| |  Verschlüsselungstrojaner: Loganalyse nach Entfernen und Entschlüsseln
 Hallo,
ich habe dir die .eml der besagten Mail gerade geschickt.
Hier noch die Logs aus Malwarebytes: Zitat:
2012/05/04 21:34:39 +0200 SYLVIA-VAIO Admin MESSAGE Executing scheduled update: Daily
2012/05/04 21:34:39 +0200 SYLVIA-VAIO Admin MESSAGE Starting protection
2012/05/04 21:34:40 +0200 SYLVIA-VAIO Admin MESSAGE Database already up-to-date
2012/05/04 21:34:42 +0200 SYLVIA-VAIO Admin MESSAGE Protection started successfully
2012/05/04 21:34:45 +0200 SYLVIA-VAIO Admin MESSAGE Starting IP protection
2012/05/04 21:34:47 +0200 SYLVIA-VAIO Admin MESSAGE IP Protection started successfully
2012/05/04 21:44:45 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting protection
2012/05/04 21:44:48 +0200 SYLVIA-VAIO Sylvia MESSAGE Protection started successfully
2012/05/04 21:44:51 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting IP protection
2012/05/04 21:44:52 +0200 SYLVIA-VAIO Sylvia MESSAGE IP Protection started successfully
| Zitat:
2012/05/05 11:21:07 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting protection
2012/05/05 11:21:09 +0200 SYLVIA-VAIO Sylvia MESSAGE Executing scheduled update: Daily
2012/05/05 11:21:10 +0200 SYLVIA-VAIO Sylvia MESSAGE Protection started successfully
2012/05/05 11:21:13 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting IP protection
2012/05/05 11:21:14 +0200 SYLVIA-VAIO Sylvia MESSAGE IP Protection started successfully
2012/05/05 11:21:21 +0200 SYLVIA-VAIO Sylvia MESSAGE Scheduled update executed successfully: database updated from version v2012.05.04.05 to version v2012.05.05.03
2012/05/05 11:21:21 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting database refresh
2012/05/05 11:21:21 +0200 SYLVIA-VAIO Sylvia MESSAGE Stopping IP protection
2012/05/05 11:23:21 +0200 SYLVIA-VAIO Sylvia MESSAGE IP Protection stopped
2012/05/05 11:23:24 +0200 SYLVIA-VAIO Sylvia MESSAGE Database refreshed successfully
2012/05/05 11:23:24 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting IP protection
2012/05/05 11:23:25 +0200 SYLVIA-VAIO Sylvia MESSAGE IP Protection started successfully
2012/05/05 12:05:39 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50352, Process: chrome.exe)
2012/05/05 12:05:39 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50353, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50365, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50366, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50367, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50368, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50369, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50370, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50371, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50372, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50373, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50374, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50375, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50376, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50377, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50378, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50379, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50380, Process: chrome.exe)
2012/05/05 12:06:28 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50381, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50382, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50383, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50384, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50385, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50386, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50387, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50388, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50389, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50390, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50391, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50392, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50393, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50394, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50395, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50396, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50397, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50398, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50399, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50400, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50401, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50402, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50403, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50404, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50405, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50406, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50407, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50408, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50409, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50410, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50411, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50412, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50413, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50414, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50415, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50416, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50417, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50418, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50419, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50420, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50421, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50422, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50423, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50424, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50425, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50426, Process: chrome.exe)
2012/05/05 12:06:36 +0200 SYLVIA-VAIO Sylvia IP-BLOCK 109.163.231.139 (Type: outgoing, Port: 50427, Process: chrome.exe)
2012/05/05 18:21:24 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting protection
2012/05/05 18:21:27 +0200 SYLVIA-VAIO Sylvia MESSAGE Protection started successfully
2012/05/05 18:21:30 +0200 SYLVIA-VAIO Sylvia MESSAGE Starting IP protection
2012/05/05 18:21:32 +0200 SYLVIA-VAIO Sylvia MESSAGE IP Protection started successfully
|
|
05.05.2012, 17:30
Hybrid-Darstellung
