Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Versteckte Treiber - Speicherveränderung - OTL Report

Versteckte Treiber - Speicherveränderung - OTL Report


Log-Analyse und Auswertung: Versteckte Treiber - Speicherveränderung - OTL Report

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 11.05.2014, 23:45   #1
tett
 
Versteckte Treiber - Speicherveränderung - OTL Report - Standard

Versteckte Treiber - Speicherveränderung - OTL Report


Hallo.

ich habe von antivir free immer diverse versteckte Objekte und einen versteckten Treiber nach einem Scan angezeigt bekommen. Meine Recherche ergab, dass in vielen Beiträgen gesagt wurde, das läge an Programmen wie CloneDrive etc. oder sogar an Windows selbst. Ich habe alle genannten möglichen "Bösewichter" deinstalliert, aber die versteckten Objekte/Treiber wurden immer noch angezeigt. Malwarebytes und Spybot haben nichts gefunden. Es ließ mir jedoch keine Ruhe, die Ursache herauszufinden. Also Antivir gelöscht und bitdefender scannen lassen, Ergebnis - keine Funde. Wem soll ich denn nun trauen? Also habe ich nach Lesen dieser Anleitung von Euch --> (http://www.trojaner-board.de/127353-...itycenter.html) <-- den defogger, aswMBR.exe und den TDSS-Killer prüfen lassen, Ergebnis - keine Befunde. Ist also Antivir zu "blöd" oder zu gut??? Daher habe ich dann einen OTL-Scan gemacht und würde mich freuen, wenn ich diesen hier bewerten lassen könnte, DANKE!
Tett
============================================================OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.05.2014 00:05:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Daten\Programme\Defogger
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 3,43 Gb Available Physical Memory | 43,44% Memory free
15,79 Gb Paging File | 12,00 Gb Available in Paging File | 75,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 35,04 Gb Free Space | 29,39% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 7,12 Gb Free Space | 36,47% Space Free | Partition Type: NTFS
Drive E: | 679,00 Gb Total Space | 415,96 Gb Free Space | 61,26% Space Free | Partition Type: NTFS
 
Computer Name: XPS17-SSD | User Name: Ralf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014.05.11 23:58:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Daten\Programme\Defogger\OTL.exe
PRC - [2014.05.11 23:20:43 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.03.19 00:04:16 | 000,614,232 | ---- | M] (Bitdefender) -- C:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.06.19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013.06.19 22:41:38 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013.06.18 03:34:34 | 000,054,160 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2012.12.21 14:48:10 | 000,699,680 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2011.11.04 05:19:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.11.03 13:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.10.18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011.10.18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.10.18 11:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011.09.16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.09.16 08:32:54 | 001,869,192 | ---- | M] (IBM Corp) -- C:\Program Files (x86)\IBM\Lotus\Notes\nlnotes.exe
PRC - [2011.09.16 08:31:34 | 000,189,832 | ---- | M] (IBM Corp) -- C:\Program Files (x86)\IBM\Lotus\Notes\SUService.exe
PRC - [2011.09.16 08:28:56 | 000,016,776 | ---- | M] (IBM Corp) -- C:\Program Files (x86)\IBM\Lotus\Notes\ntaskldr.EXE
PRC - [2011.09.16 08:28:26 | 004,453,768 | ---- | M] (IBM) -- C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
PRC - [2011.01.12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.12 18:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.05.21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.05.11 23:20:43 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.03.15 00:05:14 | 000,204,280 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender\antispam32\txmlutil.dll
MOD - [2014.02.18 14:14:22 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a99f3a56bbedaa90734d2132d00016ec\IAStorUtil.ni.dll
MOD - [2014.02.18 14:14:22 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\921a4977671bce1f2f553e9adcdb06ee\IAStorCommon.ni.dll
MOD - [2014.02.18 12:10:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.18 12:10:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.18 12:10:12 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.18 12:10:03 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.02.18 12:10:00 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.18 12:09:57 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.18 12:09:56 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.18 12:09:52 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2011.11.03 13:23:54 | 000,266,560 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011.10.10 17:32:32 | 000,122,925 | ---- | M] () -- C:\Program Files (x86)\IBM\Lotus\Notes\mui\de\nimuires.dll.mui
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014.03.24 19:39:27 | 001,523,728 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe -- (VSSERV)
SRV:64bit: - [2014.03.06 10:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.07 11:33:30 | 000,067,320 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2010.04.14 15:56:23 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)
SRV:64bit: - [2010.04.14 15:56:13 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2014.05.11 23:21:31 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.11 23:20:43 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.11.21 18:41:50 | 000,077,632 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2013.06.19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013.06.18 03:34:34 | 000,054,160 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013.06.13 21:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2013.04.08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.12.21 14:48:10 | 000,699,680 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 8.0 OnlineUpdate)
SRV - [2011.11.04 05:19:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.11.03 13:24:06 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.11.01 13:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.11.01 13:25:42 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.11.01 13:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.10.20 18:33:22 | 000,135,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2011.10.19 14:25:00 | 000,661,504 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.10.18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.10.18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.10.18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.09.16 08:31:34 | 000,189,832 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files (x86)\IBM\Lotus\Notes\SUService.exe -- (LNSUSvc)
SRV - [2011.09.16 08:28:26 | 004,453,768 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe -- (Lotus Notes Diagnostics)
SRV - [2011.01.12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.08.19 17:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Programme\Cyberlink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2010.04.14 15:56:13 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2010.04.14 15:56:01 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxebcoms.exe -- (lxeb_device)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.21 08:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.12.18 18:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.12.02 11:58:48 | 000,635,392 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013.12.02 11:56:50 | 000,893,440 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013.11.04 15:47:36 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013.08.23 12:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013.08.07 12:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013.07.24 17:02:55 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2013.06.13 16:34:16 | 000,451,096 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2013.05.23 08:12:56 | 000,040,728 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2013.05.23 08:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013.05.23 08:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013.03.04 14:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2013.02.18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.11.02 13:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012.09.20 15:18:34 | 000,632,616 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2012.09.20 15:18:34 | 000,025,000 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV:64bit: - [2012.07.12 23:28:21 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.11.15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.11.04 05:19:00 | 000,249,152 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2011.11.04 05:19:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.10.31 15:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.10.19 14:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.10.19 14:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.09.13 16:14:44 | 000,212,992 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.09.13 16:14:42 | 000,095,744 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.08.29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.08.25 21:09:20 | 000,390,704 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.08.23 21:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.07.19 14:39:56 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.05.19 01:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011.05.17 09:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.05.17 09:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2011.01.12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.13 09:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.07.02 03:46:56 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.07.02 13:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys -- (bdfwfpf_pc)
DRV - [2013.02.22 18:46:52 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2011.11.14 19:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B45d8ff86-d909-11db-9705-005056c00008%7D:1.2.0
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.5.1
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.54
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.23
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Ralf\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\BDTBEXT [2014.03.27 19:25:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.10.19 12:19:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014.01.09 13:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffpwdman@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [2014.03.27 19:26:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.05.11 23:20:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014.03.27 19:25:33 | 000,000,000 | ---D | M]
 
[2012.05.07 23:34:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\Extensions
[2014.05.10 15:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\Firefox\Profiles\e1ioerkw.default-1390571404132\extensions
[2014.05.04 07:59:45 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Ralf\AppData\Roaming\mozilla\Firefox\Profiles\e1ioerkw.default-1390571404132\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2014.05.02 07:56:19 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Ralf\AppData\Roaming\mozilla\Firefox\Profiles\e1ioerkw.default-1390571404132\extensions\https-everywhere@eff.org
[2014.05.10 15:18:56 | 000,011,641 | ---- | M] () (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\firefox\profiles\e1ioerkw.default-1390571404132\extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi
[2014.04.24 22:54:15 | 000,061,649 | ---- | M] () (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\firefox\profiles\e1ioerkw.default-1390571404132\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2014.05.10 09:16:51 | 000,538,139 | ---- | M] () (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\firefox\profiles\e1ioerkw.default-1390571404132\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.05.01 11:39:22 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Ralf\AppData\Roaming\mozilla\firefox\profiles\e1ioerkw.default-1390571404132\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.05.11 23:20:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.05.11 23:20:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: phonostar Detector (Enabled) = C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
CHR - Extension: Google Drive = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Adblock Plus = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: Google-Suche = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: Gmail offline = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Google Wallet = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Mail = C:\Users\Ralf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bitdefender-Geldbörse) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Bitdefender-Geldbörse) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Logitech SetPointp] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Bitdefender-Geldbörse] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender-Geldbörse-Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKCU..\Run: [KeePass Password Safe 2] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 11.5.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 11.5.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB357461-BF1A-4CD8-84C3-AADC48F2BD2B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.04.30 23:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{946b192f-96c5-11e1-b05f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{946b192f-96c5-11e1-b05f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.05.11 23:56:47 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Roaming\smkits
[2014.05.11 23:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.05.11 19:36:58 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2014.05.11 19:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
[2014.05.11 19:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014.05.11 19:27:40 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2014.05.11 19:27:40 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2014.05.11 19:27:40 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2014.05.11 19:27:40 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\Windows\SysWow64\bdsandboxuiskin32.dll
[2014.05.11 19:27:39 | 000,893,440 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014.05.11 19:27:39 | 000,635,392 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014.05.11 19:27:39 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014.05.11 19:25:14 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Roaming\Bitdefender
[2014.05.11 19:24:32 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2014.05.11 19:24:32 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\BDSandBoxUISkin.dll
[2014.05.11 19:24:32 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\bdsandboxuiskin32.dll
[2014.05.11 19:24:32 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\BDSandBoxUH.dll
[2014.05.11 19:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2014.05.11 19:24:31 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2014.05.11 19:24:31 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014.05.11 19:23:52 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Roaming\QuickScan
[2014.05.11 16:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014.05.10 17:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2014.05.10 17:54:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2014.05.10 13:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.05.10 13:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.05.04 15:41:27 | 000,000,000 | ---D | C] -- C:\Users\Ralf\Desktop\!Udis-HH
[2014.05.02 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Ralf\Desktop\HH
[2014.05.01 18:52:16 | 000,000,000 | ---D | C] -- C:\Users\Ralf\Desktop\Udis Recherche
[2014.04.22 10:50:53 | 000,000,000 | -HSD | C] -- C:\Users\Ralf\AppData\Local\EmieUserList
[2014.04.22 10:50:53 | 000,000,000 | -HSD | C] -- C:\Users\Ralf\AppData\Local\EmieSiteList
[2014.04.22 03:01:40 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Roaming\Wireshark
[2014.04.22 02:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014.04.21 14:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Local\KeePass
[2014.04.21 12:27:43 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Roaming\KeePass
[2014.04.21 12:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeePass Password Safe 2
[2014.04.17 15:55:18 | 000,000,000 | ---D | C] -- C:\Users\Ralf\Desktop\UDIS
[2014.04.16 08:55:38 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.04.16 08:55:37 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.04.16 08:55:36 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.04.16 08:55:34 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.04.16 08:55:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.04.16 08:55:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.04.16 08:55:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.04.16 08:55:33 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.04.16 08:55:33 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.04.16 08:55:33 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.04.16 08:55:33 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.04.16 08:55:32 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.04.16 08:55:32 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.04.16 08:55:32 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.04.16 08:55:32 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.04.16 08:55:32 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.04.16 08:55:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.04.16 08:55:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.04.16 08:55:32 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.04.16 08:55:30 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.04.16 08:55:30 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.04.16 08:55:30 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.04.16 08:55:30 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.04.16 08:55:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.04.16 08:55:30 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.04.16 08:55:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.04.16 08:55:29 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.04.16 08:55:28 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.04.16 08:55:27 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.04.14 22:32:57 | 000,000,000 | ---D | C] -- C:\Users\Ralf\Desktop\konzept
[2014.04.14 08:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2014.04.14 08:19:06 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Local\Citrix
[2014.04.12 21:44:40 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Local\Garmin
[2014.04.12 21:44:38 | 000,000,000 | ---D | C] -- C:\Users\Ralf\AppData\Local\GARMIN_Corp
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.05.11 23:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.11 23:31:00 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2292069608-270782581-2939998704-1000.job
[2014.05.11 23:21:31 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.11 23:21:31 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.11 23:16:25 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.11 22:12:27 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.11 22:11:43 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.11 22:11:43 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.11 22:08:44 | 001,557,784 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.11 22:08:44 | 000,677,036 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.05.11 22:08:44 | 000,634,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.11 22:08:44 | 000,140,176 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.05.11 22:08:44 | 000,113,966 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.11 22:04:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.11 22:04:20 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.11 21:51:23 | 000,000,020 | ---- | M] () -- C:\Users\Ralf\defogger_reenable
[2014.05.11 20:07:45 | 000,000,686 | -H-- | M] () -- C:\bdr-cf01
[2014.05.11 19:36:58 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2014.05.11 19:36:57 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\Windows\SysNative\bdsandboxuiskin32.dll
[2014.05.11 19:28:52 | 000,510,070 | ---- | M] () -- C:\ProgramData\1399829032.bdinstall.bin
[2014.05.11 19:28:12 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2014.05.11 19:27:48 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2014.05.11 19:27:48 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2014.05.11 19:27:44 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2014.05.11 19:27:44 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
[2014.05.11 19:27:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014.05.11 19:21:15 | 000,002,021 | ---- | M] () -- C:\Windows\wininit.ini
[2014.05.10 17:54:47 | 000,001,257 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2014.05.10 13:34:32 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.05.10 13:34:32 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.05.10 13:34:32 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.05.10 13:34:32 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.05.10 12:37:26 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2014.05.10 08:17:11 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2014.05.10 08:17:11 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2014.05.10 08:17:11 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2014.04.30 16:37:13 | 000,000,910 | ---- | M] () -- C:\Windows\wiso.ini
[2014.04.29 07:25:01 | 000,163,199 | ---- | M] () -- C:\Users\Ralf\Desktop\Monterra-Montana-Vergleich.pdf
[2014.04.24 08:29:06 | 000,001,191 | ---- | M] () -- C:\Users\Ralf\Desktop\BaseCamp.lnk
[2014.04.22 02:59:19 | 000,001,565 | ---- | M] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2014.04.21 12:27:11 | 000,001,112 | ---- | M] () -- C:\Users\Ralf\Desktop\KeePass 2.lnk
[2014.04.13 00:26:45 | 000,007,604 | ---- | M] () -- C:\Users\Ralf\AppData\Local\Resmon.ResmonCfg
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.05.11 21:51:23 | 000,000,020 | ---- | C] () -- C:\Users\Ralf\defogger_reenable
[2014.05.11 19:28:52 | 000,510,070 | ---- | C] () -- C:\ProgramData\1399829032.bdinstall.bin
[2014.05.11 19:28:12 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2014.05.11 19:27:48 | 000,000,686 | -H-- | C] () -- C:\bdr-cf01
[2014.05.11 19:27:44 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2014.05.11 19:27:44 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security.lnk
[2014.05.11 19:27:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014.05.11 19:25:11 | 003,271,472 | -H-- | C] () -- C:\bdr-bz01
[2014.05.11 19:25:11 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2014.05.11 19:25:10 | 046,879,860 | -H-- | C] () -- C:\bdr-im01.gz
[2014.05.11 19:25:10 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2014.05.10 17:54:47 | 000,001,257 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2014.04.24 08:29:06 | 000,001,191 | ---- | C] () -- C:\Users\Ralf\Desktop\BaseCamp.lnk
[2014.04.21 12:27:11 | 000,001,112 | ---- | C] () -- C:\Users\Ralf\Desktop\KeePass 2.lnk
[2014.04.14 08:19:16 | 000,000,536 | ---- | C] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2292069608-270782581-2939998704-1000.job
[2014.04.13 00:26:45 | 000,007,604 | ---- | C] () -- C:\Users\Ralf\AppData\Local\Resmon.ResmonCfg
[[2014.01.08 04:32:34 | 000,001,680 | ---- | C] () -- C:\Windows\SysWow64\excltmp~.dat
[2014.01.08 04:32:29 | 000,000,124 | ---- | C] () -- C:\Windows\SysWow64\ctlsw.ini
[2014.01.08 04:32:29 | 000,000,041 | ---- | C] () -- C:\Windows\SysWow64\SWCTL.DLL
[2013.11.17 02:32:18 | 000,000,131 | ---- | C] () -- C:\Windows\bfe_prog.ini
[2013.11.16 23:58:29 | 000,000,037 | -HS- | C] () -- C:\Users\Ralf\AppData\Local\70149b02515b3bb20dd492.47983420
[2013.10.10 12:07:14 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.13 18:44:53 | 000,003,584 | ---- | C] () -- C:\Users\Ralf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.27 13:51:59 | 000,002,021 | ---- | C] () -- C:\Windows\wininit.ini
[2013.02.09 22:41:04 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013.02.09 22:41:04 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013.02.09 22:41:04 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013.02.09 22:41:04 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013.02.09 22:41:04 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013.02.09 22:41:04 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013.02.09 22:41:04 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013.02.09 22:41:04 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013.02.09 22:41:04 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013.02.09 22:41:04 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013.02.09 22:41:04 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013.02.09 22:41:04 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013.02.09 22:41:04 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013.02.09 22:41:04 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013.02.09 22:41:04 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013.02.09 22:41:04 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013.02.09 22:41:04 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013.02.09 22:41:04 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013.02.09 22:41:04 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012.12.28 11:59:29 | 000,000,218 | ---- | C] () -- C:\Users\Ralf\.recently-used.xbel
[2012.10.29 11:12:13 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebserv.dll
[2012.10.29 11:12:13 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebusb1.dll
[2012.10.29 11:12:13 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebpmui.dll
[2012.10.29 11:12:13 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebinpa.dll
[2012.10.29 11:12:13 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxebcomx.dll
[2012.10.29 11:12:13 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebiesc.dll
[2012.10.29 11:12:13 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXEBinst.dll
[2012.10.29 11:12:13 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxebins.dll
[2012.10.29 11:12:13 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxebinsb.dll
[2012.10.29 11:12:13 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxebcu.dll
[2012.10.29 11:12:13 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxebinsr.dll
[2012.10.29 11:12:13 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxebcub.dll
[2012.10.29 11:12:13 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxebjswr.dll
[2012.10.29 11:12:13 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxebcur.dll
[2012.10.29 11:12:12 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomc.dll
[2012.10.29 11:12:12 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebhbn3.dll
[2012.10.29 11:12:12 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcoms.exe
[2012.10.29 11:12:12 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeblmpm.dll
[2012.10.29 11:12:12 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcfg.exe
[2012.10.29 11:12:12 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomm.dll
[2012.10.29 11:12:12 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebih.exe
[2012.10.29 11:11:45 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEBsm.dll
[2012.10.29 11:11:45 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEBsmr.dll
[2012.07.13 01:41:41 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.05.07 22:45:57 | 000,054,140 | ---- | C] () -- C:\Users\Ralf\install.xml
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2013.09.13 09:24:14 | 097,443,711 | ---- | M] ()(C:\Windows\SysWow64\???¤) -- C:\Windows\SysWow64\႕⫠轜¤
[2013.09.12 19:07:55 | 097,443,711 | ---- | C] ()(C:\Windows\SysWow64\???¤) -- C:\Windows\SysWow64\႕⫠轜¤

< End of report >
--- --- ---
Geändert von tett (11.05.2014 um 23:55 Uhr)

 

Themen zu Versteckte Treiber - Speicherveränderung - OTL Report
adobe, antivir, bho, bonjour, converter, defender, explorer, firefox, firewall, flash player, format, home, logfile, monitor, mozilla, nodrives, nvidia, nvpciflt.sys, programme, prüfen, realtek, registry, scan, senden, software, starmoney, tracker, usb, versteckte treiber - speicherveränderung - otl report, windows, wscript.exe


« Windows 7: Java/Adobe Malware bei Google Chrome | Windows 7: McAfee durch Gruppenrichtlinie gesperrt. »


Ähnliche Themen: Versteckte Treiber - Speicherveränderung - OTL Report


  1. Eine Speicherveränderung wurde entdeckt, die möglicherweise zur versteckten Dateizugriffen missbraucht werden könnte.
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (19)
  2. Versteckte Treiber gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.04.2013 (55)
  3. Skype Virus und Speicherveränderung
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (9)
  4. Avira AntiVir meldet Speicherveränderung, jedoch keinen Fund eines Schädlings
    Log-Analyse und Auswertung - 08.04.2013 (13)
  5. Wiederholte Avira Warnung: Speicherveränderung entdeckt -> Rescue-System findet "nur" Viren-Signatur in HD-Kopier-Image
    Log-Analyse und Auswertung - 07.12.2012 (17)
  6. Mein GVU-Report
    Log-Analyse und Auswertung - 10.09.2012 (18)
  7. Report Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (13)
  8. Malwarebytes Report
    Log-Analyse und Auswertung - 03.06.2012 (3)
  9. Verschlüsselungstrojaner Report
    Antiviren-, Firewall- und andere Schutzprogramme - 02.05.2012 (1)
  10. Virus ? MasterBootSektor defekt ? Speicherveränderung wurde entdeckt
    Plagegeister aller Art und deren Bekämpfung - 26.12.2011 (28)
  11. Malwarebytes Report
    Plagegeister aller Art und deren Bekämpfung - 26.01.2009 (1)
  12. Antivir-Report
    Log-Analyse und Auswertung - 01.08.2008 (4)
  13. Report bei Antivir9x
    Antiviren-, Firewall- und andere Schutzprogramme - 09.10.2005 (5)
  14. Mein Report
    Log-Analyse und Auswertung - 25.07.2005 (1)
  15. Antivir-Report
    Alles rund um Windows - 24.03.2005 (6)
  16. Report - PC-Sicherheit
    Antiviren-, Firewall- und andere Schutzprogramme - 03.04.2004 (9)
  17. TCMonitor Report
    Plagegeister aller Art und deren Bekämpfung - 24.12.2003 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Versteckte Treiber - Speicherveränderung - OTL Report - Hallo. ich habe von antivir free immer diverse versteckte Objekte und einen versteckten Treiber nach einem Scan angezeigt bekommen. Meine Recherche ergab, dass in vielen Beiträgen gesagt wurde, das läge - Versteckte Treiber - Speicherveränderung - OTL Report...
Archiv
Du betrachtest: Versteckte Treiber - Speicherveränderung - OTL Report auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131