Zurück   Trojaner-Board > Malware entfernen > Diskussionsforum
Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?

Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?


Diskussionsforum: Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?

Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.05.2010, 06:46   #4
bredoinv
 
Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war? - Standard

Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?


...und noch das OTL Logfile

OTL logfile created on: 12.05.2010 07:41:01 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\PM\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 586,12 Gb Total Space | 393,03 Gb Free Space | 67,06% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,29 Gb Free Space | 52,89% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DELL
Current User Name: PM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.12 07:39:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\PM\Desktop\OTL.exe
PRC - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.03.20 12:22:30 | 001,070,240 | ---- | M] (Mischel Internet Security) -- C:\Programme\TrojanHunter 5.3\THGuard.exe
PRC - [2010.02.23 08:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.02.18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.12.31 13:03:58 | 000,320,768 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WaAgent\WasAgent\WasAgent.exe
PRC - [2009.10.13 17:58:08 | 000,143,360 | ---- | M] (NinjaTrader) -- C:\Programme\NinjaTrader 6.5\bin\NinjaTrader.exe
PRC - [2009.10.08 18:25:02 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\WAC\pavFnSvr.exe
PRC - [2009.10.08 15:35:06 | 000,191,744 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WAC\PsCtrlC.exe
PRC - [2009.09.17 15:48:16 | 000,295,680 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WaAgent\WasLpMng\WASLPMNG.exe
PRC - [2009.09.17 15:48:16 | 000,206,080 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WaAgent\WasWD\WasWD.exe
PRC - [2009.09.17 09:51:34 | 000,140,544 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WaAgent\Scheduler\PavSched.exe
PRC - [2009.08.17 22:54:54 | 012,957,536 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE
PRC - [2009.08.12 11:55:24 | 000,368,896 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WAC\PsCtrlS.exe
PRC - [2009.07.18 05:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.07.03 12:58:34 | 000,183,040 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\WAC\pavsrvx86.exe
PRC - [2009.07.03 12:58:34 | 000,110,336 | ---- | M] (Panda Security, S.L.) -- C:\Programme\Panda Security\WAC\avengine.exe
PRC - [2009.06.18 12:52:00 | 000,087,296 | ---- | M] (Panda Security International) -- C:\Programme\Panda Security\WAC\WEBPROXY.EXE
PRC - [2009.05.21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtcmd.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- C:\Programme\Panda Security\WAC\PSHost.exe
PRC - [2009.04.06 21:08:28 | 000,592,384 | ---- | M] (Jugaari) -- C:\Programme\Jugaari\Jaadu VNC Connect\JaaduConnect.exe
PRC - [2009.03.30 22:53:52 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.03.18 12:26:14 | 000,282,624 | ---- | M] (PFGBEST.com) -- C:\Programme\PFGBest\PFGAPI\PFGAPI.exe
PRC - [2008.12.29 22:22:36 | 001,692,224 | ---- | M] (UltraVNC) -- C:\Programme\UltraVNC\winvnc.exe
PRC - [2008.12.19 13:32:50 | 000,108,288 | ---- | M] (Panda Security) -- C:\Programme\Panda Security\WAC\PSIMSVC.EXE
PRC - [2008.08.14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe
PRC - [2008.04.30 14:52:32 | 000,027,440 | ---- | M] (Panda Software International) -- C:\Programme\Panda Security\WAC\psksvc.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.05 19:34:28 | 000,184,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2007.09.26 00:03:29 | 000,093,208 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Gaming Software\LWEMon.exe
PRC - [2007.09.24 14:57:16 | 001,024,000 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2007.06.26 20:27:46 | 000,312,320 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2007.05.23 21:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\pmxmiced.exe
PRC - [2007.04.17 16:22:22 | 000,184,320 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2006.11.08 16:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe
PRC - [2006.09.11 05:40:34 | 000,086,960 | ---- | M] (Macrovision Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010.05.12 07:39:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\PM\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.12.31 13:03:58 | 000,320,768 | ---- | M] (Panda Security) [Auto | Running] -- C:\Programme\Panda Security\WaAgent\WasAgent\WasAgent.exe -- (WASAgent)
SRV - [2009.10.08 18:25:02 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\WAC\pavFnSvr.exe -- (PavFnSvr)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.17 15:48:16 | 000,295,680 | ---- | M] (Panda Security) [Auto | Running] -- C:\Program Files\Panda Security\WaAgent\WasLpMng\WASLPMNG.exe -- (PavWASLpMng)
SRV - [2009.09.17 15:48:16 | 000,206,080 | ---- | M] (Panda Security) [Auto | Running] -- C:\Programme\Panda Security\WaAgent\WasWD\WasWD.exe -- (WASWD)
SRV - [2009.09.17 09:51:34 | 000,140,544 | ---- | M] (Panda Security) [Auto | Running] -- C:\Program Files\Panda Security\WaAgent\Scheduler\PavSched.exe -- (PavAt3Scheduler)
SRV - [2009.08.12 11:55:24 | 000,368,896 | ---- | M] (Panda Security) [Auto | Running] -- C:\Program Files\Panda Security\WAC\PsCtrlS.exe -- (Panda Software Controller)
SRV - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.07.03 12:58:34 | 000,183,040 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\WAC\pavsrvx86.exe -- (PavSrv)
SRV - [2009.04.08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- C:\Program Files\Panda Security\WAC\PSHost.exe -- (PSHost)
SRV - [2008.12.29 22:22:36 | 001,692,224 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2008.12.19 13:32:50 | 000,108,288 | ---- | M] (Panda Security) [Auto | Running] -- C:\Program Files\Panda Security\WAC\PSIMSVC.EXE -- (PSImSvc)
SRV - [2008.08.14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008.04.30 14:52:32 | 000,027,440 | ---- | M] (Panda Software International) [Auto | Running] -- C:\Program Files\Panda Security\WAC\psksvc.exe -- (PskSvc)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.01.25 19:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)


========== Driver Services (SafeList) ==========

DRV - [2009.10.21 10:43:38 | 000,199,688 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\neti1640.sys -- (NETIMFLT01060040)
DRV - [2009.10.07 11:06:20 | 000,041,480 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsfim.sys -- (NSFIM)
DRV - [2009.09.30 23:07:44 | 000,075,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\APPFLT.SYS -- (APPFLT)
DRV - [2009.09.25 14:54:06 | 000,159,112 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\Windows\System32\drivers\NETFLTDI.SYS -- (NETFLTDI)
DRV - [2009.09.25 14:54:04 | 000,193,800 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\idsflt.sys -- (IDSFLT)
DRV - [2009.09.25 14:54:04 | 000,022,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\fnetmon.sys -- (FNETMON)
DRV - [2009.09.25 14:54:02 | 000,053,256 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dsaflt.sys -- (DSAFLT)
DRV - [2009.08.05 14:15:40 | 000,047,624 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\amm8660.sys -- (AmFSM)
DRV - [2009.07.14 20:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009.01.23 10:49:06 | 000,038,816 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008.04.22 16:27:15 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.04.22 16:27:15 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.04.22 16:27:15 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.11.08 05:39:22 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.11.08 05:39:22 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.09.24 14:58:36 | 001,175,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2007.09.24 14:58:34 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007.09.24 14:58:34 | 000,129,048 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007.09.24 14:58:34 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2007.09.24 14:58:34 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007.09.24 14:58:10 | 000,525,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007.09.24 14:58:10 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2007.09.24 14:57:12 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTEXFIFX.dll -- (CTEXFIFX.DLL)
DRV - [2007.09.24 14:57:12 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007.09.24 14:57:08 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007.09.14 05:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2007.09.14 05:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2007.09.14 05:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2007.09.14 05:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2007.09.14 05:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2007.06.01 14:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007.05.24 17:44:00 | 000,019,008 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2007.04.25 17:02:28 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007.01.25 19:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005.11.25 17:43:48 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dfmirage.sys -- (dfmirage)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=6080422

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Users/PM/Music/Temp/Tunebite/.downloading/profile/rrproxy_ie_4b86a036.pac

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..network.proxy.autoconfig_url: "file://C:/Users/PM/Music/Temp/Tunebite/.downloading/profile/rrproxy_ie_4b86a036.pac"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.01 22:20:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.01 22:20:17 | 000,000,000 | ---D | M]

[2010.04.10 21:23:28 | 000,000,000 | ---D | M] -- C:\Users\PM\AppData\Roaming\mozilla\Extensions
[2009.02.28 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\PM\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010.05.06 19:18:04 | 000,000,000 | ---D | M] -- C:\Users\PM\AppData\Roaming\mozilla\Firefox\Profiles\4b51cluw.default\extensions
[2010.04.13 07:14:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PM\AppData\Roaming\mozilla\Firefox\Profiles\4b51cluw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.10 21:23:11 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Tunebite_WebRipPlugin Class) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Programme\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Panda Software Controller Client] C:\Program Files\Panda Security\WAC\PSCtrlC.exe (Panda Security)
O4 - HKLM..\Run: [PMX Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.3\THGuard.exe (Mischel Internet Security)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKCU..\Run: [JaaduVNCConnect] C:\Program Files\Jugaari\Jaadu VNC Connect\JaaduConnect.exe (Jugaari)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Panda Security\WAC\pavlsp.dll (Panda Software International)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {439B6D3C-A359-4D73-8515-2AFE8CF90C08} hxxp://www.tradesignalonline.com/gallery/components/axts5we.cab (TradeSignal 5 Web Edition)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} https://www.rcgdirect.com/jtrader/pats/downloads/j2re-14203-i586-p.exe (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.10 217.237.151.115
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.12 07:39:31 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\PM\Desktop\OTL.exe
[2010.05.12 07:26:06 | 000,000,000 | ---D | C] -- C:\Users\PM\AppData\Roaming\Malwarebytes
[2010.05.12 07:25:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.12 07:25:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.12 07:25:57 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.12 07:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.10 21:16:57 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.05.10 13:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\sentinel
[2010.05.10 13:11:16 | 000,193,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\idsflt.sys
[2010.05.10 13:11:16 | 000,053,256 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\dsaflt.sys
[2010.05.10 13:11:16 | 000,041,480 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\nsfim.sys
[2010.05.10 13:10:27 | 000,159,112 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\NETFLTDI.SYS
[2010.05.10 13:10:27 | 000,075,016 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\APPFLT.SYS
[2010.05.10 13:10:27 | 000,022,024 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\fnetmon.sys
[2010.05.10 13:10:23 | 000,047,624 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\amm8660.sys
[2010.05.10 13:08:34 | 000,000,000 | RHSD | C] -- C:\Windows\PSICache
[2010.05.10 12:56:16 | 000,000,000 | ---D | C] -- C:\Programme\QS
[2010.05.10 09:54:46 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2010.05.10 09:54:45 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2010.05.07 10:04:42 | 000,000,000 | ---D | C] -- C:\Users\PM\AppData\Roaming\TrojanHunter
[2010.05.07 08:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\TrojanHunter
[2010.05.07 08:32:28 | 000,000,000 | ---D | C] -- C:\Programme\TrojanHunter 5.3
[2010.05.07 07:33:18 | 000,000,000 | ---D | C] -- C:\Users\PM\Desktop\Bilder Dell
[2010.05.01 22:22:24 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.05.01 22:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.05.01 22:19:56 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.05.01 22:17:43 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010.04.25 16:16:44 | 000,000,000 | ---D | C] -- C:\Users\PM\{73b44331-9959-49b5-b042-ed960ab27474}
[2010.04.18 13:31:35 | 000,000,000 | ---D | C] -- C:\Users\PM\AppData\Roaming\FileZilla
[2010.04.18 13:31:31 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client
[2010.04.17 11:07:23 | 000,000,000 | ---D | C] -- C:\Users\PM\Desktop\wordpress
[2010.04.15 09:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.04.14 10:09:24 | 000,000,000 | ---D | C] -- C:\Users\PM\AppData\Roaming\TeamViewer
[2010.04.14 10:09:19 | 000,000,000 | ---D | C] -- C:\Users\PM\temp
[2010.04.14 07:36:15 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 07:36:15 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 07:36:09 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 07:35:49 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 07:35:49 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2008.04.22 16:32:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.12 07:42:06 | 005,505,024 | -HS- | M] () -- C:\Users\PM\NTUSER.DAT
[2010.05.12 07:40:31 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\woshknxc.sys
[2010.05.12 07:39:41 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\PM\Desktop\OTL.exe
[2010.05.12 07:26:06 | 000,198,588 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT.bck
[2010.05.12 07:26:06 | 000,198,588 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT
[2010.05.12 07:26:00 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.12 07:21:31 | 002,188,731 | ---- | M] () -- C:\Users\PM\Desktop\Urteil.pdf
[2010.05.12 07:21:31 | 000,559,654 | ---- | M] () -- C:\Users\PM\Desktop\IFK.pdf
[2010.05.12 07:14:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.12 07:14:12 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.12 06:58:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.11 09:58:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.11 09:26:00 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010.05.10 21:14:14 | 000,032,594 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.05.10 21:14:12 | 000,000,120 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg.bck
[2010.05.10 21:14:12 | 000,000,120 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg
[2010.05.10 21:14:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.10 20:36:48 | 000,064,748 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000004-00001102-00000005-60021102}.rfx
[2010.05.10 20:36:48 | 000,054,408 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000005-60021102}.rfx
[2010.05.10 20:36:48 | 000,054,408 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000004-00001102-00000005-60021102}.rfx
[2010.05.10 20:29:41 | 001,427,212 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.10 20:29:41 | 000,621,714 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.10 20:29:41 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.10 20:29:41 | 000,123,452 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.10 20:29:41 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.10 18:05:33 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG.bck
[2010.05.10 18:05:33 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG
[2010.05.10 18:05:33 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg.bck
[2010.05.10 18:05:33 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg
[2010.05.10 18:05:33 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg.bck
[2010.05.10 18:05:33 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg
[2010.05.10 18:05:33 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg.bck
[2010.05.10 18:05:33 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg
[2010.05.10 18:05:32 | 000,303,044 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.rls.bck
[2010.05.10 18:05:32 | 000,303,044 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.rls
[2010.05.10 18:05:31 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt.bck
[2010.05.10 18:05:31 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt
[2010.05.10 13:56:32 | 000,032,594 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.05.10 13:13:36 | 000,000,072 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt.bck
[2010.05.10 13:13:36 | 000,000,072 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt
[2010.05.10 13:13:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.10 13:13:07 | 3218,436,096 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.10 13:12:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.10 13:12:02 | 000,524,288 | -HS- | M] () -- C:\Users\PM\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.10 13:12:02 | 000,065,536 | -HS- | M] () -- C:\Users\PM\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.10 13:12:01 | 004,129,108 | -H-- | M] () -- C:\Users\PM\AppData\Local\IconCache.db
[2010.05.10 13:10:23 | 000,000,133 | ---- | M] () -- C:\Windows\AdminIE.ini
[2010.05.10 12:54:02 | 001,079,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.10 12:51:51 | 000,010,908 | ---- | M] () -- C:\Users\PM\Documents\Poolwassererwärmung.xlsx
[2010.05.08 18:02:04 | 033,998,065 | ---- | M] () -- C:\Users\PM\Desktop\Outflexx-Katalog-2009[1].pdf
[2010.05.08 14:37:57 | 000,298,784 | ---- | M] () -- C:\Users\PM\Desktop\Angebot CM Langenfeld engl RHMCPM 130709.pptx
[2010.05.07 12:41:29 | 000,001,393 | ---- | M] () -- C:\Users\PM\Desktop\DivX Movies.lnk
[2010.05.07 12:41:16 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.05.07 10:21:56 | 000,028,160 | ---- | M] () -- C:\Users\PM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.07 08:32:32 | 000,059,392 | R--- | M] () -- C:\Windows\System32\streamhlp.dll
[2010.05.07 08:32:31 | 000,000,816 | ---- | M] () -- C:\Users\PM\Desktop\TrojanHunter.lnk
[2010.05.07 07:22:16 | 000,000,016 | ---- | M] () -- C:\Users\PM\AppData\Roaming\fbknso.dat
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.05 10:19:47 | 000,000,016 | ---- | M] () -- C:\Users\PM\AppData\Roaming\qvjsge.dat
[2010.05.05 09:53:50 | 000,270,484 | ---- | M] () -- C:\Users\PM\Desktop\Konto MTH.PDF
[2010.05.05 09:13:13 | 000,274,839 | ---- | M] () -- C:\Users\PM\Desktop\Antwort ARAG 26042010.PDF
[2010.05.03 19:36:30 | 000,055,808 | ---- | M] () -- C:\Users\PM\Desktop\Projekt Funpoker Business modell 2010-04-30.doc
[2010.05.03 08:14:34 | 000,153,189 | ---- | M] () -- C:\Users\PM\Documents\ErlaeuterungzuTop6BusinessParkStuttgart.pdf
[2010.05.03 08:13:25 | 000,119,380 | ---- | M] () -- C:\Users\PM\Desktop\ErlaeuterungzuTop15BusinessParkStuttgart2.pdf
[2010.05.02 22:06:09 | 000,010,429 | ---- | M] () -- C:\Users\PM\Desktop\TKN Real Estate Investment Funds.docx
[2010.05.02 17:06:49 | 000,157,646 | ---- | M] () -- C:\Users\PM\Desktop\e69c03a2b6.jpg
[2010.05.01 22:22:46 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.01 22:20:04 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010.04.26 08:34:23 | 000,011,305 | ---- | M] () -- C:\Users\PM\Documents\Inflationskalkulation.xlsx
[2010.04.22 20:21:32 | 000,000,680 | ---- | M] () -- C:\Users\PM\AppData\Local\d3d9caps.dat
[2010.04.21 20:42:04 | 092,506,339 | ---- | M] () -- C:\Users\PM\Desktop\BEHNCKE_Preisliste_2010.pdf
[2010.04.21 08:33:02 | 000,013,452 | ---- | M] () -- C:\Users\PM\Desktop\Handbuch Immobilieninvestition 2010.docx
[2010.04.20 16:10:54 | 000,170,944 | ---- | M] () -- C:\Users\PM\Desktop\Vermietung von Handelsimmobilien MVO.pdf
[2010.04.20 10:16:49 | 000,464,896 | ---- | M] () -- C:\Users\PM\Documents\Klagerwiderung__313265_PM20042010.doc
[2010.04.19 20:32:12 | 000,576,738 | ---- | M] () -- C:\Users\PM\Desktop\ExposeBSPBusinessparkStuttgart.pdf
[2010.04.19 11:01:45 | 005,463,752 | ---- | M] () -- C:\Users\PM\Desktop\FINAL INVESTMENT PROPOSAL 01-03-2010-2.pdf
[2010.04.16 20:52:34 | 000,262,372 | ---- | M] () -- C:\Users\PM\Desktop\http___clicks.aweber.pdf
[2010.04.15 09:21:47 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.04.14 20:42:32 | 000,653,824 | ---- | M] () -- C:\Users\PM\Desktop\Anschreiben Mieter 14042010KM.doc
[2010.04.14 19:30:51 | 000,039,424 | ---- | M] () -- C:\Users\PM\Desktop\example bank confirmation.doc
[2010.04.14 15:38:22 | 001,456,416 | ---- | M] () -- C:\Users\PM\Desktop\TeamViewerQS_dieprozessoren_01.exe
[2010.04.13 07:15:24 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 08:04:56 | 000,362,479 | ---- | M] () -- C:\Users\PM\Desktop\Serviceheft.PDF
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.12 07:40:31 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\woshknxc.sys
[2010.05.12 07:26:00 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.12 07:21:31 | 002,188,731 | ---- | C] () -- C:\Users\PM\Desktop\Urteil.pdf
[2010.05.12 07:21:31 | 000,559,654 | ---- | C] () -- C:\Users\PM\Desktop\IFK.pdf
[2010.05.10 13:11:31 | 000,198,588 | ---- | C] () -- C:\Windows\System32\drivers\APPFCONT.DAT.bck
[2010.05.10 13:11:31 | 000,198,588 | ---- | C] () -- C:\Windows\System32\drivers\APPFCONT.DAT
[2010.05.10 13:11:31 | 000,001,132 | ---- | C] () -- C:\Windows\System32\drivers\APPFLTR.CFG.bck
[2010.05.10 13:11:31 | 000,001,132 | ---- | C] () -- C:\Windows\System32\drivers\APPFLTR.CFG
[2010.05.10 13:08:18 | 000,000,133 | ---- | C] () -- C:\Windows\AdminIE.ini
[2010.05.08 18:02:04 | 033,998,065 | ---- | C] () -- C:\Users\PM\Desktop\Outflexx-Katalog-2009[1].pdf
[2010.05.08 14:37:57 | 000,298,784 | ---- | C] () -- C:\Users\PM\Desktop\Angebot CM Langenfeld engl RHMCPM 130709.pptx
[2010.05.07 08:32:31 | 000,000,816 | ---- | C] () -- C:\Users\PM\Desktop\TrojanHunter.lnk
[2010.05.07 08:32:28 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2010.05.07 07:22:16 | 000,000,016 | ---- | C] () -- C:\Users\PM\AppData\Roaming\fbknso.dat
[2010.05.05 10:19:47 | 000,000,016 | ---- | C] () -- C:\Users\PM\AppData\Roaming\qvjsge.dat
[2010.05.05 09:53:50 | 000,270,484 | ---- | C] () -- C:\Users\PM\Desktop\Konto MTH.PDF
[2010.05.05 09:13:12 | 000,274,839 | ---- | C] () -- C:\Users\PM\Desktop\Antwort ARAG 26042010.PDF
[2010.05.03 19:36:30 | 000,055,808 | ---- | C] () -- C:\Users\PM\Desktop\Projekt Funpoker Business modell 2010-04-30.doc
[2010.05.03 08:14:34 | 000,153,189 | ---- | C] () -- C:\Users\PM\Documents\ErlaeuterungzuTop6BusinessParkStuttgart.pdf
[2010.05.03 08:13:25 | 000,119,380 | ---- | C] () -- C:\Users\PM\Desktop\ErlaeuterungzuTop15BusinessParkStuttgart2.pdf
[2010.05.02 21:08:02 | 000,010,429 | ---- | C] () -- C:\Users\PM\Desktop\TKN Real Estate Investment Funds.docx
[2010.05.02 17:11:00 | 000,157,646 | ---- | C] () -- C:\Users\PM\Desktop\e69c03a2b6.jpg
[2010.05.01 22:22:46 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.01 22:20:04 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.01 18:35:33 | 000,010,908 | ---- | C] () -- C:\Users\PM\Documents\Poolwassererwärmung.xlsx
[2010.04.26 08:34:23 | 000,011,305 | ---- | C] () -- C:\Users\PM\Documents\Inflationskalkulation.xlsx
[2010.04.21 20:42:02 | 092,506,339 | ---- | C] () -- C:\Users\PM\Desktop\BEHNCKE_Preisliste_2010.pdf
[2010.04.21 08:33:02 | 000,013,452 | ---- | C] () -- C:\Users\PM\Desktop\Handbuch Immobilieninvestition 2010.docx
[2010.04.20 16:10:54 | 000,170,944 | ---- | C] () -- C:\Users\PM\Desktop\Vermietung von Handelsimmobilien MVO.pdf
[2010.04.20 10:15:41 | 000,464,896 | ---- | C] () -- C:\Users\PM\Documents\Klagerwiderung__313265_PM20042010.doc
[2010.04.19 20:32:12 | 000,576,738 | ---- | C] () -- C:\Users\PM\Desktop\ExposeBSPBusinessparkStuttgart.pdf
[2010.04.19 11:01:45 | 005,463,752 | ---- | C] () -- C:\Users\PM\Desktop\FINAL INVESTMENT PROPOSAL 01-03-2010-2.pdf
[2010.04.16 20:52:34 | 000,262,372 | ---- | C] () -- C:\Users\PM\Desktop\http___clicks.aweber.pdf
[2010.04.15 09:22:30 | 000,001,393 | ---- | C] () -- C:\Users\PM\Desktop\DivX Movies.lnk
[2010.04.15 09:22:00 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.04.15 09:21:47 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.04.14 20:42:28 | 000,653,824 | ---- | C] () -- C:\Users\PM\Desktop\Anschreiben Mieter 14042010KM.doc
[2010.04.14 15:38:17 | 001,456,416 | ---- | C] () -- C:\Users\PM\Desktop\TeamViewerQS_dieprozessoren_01.exe
[2010.04.14 14:56:54 | 000,001,337 | ---- | C] () -- C:\Users\PM\Documents\root_Ca.cer
[2010.04.13 07:15:24 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 08:04:56 | 000,362,479 | ---- | C] () -- C:\Users\PM\Desktop\Serviceheft.PDF
[2009.12.31 11:47:52 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.12.13 16:52:33 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.10.13 17:57:48 | 000,098,304 | ---- | C] () -- C:\Windows\System32\NtDirect.dll
[2009.09.17 09:52:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.06 21:02:34 | 000,000,137 | ---- | C] () -- C:\Windows\oports.INI
[2009.07.20 09:22:10 | 000,036,363 | ---- | C] () -- C:\Windows\CSTBox.INI
[2008.12.25 15:20:58 | 000,004,922 | ---- | C] () -- C:\Windows\WinSig.ini
[2008.12.25 15:20:58 | 000,002,467 | ---- | C] () -- C:\Windows\WinRos.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.05.22 10:21:29 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2008.04.22 16:32:11 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2008.04.22 16:32:10 | 000,046,606 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2008.04.22 16:32:10 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2008.04.22 16:14:52 | 000,000,307 | ---- | C] () -- C:\Windows\System32\KILL.INI
[2008.04.22 08:50:28 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIGER.DLL
[2008.04.22 08:50:22 | 000,105,472 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2008.04.22 08:50:22 | 000,067,072 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008.04.22 08:47:27 | 000,131,062 | ---- | C] () -- C:\Windows\System32\DellPM.ini
[2007.01.25 19:31:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >

 

Themen zu Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?
anlage, besten, dateien, defender, e-mail, e-mail anlage, erhalte, erkennen, hallo zusammen, herausfinden, infiziert, nichts, panda, pdf, scan, scanner, schlägt, seite, variante, virenscan, virenscanner, web, windows, zugang, zurückverfolgen


« Habe mir etwas eingefangen, anbei HIJACK | Frage zum Thema Filesharing, ilegalle Software usw. »


Ähnliche Themen: Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?


  1. Nach öffnen eines E-Mail Inhaltes wurden an alle Kontakte eine E-Mail versendet
    Log-Analyse und Auswertung - 27.04.2015 (27)
  2. Windows 7: Spam-Mail geöffnet, bin ich infiziert?
    Log-Analyse und Auswertung - 25.06.2014 (9)
  3. BSI E-Mail Adresse war dabei Ist mein Rechner infiziert?
    Log-Analyse und Auswertung - 13.04.2014 (3)
  4. Ich habe eien E Mail von einem Online Anwalt erhalten mit Anlage, die ich geöffnet habe. Seit dem Probleme
    Log-Analyse und Auswertung - 10.04.2014 (13)
  5. E-Mail Adresse laut BSI ausspioniert - PC (Win Vista SP 2) infiziert?
    Log-Analyse und Auswertung - 06.02.2014 (1)
  6. Wordpress Blog infiziert Mail von Google erhalten
    Log-Analyse und Auswertung - 13.03.2013 (25)
  7. Hallo habe heute eine mail bekommen, wo eine rechnung mit eingefügt war
    Log-Analyse und Auswertung - 04.05.2012 (1)
  8. Mcafee findet Artemis!4B3812C4890C ( Trojaner ) in einer E-mail Anlage
    Plagegeister aller Art und deren Bekämpfung - 29.10.2011 (6)
  9. Mcafee findet Artemis!4B3812C4890C in einer E-mail Anlage
    Mülltonne - 26.10.2011 (1)
  10. PC mit surround anlage
    Netzwerk und Hardware - 17.07.2011 (7)
  11. PC infiziert durch UPS Mail (Fehler: lgou.rlo)
    Plagegeister aller Art und deren Bekämpfung - 02.04.2010 (1)
  12. PC infiziert mit Trojanern TR/Fregee.H.9 nach UPS Mail
    Plagegeister aller Art und deren Bekämpfung - 12.03.2010 (18)
  13. Wie kann man eine fremde IP Herausfinden PC Tracert
    Netzwerk und Hardware - 05.01.2010 (3)
  14. eMail-Anlage verändert
    Plagegeister aller Art und deren Bekämpfung - 24.02.2004 (14)
  15. Mail-Anlage
    Plagegeister aller Art und deren Bekämpfung - 24.02.2004 (13)
  16. Kann man mithilfe der IP den Benutzer eines Win 2000-Systems herausfinden?
    Plagegeister aller Art und deren Bekämpfung - 11.09.2003 (3)
  17. ip herausfinden?
    Plagegeister aller Art und deren Bekämpfung - 17.03.2003 (31)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war? - ...und noch das OTL Logfile OTL logfile created on: 12.05.2010 07:41:01 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\PM\Desktop Windows Vista Home Premium Edition Service Pack - Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war?...
Archiv
Du betrachtest: Spyangriff, wie kann man herausfinden ob eine e-mail Anlage infiziert war? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132