Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TR/Dropper.Gen von meiner externen Festplatte entfernen?

TR/Dropper.Gen von meiner externen Festplatte entfernen?


Log-Analyse und Auswertung: TR/Dropper.Gen von meiner externen Festplatte entfernen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.09.2011, 06:45   #1
Panda Bär
 
TR/Dropper.Gen von meiner externen Festplatte entfernen? - Standard

TR/Dropper.Gen von meiner externen Festplatte entfernen?


Liebe Helfer vom Trojaner-Board,
ich habe auf meiner externen Festplatte Probleme mit einem Trojaner. Gemerkt habe ich dies, als auf einmal ungewöhnliche Verknüpfungen vorhandener Ordner auf der Festplatte angezeigt wurden, aber die Original-Ordner nicht sichtbar waren. Erst nachdem ich in den Ordneroptionen "Alle Dateien und Ordner anzeigen" angeschaltet sowie "Geschützte Systemdateien ausblenden" ausgeschaltet habe, waren meine Dateien wieder sichtbar. Ich habe schließlich mit Avira AntiVir eine Überprüfung durchführen lassen und bin auf die folgenden 5 Dateien gestoßen, die allesamt vom Trojaner "TR/Dropper.Gen" befallen waren:

X:\System Volume Information\_restore{18031C7F-E58C-4A5F-96D6-39BE1721D1F4}\RP24\A0002838.exe'
X:\System Volume Information\_restore{18031C7F-E58C-4A5F-96D6-39BE1721D1F4}\RP24\A0003838.exe'
X:\System Volume Information\_restore{18031C7F-E58C-4A5F-96D6-39BE1721D1F4}\RP24\A0002836.exe'
X:\System Volume Information\_restore{18031C7F-E58C-4A5F-96D6-39BE1721D1F4}\RP24\A0003838.exe'
X:\System Volume Information\_restore{18031C7F-E58C-4A5F-96D6-39BE1721D1F4}\RP24\A0002838.exe'

Ich habe sie in Quarantäne verschieben lassen und dann gelöscht. Hinterher habe ich aber gelesen, dass dies bei diesem Trojaner nicht reichen würde und der allein durch AntiVir nicht zu bewältigen wäre, da er sich immer neu ausbreitet.
Nun wende ich mich an euch um Rat und wäre euch sehr dankbar wenn ihr mir eine Rückmeldung geben könntet, wie ich mit diesem Trojaner umzugehen habe und ob das alleinige Löschen durch AntiVir überhaupt etwas bringt.
Ich bedanke mich im Voraus für eure Mühen!
Anbei hänge ich euch die Logfiles an. Das Scannen mit "Gmer" hat leider nicht funktioniert, da das Programm nach kurzer Zeit stecken geblieben ist und dann ein blauer Bildschirm mit einer Fehlermeldung angezeigt wurde.

Die Fehlermeldung war folgende:

Driver_IRQL_Not_Less_Or_Equal

Stop:0x000000DI (0x0000002C, Ox00000002, 0x00000000, 0x8077D3C4)

nvstor.sys-Address 8077D3C4 base at 80779000, DateStamp 458d543d



Alle Schritte der Anleitung habe ich, wie in der Anleitung beschrieben, befolgt. Der OTL text:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.09.2011 20:14:51 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Targa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,70 Mb Total Physical Memory | 167,64 Mb Available Physical Memory | 16,39% Memory free
2,26 Gb Paging File | 1,25 Gb Available in Paging File | 55,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,79 Gb Total Space | 51,42 Gb Free Space | 37,05% Space Free | Partition Type: NTFS
Drive X: | 465,76 Gb Total Space | 3,56 Gb Free Space | 0,76% Space Free | Partition Type: NTFS
 
Computer Name: TARGA-PC | User Name: Targa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.09.19 19:46:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Targa\Desktop\OTL.exe
PRC - [2011.09.14 11:53:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.07.04 00:13:41 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.07.04 00:13:40 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.05 22:54:38 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 14:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.20 17:42:38 | 001,560,576 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\Ralink\Common\RaUI.exe
PRC - [2009.07.14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\Ralink\Common\RaRegistry.exe
PRC - [2009.04.11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 00:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.19 01:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 01:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 01:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.03.11 23:45:26 | 000,462,848 | ---- | M] () -- C:\Windows\CheckStage2.exe
PRC - [2007.03.01 23:02:24 | 000,078,696 | ---- | M] () -- C:\Programme\MySecurityCenter\Programs\service.exe
PRC - [2006.12.28 20:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.11.28 23:23:10 | 000,036,864 | ---- | M] (Softex Inc.) -- C:\Programme\Softex\OmniPass\OmniServ.exe
PRC - [2006.11.23 23:29:46 | 000,174,592 | ---- | M] (MSI) -- C:\Programme\System Control Manager\MGSysCtrl.exe
PRC - [2006.10.31 07:50:20 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006.10.31 07:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006.10.27 07:57:38 | 002,146,304 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006.10.27 05:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006.10.18 23:42:00 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Windows\System32\o2flash.exe
PRC - [2006.10.04 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.09.28 06:08:46 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006.09.15 14:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe
PRC - [2006.09.13 00:29:46 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006.03.21 20:07:22 | 000,040,960 | ---- | M] () -- C:\Programme\System Control Manager\edd.exe
PRC - [2006.02.06 08:00:20 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006.01.23 08:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.14 11:53:33 | 001,846,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2009.08.20 21:59:58 | 000,860,160 | ---- | M] () -- C:\Programme\Ralink\Common\RaWLAPI.dll
MOD - [2006.11.28 23:26:02 | 000,029,120 | ---- | M] () -- C:\Programme\Softex\OmniPass\hdddrv.dll
MOD - [2006.11.28 23:21:14 | 000,368,640 | ---- | M] () -- C:\Programme\Softex\OmniPass\userdata.dll
MOD - [2006.11.28 23:21:04 | 000,925,696 | ---- | M] () -- C:\Programme\Softex\OmniPass\autheng.dll
MOD - [2006.11.28 23:20:52 | 000,499,712 | ---- | M] () -- C:\Programme\Softex\OmniPass\storeng.dll
MOD - [2006.11.28 23:20:46 | 000,065,536 | ---- | M] () -- C:\Programme\Softex\OmniPass\opfsdll.dll
MOD - [2006.11.28 23:20:42 | 000,016,896 | ---- | M] () -- C:\Programme\Softex\OmniPass\cryptodll.dll
MOD - [2006.11.28 23:20:36 | 000,013,824 | ---- | M] () -- C:\Programme\Softex\OmniPass\SSPLogon.dll
MOD - [2006.11.28 23:05:02 | 002,501,600 | ---- | M] () -- C:\Programme\Softex\OmniPass\sftxtgp.dll
MOD - [2006.11.23 23:09:30 | 000,098,304 | ---- | M] () -- C:\Windows\System32\MGHwCtrl.dll
MOD - [2005.08.25 20:41:14 | 000,010,752 | ---- | M] () -- C:\Programme\System Control Manager\MGKBHook.dll
MOD - [2005.07.22 06:30:20 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
MOD - [2004.10.13 19:18:24 | 000,040,960 | ---- | M] () -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
MOD - [2004.07.06 00:12:00 | 000,290,816 | ---- | M] () -- C:\Programme\System Control Manager\CmSuppX.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.07.04 00:13:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.07.04 00:13:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.07.14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Programme\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2008.01.19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.03.11 23:45:26 | 000,462,848 | ---- | M] () [Auto | Running] -- C:\Windows\CheckStage2.exe -- (CheckStage2_svc)
SRV - [2007.03.01 23:02:24 | 000,078,696 | ---- | M] () [Auto | Running] -- C:\Program Files\MySecurityCenter\Programs\service.exe -- (MySecurityCenter License Service)
SRV - [2006.11.28 23:23:10 | 000,036,864 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Programme\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2006.10.31 07:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006.10.18 23:42:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\o2flash.exe -- (O2Flash)
SRV - [2006.10.04 21:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.03.21 20:07:22 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\System Control Manager\edd.exe -- (NishService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.04 00:13:41 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.04 00:13:41 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.21 11:49:32 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2011.03.31 15:56:28 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.26 19:44:52 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser)
DRV - [2010.04.26 19:44:50 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea)
DRV - [2010.04.26 19:44:36 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm)
DRV - [2009.10.12 15:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.17 17:02:02 | 000,335,872 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2009.05.11 02:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.10 22:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2007.01.12 18:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.12.21 21:28:22 | 012,007,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2006.12.05 01:23:48 | 000,835,328 | ---- | M] (Animation Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVHybrid.sys -- (LVHybrid)
DRV - [2006.11.28 23:06:28 | 000,139,144 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2006.11.20 00:14:08 | 000,038,400 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2006.11.16 22:58:32 | 000,031,360 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2006.11.14 18:23:46 | 000,011,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.11.08 01:29:44 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 02:41:14 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006.11.01 06:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006.10.27 09:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006.10.10 04:33:22 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.10.05 01:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2006.09.20 23:22:42 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TosRfbd.sys -- (tosrfbd)
DRV - [2006.07.02 19:31:26 | 000,009,088 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006.03.15 19:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2005.08.01 01:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.11 03:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005.01.05 22:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 B0 F7 FF 46 56 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.14 11:53:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.26 13:46:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.16 20:17:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011.03.18 14:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Targa\AppData\Roaming\mozilla\Extensions
[2011.03.18 14:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Targa\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.09.18 14:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Targa\AppData\Roaming\mozilla\Firefox\Profiles\6ah79rds.default\extensions
[2010.07.20 10:11:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Targa\AppData\Roaming\mozilla\Firefox\Profiles\6ah79rds.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.17 19:46:30 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Targa\AppData\Roaming\mozilla\Firefox\Profiles\6ah79rds.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2011.06.26 10:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.09.14 11:53:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.11 15:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.09.02 19:52:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.02 19:52:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.02 19:52:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.02 19:52:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.02 19:52:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.02 19:52:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome ==========
 
 
O1 HOSTS File: ([2006.09.18 07:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1031,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Programme\SieMaSoft\Wecker\msdxm.ocx (Microsoft Corporation)
O4 - HKLM..\Run: [AuditVista] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (MSI)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Dvgugx] C:\Users\Targa\AppData\Roaming\Dvgugx.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 196.40.31.66 196.40.31.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{731DE5EB-B77E-4A25-A801-4F0E104B837B}: DhcpNameServer = 196.40.31.66 196.40.31.67
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Programme\SieMaSoft\Wecker\msdxm.ocx (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Targa\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Targa\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{17fe463e-51a0-11e0-9b2c-0019db06db58}\Shell - "" = AutoRun
O33 - MountPoints2\{17fe463e-51a0-11e0-9b2c-0019db06db58}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{17fe464d-51a0-11e0-9b2c-0019db06db58}\Shell - "" = AutoRun
O33 - MountPoints2\{17fe464d-51a0-11e0-9b2c-0019db06db58}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{271cc1bb-7b1b-11e0-be9e-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{271cc1bb-7b1b-11e0-be9e-001617544ae9}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{49cdee29-0931-11d6-8065-00038a000015}\Shell\AutoRun\command - "" = D:\programs\nu2menu\nu2menu.exe
O33 - MountPoints2\{72fc8003-c7e6-11df-98b1-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{72fc8003-c7e6-11df-98b1-001617544ae9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{7be823f6-c4e0-11e0-bc8b-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{7be823f6-c4e0-11e0-bc8b-001617544ae9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{82e02ede-734e-11e0-bef7-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{82e02ede-734e-11e0-bef7-001617544ae9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d3d61049-c1ea-11e0-b9ff-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{d3d61049-c1ea-11e0-b9ff-001617544ae9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ed803c49-5be1-11e0-9e7e-001617544ae9}\Shell - "" = AutoRun
O33 - MountPoints2\{ed803c49-5be1-11e0-9e7e-001617544ae9}\Shell\AutoRun\command - "" = D:\automenu.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AOL Fast Start - hkey= - key= - C:\Program Files\AOL 9.0 VR\AOL.EXE (AOL, LLC.)
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Programme\Common Files\aol\1169638090\ee\aolsoftware.exe (America Online, Inc.)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: OmniPass - hkey= - key= - C:\Programme\Softex\OmniPass\scureapp.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: regist - hkey= - key= - File not found
MsConfig - StartUpReg: setc - hkey= - key= - File not found
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.19 19:45:52 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Targa\Desktop\OTL.exe
[2011.09.18 14:31:21 | 000,000,000 | ---D | C] -- C:\Users\Targa\AppData\Roaming\ProgSense
[2011.09.18 14:31:21 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.09.18 14:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2011.09.18 14:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2011.09.18 14:31:00 | 000,000,000 | ---D | C] -- C:\Users\Targa\AppData\Roaming\Orbit
[2011.09.18 13:56:17 | 000,000,000 | ---D | C] -- C:\Users\Targa\AppData\Local\ApplicationHistory
[2011.09.12 14:43:50 | 000,000,000 | ---D | C] -- C:\Users\Targa\Desktop\Voluntarios Aleman 2010-11
[2011.09.02 15:28:56 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.09.01 23:22:32 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\SSubTmr6.dll
[2011.09.01 23:22:32 | 000,000,000 | ---D | C] -- C:\Users\Targa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wecker für Windows
[2011.09.01 23:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wecker für Windows
[2011.09.01 23:22:31 | 000,739,472 | ---- | C] (Data Dynamics) -- C:\Windows\System32\sg20O.ocx
[2011.09.01 23:22:31 | 000,122,880 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\cbNet.dll
[2011.09.01 23:22:30 | 000,208,896 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\cbPrinter.dll
[2011.09.01 23:22:29 | 000,065,536 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\CBXML.dll
[2011.09.01 23:22:29 | 000,057,344 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\cbSysHTrck.dll
[2011.09.01 23:22:29 | 000,053,248 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\cbvCalendar.dll
[2011.09.01 23:22:29 | 000,040,960 | ---- | C] (Christoph Bünger Software) -- C:\Windows\System32\CBDTPicker.dll
[2011.09.01 23:22:29 | 000,000,000 | ---D | C] -- C:\Users\Targa\AppData\Roaming\cbuenger
[2011.09.01 23:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Wecker6
[2011.09.01 23:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SieMaSoft
[2011.09.01 23:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\SieMaSoft
[2011.08.24 06:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.08.21 10:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2007.01.23 17:15:52 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[2007.01.23 17:15:52 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.19 20:13:33 | 000,013,025 | ---- | M] () -- C:\Users\Targa\AppData\Roaming\nvModes.001
[2011.09.19 20:05:58 | 000,000,144 | ---- | M] () -- C:\Windows\Sierra.ini
[2011.09.19 19:46:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Targa\Desktop\OTL.exe
[2011.09.19 19:42:14 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.19 19:41:50 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.19 19:41:50 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.19 19:41:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.19 19:39:23 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.19 19:36:26 | 000,000,020 | ---- | M] () -- C:\Users\Targa\defogger_reenable
[2011.09.19 19:34:46 | 000,050,477 | ---- | M] () -- C:\Users\Targa\Desktop\Defogger.exe
[2011.09.19 13:30:34 | 000,167,936 | -H-- | M] () -- C:\Users\Targa\AppData\Roaming\Dvgugx.exe
[2011.09.19 08:46:39 | 000,013,025 | ---- | M] () -- C:\Users\Targa\AppData\Roaming\nvModes.dat
[2011.09.18 20:35:00 | 000,022,034 | ---- | M] () -- C:\Users\Targa\Desktop\arbeitszeugnis.odt
[2011.09.18 20:34:55 | 000,022,034 | ---- | M] () -- C:\Users\Targa\Desktop\Unbenannt 1.odt
[2011.09.18 14:31:06 | 000,000,858 | ---- | M] () -- C:\Users\Targa\Desktop\Orbit.lnk
[2011.09.18 13:56:25 | 000,000,093 | ---- | M] () -- C:\Users\Targa\AppData\Local\fusioncache.dat
[2011.09.18 13:38:10 | 000,638,748 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.18 13:38:10 | 000,604,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.18 13:38:10 | 000,130,668 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.18 13:38:10 | 000,107,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.16 21:09:09 | 000,239,104 | ---- | M] () -- C:\Users\Targa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.14 11:39:42 | 000,011,062 | ---- | M] () -- C:\Users\Targa\Desktop\evalseminar.odt
[2011.09.14 08:49:30 | 000,489,393 | ---- | M] () -- C:\Users\Targa\Desktop\FLT_FROH9X11155_0.pdf
[2011.09.02 15:23:48 | 000,376,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.08.26 16:17:12 | 000,028,795 | ---- | M] () -- C:\Users\Targa\Desktop\Unbenannt 2.odt
 
========== Files Created - No Company Name ==========
 
[2011.09.19 19:35:15 | 000,000,020 | ---- | C] () -- C:\Users\Targa\defogger_reenable
[2011.09.19 19:34:26 | 000,050,477 | ---- | C] () -- C:\Users\Targa\Desktop\Defogger.exe
[2011.09.19 13:30:34 | 000,167,936 | -H-- | C] () -- C:\Users\Targa\AppData\Roaming\Dvgugx.exe
[2011.09.18 20:34:58 | 000,022,034 | ---- | C] () -- C:\Users\Targa\Desktop\arbeitszeugnis.odt
[2011.09.18 20:34:52 | 000,022,034 | ---- | C] () -- C:\Users\Targa\Desktop\Unbenannt 1.odt
[2011.09.18 14:31:06 | 000,000,858 | ---- | C] () -- C:\Users\Targa\Desktop\Orbit.lnk
[2011.09.18 13:56:25 | 000,000,093 | ---- | C] () -- C:\Users\Targa\AppData\Local\fusioncache.dat
[2011.09.14 11:39:38 | 000,011,062 | ---- | C] () -- C:\Users\Targa\Desktop\evalseminar.odt
[2011.09.14 08:49:30 | 000,489,393 | ---- | C] () -- C:\Users\Targa\Desktop\FLT_FROH9X11155_0.pdf
[2011.09.01 23:22:29 | 000,389,120 | ---- | C] () -- C:\Windows\System32\actskn43.ocx
[2011.08.21 10:00:07 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2011.08.19 13:14:45 | 000,000,144 | ---- | C] () -- C:\Windows\Sierra.ini
[2011.08.17 15:14:17 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 20:58:43 | 000,001,043 | ---- | C] () -- C:\Users\Targa\AppData\Local\cralbart.config
[2011.05.31 16:53:22 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.05.16 14:08:14 | 000,024,576 | ---- | C] () -- C:\Windows\UniFISH.exe
[2011.03.31 16:03:54 | 000,000,664 | ---- | C] () -- C:\Windows\eReg.dat
[2011.03.30 09:58:02 | 000,028,915 | ---- | C] () -- C:\Users\Targa\AppData\Roaming\UserTile.png
[2011.03.19 15:25:02 | 000,000,680 | ---- | C] () -- C:\Users\Targa\AppData\Local\d3d9caps.dat
[2010.08.31 04:50:51 | 000,146,277 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010.08.23 05:58:39 | 000,239,104 | ---- | C] () -- C:\Users\Targa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.22 15:45:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.07.22 08:26:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.07.22 08:26:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.07.20 15:08:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.07.20 15:04:24 | 000,002,456 | ---- | C] () -- C:\Users\Targa\AppData\Roaming\wklnhst.dat
[2007.02.28 17:41:30 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2007.02.22 00:34:41 | 000,462,848 | ---- | C] () -- C:\Windows\CheckStage2.exe
[2007.01.23 21:28:02 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.01.23 19:44:17 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.01.23 18:57:30 | 000,098,304 | ---- | C] () -- C:\Windows\System32\MGHwCtrl.dll
[2007.01.23 18:57:30 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MGFPCtrl.dll
[2007.01.23 18:57:30 | 000,024,576 | ---- | C] () -- C:\Windows\System32\MGPwrShm.dll
[2007.01.23 18:29:03 | 000,000,199 | ---- | C] () -- C:\Windows\WISO.INI
[2007.01.23 17:24:11 | 000,003,072 | ---- | C] () -- C:\Windows\System32\LV34CoInst.dll
[2007.01.23 17:15:53 | 000,032,256 | ---- | C] () -- C:\Windows\amcap.exe
[2007.01.23 17:15:53 | 000,025,216 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys
[2007.01.23 17:15:53 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2007.01.23 17:15:52 | 012,007,168 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys
[2007.01.23 03:53:01 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2006.11.02 01:33:31 | 000,638,748 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 01:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 01:33:31 | 000,130,668 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 01:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.01 22:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.01 22:47:37 | 000,376,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.01 22:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.01 20:33:01 | 000,604,324 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.01 20:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.01 20:33:01 | 000,107,760 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.01 20:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.01 20:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.01 18:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.01 18:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.01 17:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.01 17:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.31 02:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.09.19 16:34:10 | 000,000,000 | ---- | C] () -- C:\Windows\Buhl.ini
[2006.08.10 00:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2006.06.01 13:06:00 | 000,031,232 | R--- | C] () -- C:\Windows\System32\cmdow.exe
[2005.07.22 06:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2005.01.20 21:02:28 | 000,013,312 | ---- | C] () -- C:\Windows\System32\RMDevice.dll
[2002.06.06 12:06:36 | 000,015,872 | ---- | C] () -- C:\Windows\instsrv.exe
[2002.01.14 14:58:29 | 000,013,025 | ---- | C] () -- C:\Users\Targa\AppData\Roaming\nvModes.001
[2002.01.14 14:58:28 | 000,013,025 | ---- | C] () -- C:\Users\Targa\AppData\Roaming\nvModes.dat
 
========== LOP Check ==========
 
[2011.09.02 18:46:50 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\BitTorrent
[2011.09.01 23:22:29 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\cbuenger
[2011.03.31 16:00:49 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\DAEMON Tools Lite
[2011.08.17 20:21:52 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\Mobipocket
[2010.09.09 03:34:41 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\OpenOffice.org
[2011.09.18 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\Orbit
[2011.03.30 09:58:02 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\PeerNetworking
[2011.09.18 14:31:21 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\ProgSense
[2011.03.18 14:49:59 | 000,000,000 | ---D | M] -- C:\Users\Targa\AppData\Roaming\Thunderbird
[2011.09.19 19:40:02 | 000,032,512 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.05.09 09:12:56 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.11 09:38:52 | 000,000,000 | ---D | M] -- C:\BlueByte
[2010.07.24 09:27:45 | 000,000,000 | -HSD | M] -- C:\Boot
[2007.01.23 23:20:07 | 000,000,000 | ---D | M] -- C:\cb13a856c2acd27ee1926b66
[2011.09.14 13:34:22 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2010.05.05 12:56:47 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.05.05 04:25:17 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.18 14:31:21 | 000,000,000 | ---D | M] -- C:\Downloads
[2011.07.20 08:44:27 | 000,000,000 | ---D | M] -- C:\f874e0eb836a1978e5
[2002.01.14 04:35:10 | 000,000,000 | ---D | M] -- C:\MeineBackups
[2011.05.16 14:08:12 | 000,000,000 | ---D | M] -- C:\MPS
[2011.05.16 14:11:59 | 000,000,000 | ---D | M] -- C:\OS_Install
[2010.07.21 02:41:09 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.19 20:12:13 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.08.18 15:40:29 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.05.05 04:25:17 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.08.19 13:14:05 | 000,000,000 | ---D | M] -- C:\Spiele
[2011.09.19 17:44:22 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.05.09 09:12:21 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.19 20:09:37 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE >
[2010.07.18 15:38:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010.07.18 15:38:15 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010.07.18 15:38:14 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010.07.18 16:34:40 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010.07.18 16:34:40 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2010.07.18 15:38:15 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.01 19:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 01:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: REGEDIT.EXE >
[2008.01.19 01:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.19 01:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[2006.11.01 19:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
 
< MD5 for: USERINIT.EXE >
[2008.01.19 01:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 01:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.01 19:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE >
[2008.01.19 01:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 01:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.01 19:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.01 19:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 01:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-29 13:14:31
 
< >
 
< End of report >
--- --- ---
 

Themen zu TR/Dropper.Gen von meiner externen Festplatte entfernen?
0x00000001, antivir, autorun, avgntflt.sys, avira, bildschirm, c:\windows\system32\rundll32.exe, components, defender, downloader, entfernen, error, explorer, externe festplatte, fast start, fehlermeldung, festplatte, firefox, flash player, home, langs, mozilla, mozilla thunderbird, nicht sichtbar, nvidia, nvlddmkm.sys, programdata, programm, programme, realtek, rundll, scan, searchplugins, security update, software, start menu, tr/dropper.gen, trojaner-board, vista, winlogon.exe


« Fehlermeldung "Ein kritischer Fehler ist aufgetreten. Windows wird in einer Minute neu gestartet." | Google öffnet falsche Links und Yahoo mail geht bei Firefox nicht »


Ähnliche Themen: TR/Dropper.Gen von meiner externen Festplatte entfernen?


  1. BOO/Sinowal.A auf Bootsektor der externen Festplatte
    Log-Analyse und Auswertung - 08.05.2013 (11)
  2. Troyaner stellt alle Ordner meiner externen Festplatte nur als log Datei da!
    Log-Analyse und Auswertung - 30.01.2013 (49)
  3. Verschlüsselungstrojaner auf der externen Festplatte?
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (4)
  4. Kann sich ein GVU Trojaner auf meiner externen Festplatte verstecken, auf der ich Daten sicherte?
    Plagegeister aller Art und deren Bekämpfung - 31.07.2012 (3)
  5. keinen zugriff auf meine datenordner auf meiner externen festplatte
    Log-Analyse und Auswertung - 09.05.2012 (1)
  6. rootkit virus auf externen Festplatte? o.O
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (1)
  7. Virus auf meiner Externen Festplatte - Nur noch Verknüpfungen
    Plagegeister aller Art und deren Bekämpfung - 29.11.2011 (9)
  8. TR/Dropper.Gen von meinen (externen) Festplatten entfernen bei Windows 7?
    Plagegeister aller Art und deren Bekämpfung - 10.10.2011 (19)
  9. [doppelt] TR/Dropper.Gen von meinen (externen) Festplatten entfernen bei Windows 7?
    Mülltonne - 04.10.2011 (1)
  10. kann trojaner von meiner externen festplatte nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (1)
  11. Geplagt vom Trojaner dropper.gen auf einer externen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (23)
  12. Dateien auf meiner externen Festplatte noch zu retten?:(
    Netzwerk und Hardware - 01.09.2010 (1)
  13. Wie kriege ich mein Backup auf meiner externen Festplatte sauber?
    Plagegeister aller Art und deren Bekämpfung - 01.04.2010 (1)
  14. BDS\bifrose.alkw in den System Volume Information meiner externen Festplatte
    Log-Analyse und Auswertung - 20.11.2009 (9)
  15. Trojaner auf der externen Festplatte
    Plagegeister aller Art und deren Bekämpfung - 24.06.2009 (1)
  16. BDS/VB.edn.1 und WORM/Autorun.VDJ auf meiner Externen Platte
    Log-Analyse und Auswertung - 08.08.2008 (4)
  17. Wie mache ich EScan bei der externen Festplatte??
    Log-Analyse und Auswertung - 27.10.2007 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Dropper.Gen von meiner externen Festplatte entfernen? - Liebe Helfer vom Trojaner-Board, ich habe auf meiner externen Festplatte Probleme mit einem Trojaner. Gemerkt habe ich dies, als auf einmal ungewöhnliche Verknüpfungen vorhandener Ordner auf der Festplatte angezeigt wurden, - TR/Dropper.Gen von meiner externen Festplatte entfernen?...
Archiv
Du betrachtest: TR/Dropper.Gen von meiner externen Festplatte entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27