Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
40 TANs Eingabe beim Online Banking

40 TANs Eingabe beim Online Banking


Plagegeister aller Art und deren Bekämpfung: 40 TANs Eingabe beim Online Banking

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.01.2011, 09:42   #1
s1mon
 
40 TANs Eingabe beim Online Banking - Standard

40 TANs Eingabe beim Online Banking


Hallo zusammen,

ich habe das gleiche Problem, dass auch in folgendem Thread aufgetreten ist:
http://www.trojaner-board.de/88974-t...e-banking.html

Bedeutet, ich soll nach dem Login 40 TANs eingeben.

Jetzt zu meinem Rechner:

- Windows 7
- AntiVir
- Java Update gerade durchgeführt

Vor dem Erstellen dieses Threads habe ich mich an die Anleitung gehalten und (zusätzlich) folgende Schritte durchgeführt:

- CCleaner
- AntiVir Systemscan
- Malwarebytes Anti-Malware (wie in Anleitung beschrieben)
- OTL (wie in Anleitung beschrieben)
- WindowsUpdate
- JavaUpdate und JavaRa

Hier die Log Datei von Malwarebytes:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5475

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.01.2011 09:00:59
mbam-log-2011-01-07 (09-00-59).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 149813
Laufzeit: 4 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{C82308DF-9E73-03D9-93F0-79151933473C} (Trojan.ZbotR.Gen) -> Value: {C82308DF-9E73-03D9-93F0-79151933473C} -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\***\downloads\setuppoker_a072a_de.exe (PUP.Casino) -> Not selected for removal.
Jetzt die OTL.txt:
Code:
ATTFilter
OTL logfile created on: 07.01.2011 09:01:57 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Users\***\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 208,50 Gb Total Space | 75,27 Gb Free Space | 36,10% Space Free | Partition Type: NTFS
Drive D: | 1,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Java\jre6\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\xampplite\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\GmoteServer\GmoteServer.exe ()
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Programme\Fingerprint Reader Suite\upeksvr.exe (UPEK Inc.)
PRC - C:\Programme\Fingerprint Reader Suite\psqltray.exe (UPEK Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Apache2.2) -- C:\xampplite\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (ycpcqw) -- C:\Windows\System32\drivers\lsln.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = h**p://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 4E 07 C8 26 AB CB 01  [binary data]
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy:3128
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.12
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.106
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.1
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.2.2
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.34
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.91
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.18 18:31:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.18 18:31:38 | 000,000,000 | ---D | M]
 
[2010.03.14 23:42:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.01.07 09:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions
[2010.12.15 00:11:05 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.08.28 16:47:23 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2010.09.23 12:29:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.18 16:56:57 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010.04.03 21:12:02 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010.04.29 15:56:59 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.10.16 21:33:29 | 000,000,000 | ---D | M] ("SearchStatus") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}
[2010.08.22 15:17:53 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
[2010.05.11 20:16:33 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2011.01.06 09:23:06 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\firebug@software.joehewitt.com
[2010.08.22 15:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zrwj42uj.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
[2010.04.23 11:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.04.23 11:28:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.11.02 10:26:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.02 10:26:09 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.11.02 10:26:09 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.11.02 10:26:09 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.11.02 10:26:09 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKU\S-1-5-21-84604129-2742650498-1218847136-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk = C:\Programme\GmoteServer\GmoteServer.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-84604129-2742650498-1218847136-1001\..Trusted Domains: uibk.ac.at ([semiramisas99] https in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6f5e95f6-c336-11df-87f3-00234efd7e90}\Shell - "" = AutoRun
O33 - MountPoints2\{6f5e95f6-c336-11df-87f3-00234efd7e90}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.07 08:53:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.01.07 03:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.01.06 19:36:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.01.06 19:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.01.06 19:34:28 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.01.06 19:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.06 19:33:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.01.06 19:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.06 19:33:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.01.06 19:33:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.01.06 19:28:50 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\anti malware
[2011.01.06 19:20:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Avira
[2011.01.06 09:36:09 | 000,000,000 | ---D | C] -- C:\Users\***\Logitech
[2011.01.06 09:35:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Remote Control Software Common
[2011.01.06 09:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.01.06 09:34:57 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2011.01.05 14:51:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\FreePDF_XP
[2011.01.05 14:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
[2011.01.05 14:50:23 | 000,000,000 | ---D | C] -- C:\Programme\FreePDF_XP
[2011.01.05 14:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF
[2011.01.05 14:49:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2011.01.05 14:49:42 | 000,000,000 | ---D | C] -- C:\Programme\gs
[2011.01.05 14:41:46 | 000,000,000 | R--D | C] -- C:\Users\***\Documents\Scanned Documents
[2011.01.05 14:41:45 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Fax
[2011.01.04 13:03:04 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\greatnet
[2011.01.02 15:16:29 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.12.29 11:14:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Remote Control USB Driver
[2010.12.20 04:04:17 | 000,000,000 | ---D | C] -- C:\StarcraftnBW
[2010.12.20 01:40:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
[2010.12.20 01:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
[2010.12.20 01:38:16 | 000,000,000 | ---D | C] -- C:\Programme\Counter-Strike 1.6
[2010.12.19 22:19:27 | 000,000,000 | ---D | C] -- C:\Atomic_Bomberman_Multiplayer
[2010.12.19 13:42:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\LogMeIn Hamachi
[2010.12.18 17:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010.12.16 12:43:05 | 000,000,000 | ---D | C] -- C:\Poker
[2010.12.16 00:08:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Subversion
[2010.12.16 00:04:03 | 000,000,000 | ---D | C] -- C:\opt
[2010.12.15 00:38:09 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 00:38:09 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 00:38:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 00:38:08 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.15 00:38:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.15 00:37:59 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.15 00:37:56 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.15 00:37:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.15 00:37:56 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.15 00:37:56 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.15 00:37:56 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.15 00:37:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.15 00:37:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.15 00:37:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.15 00:37:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.15 00:37:56 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.15 00:37:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.15 00:37:45 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 00:37:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 00:37:44 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 00:37:42 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.14 12:01:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\HTC
[2010.12.13 00:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2010.12.13 00:30:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Downloaded Installations
[2010.12.13 00:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2010.12.13 00:30:07 | 000,000,000 | ---D | C] -- C:\Programme\Spirent Communications
[2010.12.13 00:29:53 | 000,000,000 | ---D | C] -- C:\Programme\HTC
[2010.12.13 00:29:25 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.12.12 20:23:31 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.12.12 20:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.07 09:04:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-84604129-2742650498-1218847136-1001UA.job
[2011.01.07 08:54:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.01.07 08:49:38 | 000,016,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.07 08:49:38 | 000,016,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.07 08:42:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.07 08:42:04 | 2408,087,552 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.07 08:39:59 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2011.01.06 19:33:40 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.06 15:15:13 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-84604129-2742650498-1218847136-1001Core.job
[2011.01.06 14:24:38 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.06 14:24:38 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.06 14:24:38 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.06 14:24:38 | 000,004,284 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.06 09:36:05 | 000,002,303 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
[2011.01.05 22:56:22 | 000,259,520 | ---- | M] () -- C:\Users\***\Desktop\pax_236.pdf
[2011.01.05 22:55:20 | 000,234,014 | ---- | M] () -- C:\Users\***\Desktop\pax_cheap.pdf
[2011.01.05 14:54:28 | 000,884,665 | ---- | M] () -- C:\Users\***\Desktop\Netcologne-portierung.pdf
[2011.01.05 14:45:27 | 001,693,476 | ---- | M] () -- C:\Users\***\Desktop\netcologne.png
[2011.01.03 10:27:48 | 000,000,600 | ---- | M] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2011.01.03 08:59:16 | 001,511,951 | ---- | M] () -- C:\Users\***\Desktop\KVB_Abos.pdf
[2010.12.29 18:45:59 | 000,000,000 | ---- | M] () -- C:\Users\***\Desktop\RX-V567_Manual_German.pdf
[2010.12.23 10:59:14 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.20 01:40:10 | 000,001,030 | ---- | M] () -- C:\Users\***\Desktop\Counter-Strike 1.6.lnk
[2010.12.18 17:42:48 | 000,202,845 | ---- | M] () -- C:\Windows\hpwins20.dat.temp
[2010.12.18 17:42:48 | 000,000,000 | ---- | M] () -- C:\Windows\hpwins20.dat
[2010.12.18 17:33:40 | 000,516,298 | ---- | M] () -- C:\Users\***\Desktop\inkjet14.chm
[2010.12.16 12:43:09 | 000,000,772 | ---- | M] () -- C:\Users\***\Desktop\William Hill Poker.lnk
[2010.12.15 09:50:57 | 000,410,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.13 00:31:47 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2010.12.13 00:31:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010.12.12 23:37:23 | 000,074,869 | ---- | M] () -- C:\Users\***\Desktop\netcologne_programmbelegung_12-12-2010.pdf
 
========== Files Created - No Company Name ==========
 
[2011.01.07 08:39:59 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2011.01.06 19:33:40 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.06 09:36:05 | 000,002,303 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
[2011.01.05 22:56:15 | 000,259,520 | ---- | C] () -- C:\Users\***\Desktop\pax_236.pdf
[2011.01.05 22:55:13 | 000,234,014 | ---- | C] () -- C:\Users\***\Desktop\pax_cheap.pdf
[2011.01.05 14:52:02 | 000,884,665 | ---- | C] () -- C:\Users\***\Desktop\Netcologne-portierung.pdf
[2011.01.05 14:50:24 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.01.05 14:50:24 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.01.05 14:44:57 | 001,693,476 | ---- | C] () -- C:\Users\***\Desktop\netcologne.png
[2011.01.03 08:59:16 | 001,511,951 | ---- | C] () -- C:\Users\***\Desktop\KVB_Abos.pdf
[2010.12.29 18:45:56 | 000,000,000 | ---- | C] () -- C:\Users\***\Desktop\RX-V567_Manual_German.pdf
[2010.12.20 01:40:10 | 000,001,030 | ---- | C] () -- C:\Users\***\Desktop\Counter-Strike 1.6.lnk
[2010.12.18 17:42:46 | 000,202,845 | ---- | C] () -- C:\Windows\hpwins20.dat.temp
[2010.12.18 17:42:46 | 000,002,428 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp
[2010.12.18 17:33:46 | 000,516,298 | ---- | C] () -- C:\Users\***\Desktop\inkjet14.chm
[2010.12.18 17:25:35 | 000,000,813 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.12.18 17:25:35 | 000,000,000 | ---- | C] () -- C:\Windows\hpwins20.dat
[2010.12.16 12:43:09 | 000,000,772 | ---- | C] () -- C:\Users\***\Desktop\William Hill Poker.lnk
[2010.12.13 00:31:47 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2010.12.13 00:31:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010.12.12 23:37:23 | 000,074,869 | ---- | C] () -- C:\Users\***\Desktop\netcologne_programmbelegung_12-12-2010.pdf
[2010.10.20 10:58:18 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2010.10.18 15:06:37 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll
[2010.10.18 15:06:37 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll
[2010.10.18 15:06:37 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll
[2010.10.18 15:06:37 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll
[2010.08.22 14:55:32 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010.04.29 14:39:30 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2010.04.28 10:02:43 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.03.31 09:54:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 01:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2009.07.14 01:13:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NlsData001d.dll
[2009.07.14 01:12:23 | 000,142,848 | ---- | C] () -- C:\Windows\System32\itss.dll
[2009.07.14 01:12:21 | 000,221,184 | ---- | C] () -- C:\Windows\System32\apircl.dll
[2009.07.14 01:03:06 | 000,038,400 | ---- | C] () -- C:\Windows\System32\dmloader.dll
[2009.07.14 01:02:28 | 000,130,560 | ---- | C] () -- C:\Windows\System32\aaclient.dll
[2009.07.14 00:52:55 | 000,334,336 | ---- | C] () -- C:\Windows\System32\authfwcfg.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:45:16 | 000,131,072 | ---- | C] () -- C:\Windows\System32\AuxiliaryDisplayClassInstaller.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 00:41:10 | 000,101,376 | ---- | C] () -- C:\Windows\System32\batt.dll
[2009.07.14 00:37:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\adprovider.dll
[2009.07.14 00:36:51 | 000,050,688 | ---- | C] () -- C:\Windows\System32\appidapi.dll
[2009.07.14 00:34:07 | 000,123,392 | ---- | C] () -- C:\Windows\System32\auditcse.dll
[2009.07.14 00:34:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\AuditNativeSnapIn.dll
[2009.07.14 00:31:17 | 000,337,408 | ---- | C] () -- C:\Windows\System32\msihnd.dll
[2009.07.14 00:31:05 | 002,151,936 | ---- | C] () -- C:\Windows\System32\mmcndmgr.dll
[2009.07.14 00:29:32 | 000,304,128 | ---- | C] () -- C:\Windows\System32\mmcbase.dll
[2009.07.14 00:29:25 | 000,128,512 | ---- | C] () -- C:\Windows\System32\mmcshext.dll
[2009.07.14 00:28:34 | 000,828,928 | ---- | C] () -- C:\Windows\System32\d2d1.dll
[2009.07.14 00:26:00 | 001,069,568 | ---- | C] () -- C:\Windows\System32\DWrite.dll
[2009.07.14 00:22:19 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ActionQueue.dll
[2009.07.14 00:20:29 | 000,087,040 | ---- | C] () -- C:\Windows\System32\pcaui.dll
[2009.07.14 00:20:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcadm.dll
[2009.07.14 00:20:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pcaevts.dll
[2009.07.14 00:16:25 | 000,042,496 | ---- | C] () -- C:\Windows\System32\dmocx.dll
[2009.03.18 00:09:41 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
 
========== LOP Check ==========
 
[2010.11.01 18:12:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\conkeror.mozdev.org
[2010.12.16 21:19:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HTC
[2010.10.10 23:01:45 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\IrfanView
[2010.11.01 18:12:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\lingDIALOG
[2010.09.18 16:42:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Notepad++
[2010.09.18 16:50:00 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\WorldViz
[2010.10.20 10:47:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.gephi07beta
[2011.01.07 08:29:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Afdo
[2010.04.28 10:07:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2011.01.07 08:50:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2010.05.27 14:31:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GHISLER
[2011.01.06 22:33:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Goubu
[2010.12.14 12:02:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HTC
[2010.09.19 12:41:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView
[2010.04.03 20:21:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2010.12.16 00:08:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Subversion
[2010.04.03 13:20:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Trillian
[2010.03.31 12:10:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.09.18 16:41:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WorldViz
[2009.07.14 05:53:46 | 000,024,064 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 168 bytes -> C:\Users\***\Desktop\netcologne.png:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:455E5D07

< End of report >
und die Extras.txt:
Code:
ATTFilter
OTL Extras logfile created on: 07.01.2011 09:01:57 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Users\****\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 208,50 Gb Total Space | 75,27 Gb Free Space | 36,10% Space Free | Partition Type: NTFS
Drive D: | 1,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: *** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE ()
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE ()
 
[HKEY_USERS\S-1-5-21-84604129-2742650498-1218847136-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 ()
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 ()
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 ()
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" ()
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0474CEF2-37AE-441D-8FDE-A1EF7EAD01B9}" = Cisco AnyConnect VPN Client
"{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32A9C5B3-D166-4C6D-A11E-A54473151000}" = Java 3D 1.5.1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51722911-C391-4118-97BF-B50100D2AB15}_is1" = Gephi 0.7
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{74656168-CF28-40BD-9D87-700B07BAF9B6}" = HTC Sync
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{DBF53E9B-0361-40BC-88F7-FCF8939413E0}" = TouchChip USB Driver 2.19
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EFA27A6C-DF46-568B-4BB1-1DBD064F67A8}" = TweetDeck
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Counter-Strike 1.6" = Counter-Strike 1.6
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)  
"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"Grammatiktrainer 4.0 Spanisch" = Langenscheidt Grammatiktrainer 4.0 Spanisch
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{071B843C-9A39-40B3-BB01-BBD6A8D2E1C5}" = lingDIALOG
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Notepad++" = Notepad++
"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.0
"PuTTY_is1" = PuTTY version 0.60
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"StarCraft II" = StarCraft II
"SynTPDeinstKey" = Dell Touchpad
"Totalcmd" = Total Commander (Remove or Repair)
"Trillian" = Trillian
"TVWiz" = Intel(R) TV Wizard
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Vizard 3.0" = Vizard 3.0
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-84604129-2742650498-1218847136-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"William Hill Poker" = William Hill Poker
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.01.2011 04:34:24 | Computer Name = *** | Source = VSS | ID = 8194
Description = 
 
Error - 06.01.2011 04:34:25 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddCoreCsiFiles : GetNextFileMapContent() failed.  System
 Error: Falscher Parameter.  .
 
Error - 06.01.2011 04:34:46 | Computer Name = *** | Source = VSS | ID = 8194
Description = 
 
Error - 06.01.2011 04:34:47 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddCoreCsiFiles : GetNextFileMapContent() failed.  System
 Error: Falscher Parameter.  .
 
Error - 06.01.2011 17:33:18 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 06.01.2011 17:33:19 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 06.01.2011 22:00:53 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddCoreCsiFiles : GetNextFileMapContent() failed.  System
 Error: Falscher Parameter.  .
 
Error - 06.01.2011 22:00:54 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddCoreCsiFiles : GetNextFileMapContent() failed.  System
 Error: Falscher Parameter.  .
 
Error - 07.01.2011 03:42:28 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 07.01.2011 03:42:28 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <h**p://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ Cisco AnyConnect VPN Client Events ]
Error - 07.01.2011 03:52:03 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1175 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 07.01.2011 03:52:03 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
 1020 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
 (0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
 not contact target 
 
Error - 07.01.2011 03:52:03 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 856 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28901363 (0xFE47000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 07.01.2011 03:52:03 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
 190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901363 (0xFE47000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 7566 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4116
Invoked
 Function: CMainThread::applyHostConfigForNoVpn Return Code: -33095647 (0xFE070021)
Description:
 ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2460 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 07.01.2011 03:55:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2188 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
[ System Events ]
Error - 06.01.2011 14:42:28 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 06.01.2011 18:00:22 | Computer Name = *** | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
Error - 07.01.2011 03:42:30 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   ycpcqw
 
 
< End of report >
Schonmal vielen Dank für die Hilfe, das Forum ist wirklich klasse!

 

Themen zu 40 TANs Eingabe beim Online Banking
.dll, 40 tans, 7-zip, adobe, alternate, autorun, avgntflt.sys, avira, bho, bonjour, conhost.exe, corp./icp, defender, dropbox, error, excel.exe, explorer, extras.txt, fehler, firefox, firefox.exe, flash player, fontcache, format, google, google chrome, helper, install.exe, javaupdate, langs, location, log datei, logfile, microsoft office word, mozilla, notepad.exe, nvstor.sys, oldtimer, online banking, otl.exe, otl.txt, plug-in, problem, programdata, registry, remote control, remote software, rundll, saver, sched.exe, searchplugins, security, security update, senden, shell32.dll, software, sptd.sys, start menu, taskhost.exe, total commander, trojan.zbotr.gen, trojaner, user agent, vlc media player, webcheck, windows


« Windows Security Alert | EasyScan - Malwarebytes findet nichts - was mach' ich falsch? »


Ähnliche Themen: 40 TANs Eingabe beim Online Banking


  1. Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe
    Log-Analyse und Auswertung - 30.01.2014 (5)
  2. Online-Banking Trojaner - Aufforderung zur TAN-Eingabe
    Log-Analyse und Auswertung - 01.07.2013 (19)
  3. Trojaner beim Online-Banking
    Log-Analyse und Auswertung - 15.06.2013 (17)
  4. Trojaner TR/Bublik.I.11 fordert beim Online-Banking TANs an
    Log-Analyse und Auswertung - 24.05.2013 (23)
  5. Online Banking - TAN Abfrage beim Banking - Trojaner?
    Log-Analyse und Auswertung - 12.08.2011 (3)
  6. 1. Java lädt Viren runter, 2. Online Banking TANs gesperrt
    Log-Analyse und Auswertung - 21.07.2011 (3)
  7. Online Banking Sparkasse- mehrere Tans eingeben
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (14)
  8. Eingabe von 40 TAN bei online-banking, Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 13.02.2011 (23)
  9. Postbank Online-Banking: Aufforderung zur Eingabe von 40 TANs
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (3)
  10. Online-Banking (Sparkasse) verlangt nach Login Eingabe von mehreren TAN
    Plagegeister aller Art und deren Bekämpfung - 22.10.2010 (1)
  11. Trojaner - Fishing der TANs beim Online Banking der Postbank
    Plagegeister aller Art und deren Bekämpfung - 18.10.2010 (17)
  12. Aufforderung zur Eingabe von 40 TAN's bei Postbank Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 13.09.2010 (17)
  13. BDS/Papras.PK in Windows\system21\jvienify.dll, 30 Tans bei Postbank online-Banking
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (1)
  14. Trojaner: Online Banking Sparkasse - 50 Tans eingeben
    Plagegeister aller Art und deren Bekämpfung - 26.08.2010 (10)
  15. Trojaner beim Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 19.08.2010 (38)
  16. Trojaner möchte 40 Tans zum Sparkassen Online Banking
    Plagegeister aller Art und deren Bekämpfung - 03.08.2010 (16)
  17. Aufforderung 10 TANs einzugeben auf Online-Banking Sparkasse - Problem auf meinem PC?
    Log-Analyse und Auswertung - 24.10.2008 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 40 TANs Eingabe beim Online Banking - Hallo zusammen, ich habe das gleiche Problem, dass auch in folgendem Thread aufgetreten ist: http://www.trojaner-board.de/88974-t...e-banking.html Bedeutet, ich soll nach dem Login 40 TANs eingeben. Jetzt zu meinem Rechner: - Windows - 40 TANs Eingabe beim Online Banking...
Archiv
Du betrachtest: 40 TANs Eingabe beim Online Banking auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55