59:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/07/06 14:59:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/07/06 14:59:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Babylon (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=6C6E0024541AA6C3&affID=120521&tsp=4932
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: National Instruments IMAQ 1.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npIMAQAXControl.dll
CHR - plugin: National Instruments LabVIEW 2010 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll
CHR - plugin: National Instruments LabVIEW 2011 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv2011win32.dll
CHR - plugin: National Instruments LabVIEW 8.2 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll
CHR - plugin: National Instruments LabVIEW 8.6 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll
CHR - plugin: National Instruments LabVIEW 9.0 Netscape Plug-in for Windows (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
O1 HOSTS File: ([2013/07/08 18:18:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Users\Tobias Rossmann\Desktop\Studium\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NI Update Service] C:\Users\Tobias Rossmann\Desktop\Studium\Shared\Update Service\NIUpdateService.exe (National Instruments)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000..\Run: [NIRegistrationWizard] C:\Users\Tobias Rossmann\Desktop\Studium\Shared\RegistrationWizard\Bin\RegistrationWizard.exe ()
O4 - Startup: C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1016556084-3091970497-507946437-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Users\Tobias Rossmann\Desktop\Studium\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.220.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B342B67-2DD7-4797-98B9-04CEF99E0D86}: DhcpNameServer = 192.168.220.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/07/28 11:36:18 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/07/27 15:09:23 | 000,050,968 | ---- | C] (cake bake) -- C:\Program Files\WCDesktop.Updater.exe
[2013/07/27 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Roaming\Web Cake
[2013/07/27 10:12:17 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\Desktop\Benediktenwand2013
[2013/07/24 15:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/07/24 15:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/17 09:49:44 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/07/12 18:39:55 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\Desktop\malwarebytes
[2013/07/11 13:37:45 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/07/11 13:37:43 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/07/11 13:37:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/07/11 13:37:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/07/11 13:37:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/07/11 13:37:40 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/07/11 13:37:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/07/11 13:37:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/07/11 13:37:39 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/07/11 13:37:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/07/10 19:27:52 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2013/07/10 19:27:47 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2013/07/10 19:27:46 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qedit.dll
[2013/07/10 19:27:45 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/07/08 18:30:54 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/07/08 18:21:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/08 17:59:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/07/08 17:59:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/07/08 17:59:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/07/08 17:55:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/08 17:55:01 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/06 15:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/07/06 15:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/07/04 01:25:14 | 000,000,000 | ---D | C] -- C:\FRST
[2013/07/04 00:22:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/03 18:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013/07/03 18:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zipper
[2013/07/03 18:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Tuguu SL
[2013/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\Users\Tobias Rossmann\AppData\Local\Programs
[2 C:\Users\Tobias Rossmann\Desktop\*.tmp files -> C:\Users\Tobias Rossmann\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/07/28 11:58:11 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/28 11:58:11 | 000,015,056 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/28 11:53:33 | 000,000,702 | ---- | M] () -- C:\windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013/07/28 11:48:50 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/28 11:47:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/28 11:47:41 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/28 11:34:22 | 000,001,152 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Continue Image Editor Installation.lnk
[2013/07/28 11:13:00 | 000,001,116 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/28 11:08:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/07/27 15:09:22 | 000,050,968 | ---- | M] (cake bake) -- C:\Program Files\WCDesktop.Updater.exe
[2013/07/27 10:14:05 | 000,763,254 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/07/27 10:14:05 | 000,718,532 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/07/27 10:14:05 | 000,173,608 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/07/27 10:14:05 | 000,146,554 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/07/21 10:24:54 | 000,024,376 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Sebastião Salgado 07.jpg
[2013/07/15 10:33:45 | 005,765,722 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Pilze.JPG
[2013/07/11 15:22:46 | 000,447,304 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/07/09 17:48:26 | 000,064,477 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Werner.jpg
[2013/07/08 18:18:24 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/07/03 18:46:38 | 000,001,144 | ---- | M] () -- C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk
[2013/07/03 18:46:07 | 000,001,966 | ---- | M] () -- C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel
[2 C:\Users\Tobias Rossmann\Desktop\*.tmp files -> C:\Users\Tobias Rossmann\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/07/28 11:34:22 | 000,001,152 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Continue Image Editor Installation.lnk
[2013/07/21 10:24:53 | 000,024,376 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Sebastião Salgado 07.jpg
[2013/07/15 10:33:45 | 005,765,722 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Pilze.JPG
[2013/07/09 17:48:26 | 000,064,477 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Werner.jpg
[2013/07/08 17:59:25 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/07/08 17:59:25 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/07/08 17:59:25 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/07/08 17:59:25 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/07/08 17:59:25 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/07/06 15:00:06 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/03 18:46:38 | 000,001,144 | ---- | C] () -- C:\Users\Tobias Rossmann\Desktop\Continue Zip Opener Installation.lnk
[2013/07/03 18:46:07 | 000,001,966 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\recently-used.xbel
[2013/03/20 21:38:11 | 000,075,264 | ---- | C] () -- C:\windows\System32\callrproxy.dll
[2011/11/16 15:22:04 | 000,003,843 | ---- | C] () -- C:\windows\scad3.INI
[2011/07/13 04:40:57 | 000,000,000 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\{F0D212F8-ABBE-4CF2-B8CE-0F99522FBD83}
[2011/07/13 01:40:42 | 000,000,000 | ---- | C] () -- C:\Users\Tobias Rossmann\AppData\Local\{FE9F1CF2-22C6-49B6-87E6-39CD9422313F}
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- ---
[/CODE] |