Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Elster E-Mail geöffnet - PDF exploiteingefangen ?

Elster E-Mail geöffnet - PDF exploiteingefangen ?


Log-Analyse und Auswertung: Elster E-Mail geöffnet - PDF exploiteingefangen ?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.09.2012, 14:31   #1
degalo
 
Elster E-Mail geöffnet - PDF exploiteingefangen ? - Standard

Elster E-Mail geöffnet - PDF exploiteingefangen ?


Hallo liebe Community,

jetzt hat es mich auch erwischt.

Mir kam es zwar komisch vor, aber da ich keine Rechtschreibfehler erkennen konnte und der Inhalt plausibel war, habe ich den Anhang dieser E-Mail geöffnet:

Code:
ATTFilter
Sehr geehrte Damen und Herren,



fur Sie wurde von Ihrem Finanzamt bzw. Ihrer Steuerverwaltung uber das Verfahren ELSTER eine verschlusselte Datei

(Einkommensteuerbescheid) zur Abholung bereitgestellt.



 -- Ihre Datei finden Sie als PDF-Datei im Anhang dieser E-Mail. --



Sollten Sie die Daten nicht abholen, so werden diese nach 6 Monaten automatisch geloscht.



Dies ist eine automatisch generierte E-Mail - bitte antworten Sie nicht an diese Mailadresse.



Mit freundlichen Grussen

Ihr Finanzamt / Ihre Steuerverwaltung

www.elster.de



HINWEIS:

Sie erhalten diese E-Mail, weil Sie bei der Datenubermittlung z.B. Ihrer Steuererklarung die

Mailbenachrichtigung auf diese E-Mailadresse gewunscht haben.

Bei Steuerbescheiden ist allein die Papierausfertigung rechtlich relevant.
Im Anhang war die datei "ELSTER_Finanzamt2012.pdf", die mein Acrobat Reader X Version 10.1.4 nicht öffnen konnte. Als die Festplatte plötzlich anfing zu rödeln, habe ich so etwa 3 Sekunden nach dem Start vom Acrobat Reader den Stecker gezogen. Nach dem Neustart habe ich bei Jottis folgendes Ergebnis bekommen:

hxxp://virusscan.jotti.org/de/scanresult/5881f2c24b6b9885f8ffb8bb659a7e77fd650276/597a7018d3f2b49430a016fd6fec35b00f58d773

Nun stelle ich mir die Frage, ob es nochmal gut gegangen ist und mein Acrobat nicht anfällig war.

Mein OTL.TXT:
Code:
ATTFilter
OTL logfile created on: 26.09.2012 14:49:26 - Run 1
OTL by OldTimer - Version 3.2.68.0     Folder = C:\Users\brauns\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 61,27% Memory free
7,99 Gb Paging File | 6,18 Gb Available in Paging File | 77,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 77,62 Gb Free Space | 31,81% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 858,27 Gb Free Space | 61,43% Space Free | Partition Type: NTFS
 
Computer Name: PHENOM | User Name: brauns | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2012.09.26 14:49:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\brauns\Downloads\OTL.exe
PRC - [2012.09.10 13:34:43 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.08.12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011.03.02 17:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
PRC - [2011.01.12 17:24:06 | 000,292,240 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
PRC - [2010.09.15 05:14:06 | 007,130,112 | ---- | M] (AGFEO      ) -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe
PRC - [2010.06.17 22:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2010.01.19 04:31:26 | 000,072,304 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2009.11.20 13:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.10 13:34:42 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010.05.07 19:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2010.05.07 19:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2010.05.07 19:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2010.05.07 19:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2010.05.07 19:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2010.04.19 20:02:30 | 000,930,304 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtNetwork4.dll
MOD - [2010.03.26 20:48:12 | 000,468,992 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\sqldrivers\qsqlite4.dll
MOD - [2010.03.26 20:47:20 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qgif4.dll
MOD - [2010.03.26 20:47:14 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qjpeg4.dll
MOD - [2010.03.26 20:43:04 | 001,110,016 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtScript4.dll
MOD - [2010.03.26 20:26:44 | 009,823,232 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtWebKit4.dll
MOD - [2010.03.26 18:48:34 | 000,232,960 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\phonon4.dll
MOD - [2010.03.26 18:43:22 | 000,184,832 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtSql4.dll
MOD - [2010.03.26 18:43:08 | 007,829,504 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtGui4.dll
MOD - [2010.03.26 18:28:56 | 002,101,248 | ---- | M] () -- C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.12.02 10:51:58 | 004,913,608 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV - [2012.09.10 13:34:43 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.02 17:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.07.30 15:28:08 | 000,194,224 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010.06.23 13:14:54 | 000,131,776 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery)
SRV - [2010.06.22 17:03:52 | 000,047,768 | ---- | M] (National Instruments Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe -- (niSvcLoc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.19 04:31:26 | 000,072,304 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009.08.24 15:38:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009.07.14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:38:22 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.09.05 08:22:38 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.09.05 08:22:38 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012.04.12 18:44:40 | 000,032,984 | ---- | M] (SEGGER Microcontroller Systeme GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jlinkx64.sys -- (jlink)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.11.24 09:58:44 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2011.11.24 09:58:44 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011.10.07 11:24:12 | 000,152,064 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2011.10.07 09:31:42 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011.09.08 08:23:30 | 000,057,088 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2011.08.09 07:11:50 | 000,021,120 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2011.03.18 13:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 13:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.02.09 09:36:00 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2010.12.28 17:46:56 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010.12.22 23:22:35 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.29 10:14:46 | 000,063,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb2ser64.sys -- (usb2ser64)
DRV:64bit: - [2010.08.30 10:29:30 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nipalfwedl.sys -- (nipalfwedl)
DRV:64bit: - [2010.08.30 10:26:30 | 000,012,992 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nipalusbedl.sys -- (nipalusbedl)
DRV:64bit: - [2010.08.30 10:07:40 | 000,895,640 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipalk.sys -- (NIPALK)
DRV:64bit: - [2010.08.24 19:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.07.28 13:41:24 | 000,022,528 | ---- | M] (IVI Foundation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ausbtmc.sys -- (Usbtmc)
DRV:64bit: - [2010.07.09 14:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.23 10:05:30 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NiViPxiKl.sys -- (NiViPxiK)
DRV:64bit: - [2010.06.23 10:04:04 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NiViPciKl.sys -- (NiViPciK)
DRV:64bit: - [2010.06.11 14:32:32 | 000,011,944 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nidimkl.sys -- (nidimk)
DRV:64bit: - [2010.05.26 11:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\8CD4.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.03.24 12:27:44 | 000,016,984 | ---- | M] (National Instruments Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nipbcfk.sys -- (nipbcfk)
DRV:64bit: - [2010.03.22 11:57:20 | 000,347,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.27 10:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.11.20 13:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.11.20 13:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.10.07 12:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 12:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.14 15:32:28 | 000,011,856 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\niorbkl.sys -- (niorbk)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2012.09.26 14:45:41 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.07.09 18:47:10 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.07.03 12:15:54 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2010.03.12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 37 CB 42 98 17 A2 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://127.0.0.1:3128/proxy.ins
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.com/calendar/render?tab=wc&pli=1"
FF - prefs.js..extensions.enabledAddons: DeviceDetection@logitech.com:1.23.0.5
FF - prefs.js..extensions.enabledAddons: fb_add_on@avm.de:1.6.3
FF - prefs.js..extensions.enabledAddons: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.10 13:34:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.01 16:53:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.17 22:28:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.12.23 11:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brauns\AppData\Roaming\mozilla\Extensions
[2010.12.23 11:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brauns\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.07.25 11:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brauns\AppData\Roaming\mozilla\Firefox\Profiles\equwkc4z.default\extensions
[2011.12.04 13:36:34 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\brauns\AppData\Roaming\mozilla\Firefox\Profiles\equwkc4z.default\extensions\DeviceDetection@logitech.com
[2012.05.14 23:02:48 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\brauns\AppData\Roaming\mozilla\Firefox\Profiles\equwkc4z.default\extensions\fb_add_on@avm.de
[2012.07.25 11:06:47 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\brauns\AppData\Roaming\mozilla\firefox\profiles\equwkc4z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.03.11 11:26:32 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\brauns\AppData\Roaming\mozilla\firefox\profiles\equwkc4z.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.04.27 08:50:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.10 13:34:43 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.27 08:50:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.10 13:34:42 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.27 08:50:36 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.27 08:50:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.27 08:50:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.27 08:50:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.17.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F4C5E51-2D31-405C-9E87-8B216E534772}: DhcpNameServer = 192.168.17.76
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6c15384d-1025-11e1-9a04-e0764533cc7b}\Shell - "" = AutoRun
O33 - MountPoints2\{6c15384d-1025-11e1-9a04-e0764533cc7b}\Shell\AutoRun\command - "" = L:\Startme.exe
O33 - MountPoints2\{adfeabe2-48ff-11e1-9d7a-1c6f658452f7}\Shell - "" = AutoRun
O33 - MountPoints2\{adfeabe2-48ff-11e1-9d7a-1c6f658452f7}\Shell\AutoRun\command - "" = M:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.26 14:17:32 | 000,000,000 | ---D | C] -- C:\Users\brauns\Desktop\Virus
[2012.09.24 08:11:19 | 000,000,000 | ---D | C] -- C:\Users\brauns\Desktop\LAPTOPFRAESE
[2012.09.23 18:54:01 | 000,000,000 | ---D | C] -- C:\Users\brauns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.09.23 18:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.09.23 18:54:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2012.09.20 18:44:30 | 000,000,000 | ---D | C] -- C:\Users\brauns\Desktop\CNCPROFI
[2012.09.13 08:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.09.05 19:14:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.09.05 19:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 19:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.09.05 08:22:38 | 000,027,760 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.09.05 08:22:38 | 000,014,448 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.09.03 08:54:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.09.01 16:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.01 16:53:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.09.01 15:48:33 | 000,000,000 | ---D | C] -- C:\Users\brauns\AppData\Roaming\Wings3D
[2012.08.29 16:58:27 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.08.29 16:58:22 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2012.08.27 16:13:41 | 000,000,000 | ---D | C] -- C:\Users\brauns\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RMPrepUSB
[2012.08.27 16:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RMPrepUSB
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.26 14:52:47 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.26 14:52:47 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.26 14:45:41 | 000,000,022 | ---- | M] () -- C:\Windows\S.dirmngr
[2012.09.26 14:45:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.26 14:45:37 | 3218,497,536 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.26 14:44:28 | 000,000,020 | ---- | M] () -- C:\Users\brauns\defogger_reenable
[2012.09.26 10:01:40 | 000,000,600 | ---- | M] () -- C:\Users\brauns\AppData\Local\PUTTY.RND
[2012.09.24 08:12:27 | 001,527,740 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.24 08:12:27 | 000,664,618 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.24 08:12:27 | 000,624,800 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.24 08:12:27 | 000,134,786 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.24 08:12:27 | 000,110,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.24 08:05:55 | 000,000,218 | ---- | M] () -- C:\Users\brauns\.recently-used.xbel
[2012.09.23 18:54:01 | 000,000,991 | ---- | M] () -- C:\Users\brauns\Desktop\SopCast.lnk
[2012.09.23 18:52:18 | 009,625,551 | ---- | M] () -- C:\Users\brauns\Desktop\Setup-SopCast-3.5.0-2012-3-2.exe
[2012.09.21 11:08:03 | 001,448,424 | ---- | M] () -- C:\Users\brauns\Desktop\PENNY MOBIL erklärung.pdf
[2012.09.21 11:04:29 | 000,059,673 | ---- | M] () -- C:\Users\brauns\Desktop\PENNY MOBIL.pdf
[2012.09.18 17:19:40 | 000,721,816 | ---- | M] () -- C:\Users\brauns\Desktop\dungs.pdf
[2012.09.17 18:40:20 | 000,087,059 | ---- | M] () -- C:\Users\brauns\Desktop\DKB - Deutsche Kreditbank AG - Internet Banking.pdf
[2012.09.16 18:20:34 | 000,315,265 | ---- | M] () -- C:\Users\brauns\Desktop\Chefkoch.de Rezept  Quiche.pdf
[2012.09.13 08:57:33 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.09.06 19:28:38 | 000,029,696 | ---- | M] () -- C:\Users\brauns\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.05 08:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012.09.05 08:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012.09.05 08:22:38 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.09.05 08:22:38 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.09.04 18:46:35 | 000,003,840 | ---- | M] () -- C:\Windows\scad3.INI
[2012.09.03 11:43:22 | 000,183,326 | ---- | M] () -- C:\Users\brauns\Desktop\eberle geh.pdf
[2012.09.03 08:54:25 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.30 08:12:15 | 000,321,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.29 16:58:27 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012.08.29 14:23:56 | 057,801,775 | ---- | M] () -- C:\Users\brauns\Documents\handbuchderfarbe00zerruoft.pdf
[2012.08.29 13:40:07 | 000,072,166 | ---- | M] () -- C:\Users\brauns\Documents\Anweisung_Aetznatron.pdf
[2012.08.29 13:39:49 | 000,112,560 | ---- | M] () -- C:\Users\brauns\Documents\Sicherheitsdatenblatt_Aetznatron.pdf
[2012.08.27 16:13:41 | 000,001,035 | ---- | M] () -- C:\Users\brauns\Desktop\RMPrepUSB.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.26 14:45:41 | 000,000,022 | ---- | C] () -- C:\Windows\S.dirmngr
[2012.09.26 14:44:28 | 000,000,020 | ---- | C] () -- C:\Users\brauns\defogger_reenable
[2012.09.24 08:05:55 | 000,000,218 | ---- | C] () -- C:\Users\brauns\.recently-used.xbel
[2012.09.23 18:54:01 | 000,000,991 | ---- | C] () -- C:\Users\brauns\Desktop\SopCast.lnk
[2012.09.21 11:08:02 | 001,448,424 | ---- | C] () -- C:\Users\brauns\Desktop\PENNY MOBIL erklärung.pdf
[2012.09.21 11:04:28 | 000,059,673 | ---- | C] () -- C:\Users\brauns\Desktop\PENNY MOBIL.pdf
[2012.09.18 17:19:40 | 000,721,816 | ---- | C] () -- C:\Users\brauns\Desktop\dungs.pdf
[2012.09.17 18:40:19 | 000,087,059 | ---- | C] () -- C:\Users\brauns\Desktop\DKB - Deutsche Kreditbank AG - Internet Banking.pdf
[2012.09.16 18:20:33 | 000,315,265 | ---- | C] () -- C:\Users\brauns\Desktop\Chefkoch.de Rezept  Quiche.pdf
[2012.09.13 08:57:33 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.09.05 08:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012.09.05 08:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012.09.03 11:43:21 | 000,183,326 | ---- | C] () -- C:\Users\brauns\Desktop\eberle geh.pdf
[2012.09.03 08:54:25 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.29 16:58:27 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012.08.29 14:22:56 | 057,801,775 | ---- | C] () -- C:\Users\brauns\Documents\handbuchderfarbe00zerruoft.pdf
[2012.08.29 13:40:06 | 000,072,166 | ---- | C] () -- C:\Users\brauns\Documents\Anweisung_Aetznatron.pdf
[2012.08.29 13:39:46 | 000,112,560 | ---- | C] () -- C:\Users\brauns\Documents\Sicherheitsdatenblatt_Aetznatron.pdf
[2012.08.27 16:13:41 | 000,001,035 | ---- | C] () -- C:\Users\brauns\Desktop\RMPrepUSB.lnk
[2012.07.14 12:40:05 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.06.14 08:01:24 | 000,000,412 | ---- | C] () -- C:\Users\brauns\AppData\Roaming\All CPU Meter_Settings.ini
[2012.04.06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.22 09:04:08 | 000,000,036 | ---- | C] () -- C:\Users\brauns\.org.eclipse.epp.usagedata.recording.userId
[2012.03.20 17:18:44 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.01.06 10:08:50 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\vbarchiv.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.15 22:24:19 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.10 23:31:14 | 000,000,736 | ---- | C] () -- C:\Users\brauns\id_dsa
[2011.09.10 22:07:05 | 000,000,604 | ---- | C] () -- C:\Users\brauns\braunskey.pub
[2011.08.26 17:18:12 | 000,000,094 | ---- | C] () -- C:\Users\brauns\AppData\Local\fusioncache.dat
[2011.08.26 16:53:37 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.08 10:51:08 | 000,001,719 | ---- | C] () -- C:\Users\brauns\pgp_ingo_brauns.asc
[2011.08.07 20:35:50 | 000,077,110 | ---- | C] () -- C:\Users\brauns\pubring.pkr
[2011.08.07 20:35:44 | 000,001,806 | ---- | C] () -- C:\Users\brauns\ingobrauns2.sec
[2011.08.07 20:35:44 | 000,001,806 | ---- | C] () -- C:\Users\brauns\ingobrauns1.sec
[2011.07.16 15:29:59 | 000,001,050 | ---- | C] () -- C:\Windows\wiso.ini
[2011.06.08 10:32:37 | 000,000,600 | ---- | C] () -- C:\Users\brauns\AppData\Roaming\PUTTY.RND
[2011.06.01 19:20:48 | 000,000,133 | ---- | C] () -- C:\Users\brauns\backup.bat
[2011.05.16 09:33:08 | 001,386,056 | ---- | C] () -- C:\Users\brauns\.b2log
[2011.03.31 11:35:55 | 000,000,600 | ---- | C] () -- C:\Users\brauns\AppData\Local\PUTTY.RND
[2011.03.28 14:56:29 | 000,007,606 | ---- | C] () -- C:\Users\brauns\AppData\Local\resmon.resmoncfg
[2011.03.27 00:57:34 | 000,029,696 | ---- | C] () -- C:\Users\brauns\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.23 12:52:52 | 000,003,840 | ---- | C] () -- C:\Windows\scad3.INI
[2011.01.16 14:07:35 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.01.16 14:07:35 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.01.16 14:07:35 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.01.16 14:07:35 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.16 14:07:35 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.12 11:59:35 | 000,409,363 | ---- | C] () -- C:\Users\brauns\Anwenderdoku.pdf
[2011.01.04 20:53:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.02 14:29:58 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.27 16:39:19 | 000,027,114 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.12.23 21:52:56 | 000,000,824 | ---- | C] () -- C:\Users\brauns\braunskey.ppk
[2010.12.22 22:44:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.12.22 22:31:54 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2010.12.22 22:25:55 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2010.12.22 22:21:52 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.11.04 22:40:38 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\.purple
[2010.12.30 12:22:44 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\AGFEO
[2011.06.09 20:06:33 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Aquamarin Haushaltsbuch
[2010.12.24 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Ashampoo
[2011.07.16 15:24:46 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Buhl Data Service
[2011.10.07 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\calibre
[2011.03.27 13:18:03 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\CamTrack
[2010.12.24 15:08:32 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Canneverbe Limited
[2012.07.13 17:29:20 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Canon
[2010.12.22 23:26:20 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\DAEMON Tools Lite
[2012.07.28 10:22:27 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Dropbox
[2011.03.10 10:48:00 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\DVDVideoSoft
[2011.03.02 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Familienbande
[2012.07.20 09:57:19 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\FRITZ!
[2012.07.20 09:52:27 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2011.03.10 10:48:17 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\GetRightToGo
[2011.08.08 11:07:55 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\gnupg
[2012.09.18 17:04:58 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\gtk-2.0
[2011.07.15 15:58:23 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\inkscape
[2012.03.31 13:03:43 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\IrfanView
[2012.07.02 15:42:05 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\KillProcess
[2010.12.25 11:18:18 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Leadertech
[2012.03.28 13:06:47 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\LibreOffice
[2011.03.18 20:53:51 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\LolClient
[2011.04.13 13:56:10 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Notepad++
[2010.12.23 11:43:17 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\OpenOffice.org
[2010.12.27 16:39:54 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\ScanSoft
[2011.11.17 20:00:39 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Sony
[2010.12.23 23:12:51 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Subversion
[2010.12.23 11:23:07 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Thunderbird
[2011.12.12 13:25:06 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\TrueCrypt
[2011.01.10 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Ubisoft
[2012.09.01 15:48:33 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Wings3D
[2012.03.19 13:18:19 | 000,000,000 | ---D | M] -- C:\Users\brauns\AppData\Roaming\Wireshark
 
========== Purity Check ==========
 
 

< End of report >
Freue mich auch Eure Tips und gelobe jetzt schon Besserung. Das nächste Mal bin ich vorsichtiger.

LG Ingo

 

Themen zu Elster E-Mail geöffnet - PDF exploiteingefangen ?
adobe, e-mail, error, explorer, festplatte, firefox, format, frage, helper, logfile, microsoft, mozilla, national, neustart, nicht öffnen, object, pdf, plug-in, programme, realtek, rechtlich, registry, safer networking, schreibfehler, secure, sekunden, software, sophos, usb, usb 3.0, windows, winlogon


« Bundespolizei-Trojaner auf Windows XP | BKA Trojaner 1.13 win xp »


Ähnliche Themen: Elster E-Mail geöffnet - PDF exploiteingefangen ?


  1. DHL Mail geöffnet
    Alles rund um Mac OSX & Linux - 12.06.2015 (9)
  2. DHL Mail auf MacBook geöffnet
    Alles rund um Mac OSX & Linux - 22.05.2015 (3)
  3. DHL Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (13)
  4. Ups e-mail geöffnet
    Log-Analyse und Auswertung - 08.03.2015 (5)
  5. Mail mit .rft-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.10.2014 (2)
  6. Auf Phishing-Mail reingefallen - ELSTER-(Steuer)Bescheid
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (9)
  7. Android: ELSTER-Spam-Mail geöffnet (angebliche Mail v. Finanzamt)
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (3)
  8. ELSTER Spam-Mail geöffnet (angebliche Mail v. Finanzamt)
    Smartphone, Tablet & Handy Security - 23.09.2014 (5)
  9. mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (11)
  10. E-Mail von Media Center GmbH - Abo 39€ - E-Mail, nicht Anhang geöffnet, Antivirenprogramm meldet sich.
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (5)
  11. Abmahungs-Mail, Zip geöffnet
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (25)
  12. .exe aus Mail geöffnet
    Log-Analyse und Auswertung - 17.11.2013 (10)
  13. spam mail geöffnet :-(
    Log-Analyse und Auswertung - 23.08.2013 (3)
  14. Elster E-Mail PDF im Anhang geöffnet - Mac Nutzer
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (3)
  15. Elster.PDF geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  16. Elster-Spam Mail auf Apple Rechner geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (5)
  17. E-Mail geöffnet / Trojaner?
    Log-Analyse und Auswertung - 31.08.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Elster E-Mail geöffnet - PDF exploiteingefangen ? - Hallo liebe Community, jetzt hat es mich auch erwischt. Mir kam es zwar komisch vor, aber da ich keine Rechtschreibfehler erkennen konnte und der Inhalt plausibel war, habe ich den - Elster E-Mail geöffnet - PDF exploiteingefangen ?...
Archiv
Du betrachtest: Elster E-Mail geöffnet - PDF exploiteingefangen ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131