Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte

Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte


Log-Analyse und Auswertung: Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.04.2013, 12:16   #1
westerm
 
Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte - Standard

Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte


Hallo,

von meinem (eigentlich gelöschten) Hotmail-Account werden Spam Mails an meine Kontakte versendet (Betreff ist leer, Mail enthält nur einen Link). Würde mich freuen wenn ihr mich bei der Suche nach der Ursache unterstützt.

Hier der Header der Spam-Mail:
Code:
ATTFilter
Return-Path: dummy***0@hotmail.de 

Received: from bay0-omc2-s1.bay0.hotmail.com ([65.54.190.76]) by mx-ha.gmx.net (mxgmx105) with ESMTP (Nemesis) id 0M3dPh-1Ulloi47BR-00rDTl for <dummy***1@gmx.de>; Mon, 22 Apr 2013 13:27:10 +0200
 
Received: from BAY002-M81 ([65.54.190.125]) by bay0-omc2-s1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 22 Apr 2013 04:27:08 -0700
 
X-EIP: [Eh1Ve7NqIsXUlE3V934ZL8LY0FKcgoJQ] 

X-Originating-Email: [dummy***0@hotmail.de] 

Message-ID: <BAY002-M811225F3B2379E91F87B4BDFCB0@phx.gbl> 

Content-Type: multipart/alternative; boundary=_00916399-9806-41fe-876e-9ba278eb9ae6_
 
From: dummy***0@hotmail.de 

To: ***
 
Subject: 

Date: Mon, 22 Apr 2013 13:27:08 +0200 

Importance: Normal 

MIME-Version: 1.0 

X-OriginalArrivalTime: 22 Apr 2013 11:27:08.0625 (UTC) FILETIME=[53332C10:01CE3F4C]
 
Envelope-To: <dummy***1@gmx.de> 

X-GMX-Antispam: 6 (nemesis text pattern profiler); Detail=V3; 

X-GMX-Antivirus: 0 (no virus found)

Hier die Log-Files der initialen Scans:
OTL.txt
Code:
ATTFilter
OTL logfile created on: 26.04.2013 11:22:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sylvi\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,31% Memory free
6,21 Gb Paging File | 4,77 Gb Available in Paging File | 76,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 82,97 Gb Free Space | 57,59% Space Free | Partition Type: NTFS
Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-LAPTOP | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Programme\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxcjcoms.exe ( )
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Nokia\Nokia Suite\phonon4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtXml4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtWebKit4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtSql4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtScript4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtOpenGL4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtGui4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtNetwork4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtDeclarative4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\QtCore4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qico4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qgif4.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\NService.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\ssoengine.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\securestorage.dll ()
MOD - C:\Programme\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
MOD - C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MOD - C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll ()
MOD - C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll ()
MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ()
MOD - C:\Programme\Lexmark 8300 Series\lxcjdrec.dll ()
MOD - C:\Programme\Lexmark 8300 Series\iptk.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Samsung Update Plus) -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcj_device) -- C:\Windows\System32\lxcjcoms.exe ( )
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VMC302) -- System32\Drivers\VMC302.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (VMC326) -- C:\Windows\System32\drivers\VMC326.sys (Vimicro Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {9CE5FB8D-55DC-4925-BA38-97B53075E33A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{42B8115D-820C-4B25-A82A-D8BD1532396D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=800e40be-98ba-4b07-99dc-f66361ff394e&apn_sauid=3108C686-0A1E-4796-BFAE-483F77516E0F
IE - HKCU\..\SearchScopes\{9CE5FB8D-55DC-4925-BA38-97B53075E33A}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.01.08 19:59:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011.06.11 18:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.06.11 18:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LXCJCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcjmon.exe] C:\Program Files\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52F78981-3328-4EF4-8B22-47FFE3EDFE2B}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sylvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sylvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a961b98f-9890-11de-ada0-001377f2336b}\Shell\AutoRun\command - "" = F:\Menu.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\InstallNavi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.04 19:00:00 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.26 11:13:46 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.26 11:13:46 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.26 11:12:06 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.26 11:12:06 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.26 11:12:06 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.26 11:12:06 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.26 11:10:59 | 000,145,713 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.04.26 11:10:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.26 09:48:38 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.16 19:24:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.08 13:54:52 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll
[2011.05.08 13:51:43 | 000,483,328 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.05.08 13:49:53 | 000,026,624 | ---- | C] () -- C:\Windows\System32\spd__l3.dll
[2011.05.08 13:49:51 | 000,339,968 | ---- | C] () -- C:\Windows\System32\DscPnt1.dll
[2011.05.08 13:49:51 | 000,233,472 | ---- | C] () -- C:\Windows\System32\DscPnt0.dll
[2011.05.08 13:49:51 | 000,229,376 | ---- | C] () -- C:\Windows\System32\DscPnt.dll
[2010.01.02 11:18:46 | 000,007,168 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.16 02:22:18 | 000,145,713 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.03.16 02:22:11 | 000,145,713 | ---- | C] () -- C:\ProgramData\nvModes.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 26.04.2013 11:22:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,31% Memory free
6,21 Gb Paging File | 4,77 Gb Available in Paging File | 76,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 82,97 Gb Free Space | 57,59% Space Free | Partition Type: NTFS
Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
 
Computer Name: ***-LAPTOP | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-331587386-2610647910-3138478596-1003]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F54C23-0D9D-4BC0-8B7F-FCA560C405A1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1B2497C2-9244-4CE8-A7C7-51FE7E92B2A5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{35FF2FE6-3A5C-47AA-9A64-2A909085B362}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{4A2B3146-08CE-40B8-BDF4-85836A8148BB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5053E717-6EBF-4A12-B98A-0AB7AEAEB59A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{50C73B9D-C87F-49A7-8C66-51513B24B85A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{53CA2DE1-2EED-48F1-851F-E0402AE3D608}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | 
"{5AB6E35A-B403-4BA9-8C8F-CDAEBFFD21B5}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{5E182C44-84CC-4D3C-BF28-EE7C73C7B247}" = lport=139 | protocol=6 | dir=in | app=system | 
"{663AC32B-516A-418A-B91D-030082CDB9ED}" = rport=137 | protocol=17 | dir=out | app=system | 
"{68121BFD-7B52-43F1-B027-08CB466590EA}" = lport=138 | protocol=17 | dir=in | app=system | 
"{696CF346-7160-48D2-887E-77509FD20CC2}" = lport=1701 | protocol=17 | dir=in | app=system | 
"{6E08B818-19DB-4788-A55A-4166023DA869}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | 
"{711EFCDD-5798-4CBF-805E-1348617AC339}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | 
"{7602E6F3-3FA1-4A49-95F0-B7356C6FE12A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{765B43BB-3454-4545-A177-D8131450FD1E}" = rport=1723 | protocol=6 | dir=out | app=system | 
"{77F9C8D6-8731-4178-9F50-1D16ABF5BAA1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7804D55B-3E5A-4AFF-9011-6C28CCC144A2}" = lport=443 | protocol=6 | dir=in | app=system | 
"{7A54809C-C236-4C60-BD8F-456EBB252CAF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | 
"{7F751F53-15C3-4651-BE84-B56EC28A0D40}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A813F6C9-C1DD-43D1-8E07-9261B2303440}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | 
"{A8850717-4E47-4132-BA21-6210BE815250}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{AB8A0AF9-A2F0-45A1-918D-876154EE2847}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{BDEB2330-DE96-4E51-B0C7-69794F1C8AE9}" = rport=1701 | protocol=17 | dir=out | app=system | 
"{DD71F75F-2F5E-4E68-A599-451D0625E117}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{E5D415F8-2CD3-468C-B1B4-6536D7DE7E1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{EC19A95D-C3AF-49CB-9FBF-EFC00A0DAD56}" = lport=1723 | protocol=6 | dir=in | app=system | 
"{F09ACBD6-A8A7-4FE8-881F-F24D647B4812}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F5C925CD-AA26-41A9-A77B-7808701F05F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F734CC29-D501-42D5-8505-C82035F01FBA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F760D1E4-0B50-4E51-B7A6-EB686E3976EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F7B36F81-2FF4-479D-BD74-62762FA093AF}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe | 
"{FF2983FB-5B5B-45C8-A212-20733FBA363C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1875C557-E160-4582-8BCB-D581EC7FC011}" = protocol=6 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | 
"{39C3A882-2EDD-4D76-9299-C7CAA9486F02}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3BFB8E91-B6C6-4875-931E-BEFD24B22E93}" = protocol=17 | dir=in | app=c:\windows\system32\lxcjcoms.exe | 
"{3E740CEA-7484-441D-A42B-E8D40E8BF3DA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{60A5DA3A-79C4-47E4-B7DF-67654BC4581E}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | 
"{6B76AC50-6CFF-41D1-B598-C0831F9F0CBF}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{7B942282-C231-4B4E-B8FC-FF173651B04E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{82F4D083-D7EE-4B48-BB56-10AF43B79669}" = protocol=17 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | 
"{8841B10D-6865-4EF9-BB36-CC2FF031ABB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{92892DD7-429B-4ED1-B60F-F0179729E46D}" = protocol=6 | dir=out | app=system | 
"{957CE3C8-960C-439B-A702-673FAA00B4BE}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{AA69C5CF-12F5-42EC-B2C5-08A89854E447}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | 
"{AD57DC4D-359C-4E54-8D0D-29317AD3C4CF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcjpswx.exe | 
"{B3B6485B-2510-4D0B-9C2B-403E2B19075E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcjpswx.exe | 
"{B48A66D2-FC0B-4F1B-A130-227C8B9BD017}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BA7A9EDA-9D0E-4FFC-A9E8-2FE4DA8AFBA5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BF3F31B0-F1B1-43CF-845F-937F01849CD3}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{C12D34D6-4DD0-4227-B089-86CDC0EDFABC}" = protocol=17 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | 
"{C64658BF-020A-4291-98F3-F09531E2A0B2}" = protocol=6 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | 
"{D872E124-E477-4C05-A62A-F76462D21B90}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{DA7DD00D-18C6-4240-807B-D844DB8BA9C1}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{E15BABEA-16FD-4591-BF86-C3D4C55FB693}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | 
"{EFAE9A45-D4EF-4320-9539-E01CD8B5A6D5}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{F2C91E37-56A1-4CF9-9FDC-16A57917ECF1}" = protocol=6 | dir=in | app=c:\windows\system32\lxcjcoms.exe | 
"{F8428E31-51B5-4738-A2CA-EC2E9248B9FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"TCP Query User{1E147243-FFAC-4228-A9BB-B805B9629497}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
"UDP Query User{731F9092-6DE3-4BA6-87B9-53EDE2BD0842}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel(R) PROSet/Wireless WiFi-Software
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"Business Contact Manager für Outlook 2007" = Business Contact Manager für Outlook 2007
"dm-Fotowelt" = dm-Fotowelt
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WP-4535 Series" = EPSON WP-4535 Series Printer Uninstall
"EPSON WP-4535 Series Netg" = Netzwerkhandbuch EPSON WP-4535 Series
"EPSON WP-4535 Series Useg" = Benutzerhandbuch EPSON WP-4535 Series
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera
"Lexmark 8300 Series" = Lexmark 8300 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de)
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2013 13:24:43 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17826
Description = Aufgrund eines internen Fehlers in einer Netzwerkbibliothek konnte
 die Netzwerkbibliothek nicht gestartet werden. Überprüfen Sie zum Bestimmen der
 Ursache die diesem Fehler unmittelbar vorhergehenden Fehler im Fehlerprotokoll.
 
Error - 17.01.2013 13:24:43 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17120
Description = SQL Server konnte den Thread FRunCM nicht erzeugen. Suchen Sie im 
SQL Server-Fehlerprotokoll und in den Windows-Ereignisprotokollen nach Informationen
 zu möglichen verwandten Problemen.
 
Error - 17.01.2013 13:25:39 | Computer Name = ***-Laptop | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 4.
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 26015
Description = Das vom Benutzer angegebene Zertifikat kann nicht geladen werden. 
Da die Verbindungsverschlüsselung erforderlich ist, wird vom Server keine Verbindung
 akzeptiert. Überprüfen Sie, ob das Zertifikat richtig installiert ist. Lesen Sie
 'Konfigurieren eines Zertifikats zur Verwendung durch SSL' in der Onlinedokumentation.
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17182
Description = Fehler bei der TDSSNIClient-Initialisierung. Fehler 0x80092004, Statuscode
 0x80.
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17182
Description = Fehler bei der TDSSNIClient-Initialisierung. Fehler 0x80092004, Statuscode
 0x1.
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17826
Description = Aufgrund eines internen Fehlers in einer Netzwerkbibliothek konnte
 die Netzwerkbibliothek nicht gestartet werden. Überprüfen Sie zum Bestimmen der
 Ursache die diesem Fehler unmittelbar vorhergehenden Fehler im Fehlerprotokoll.
 
Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17120
Description = SQL Server konnte den Thread FRunCM nicht erzeugen. Suchen Sie im 
SQL Server-Fehlerprotokoll und in den Windows-Ereignisprotokollen nach Informationen
 zu möglichen verwandten Problemen.
 
Error - 23.01.2013 14:33:24 | Computer Name = ***-Laptop | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 07.01.2010 11:03:27 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.01.2010 15:07:31 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016
Description = 
 
Error - 07.01.2010 15:08:02 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 07.01.2010 15:09:12 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 08.01.2010 12:41:43 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016
Description = 
 
Error - 08.01.2010 12:42:20 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 08.01.2010 12:43:21 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.01.2010 10:42:34 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016
Description = 
 
Error - 09.01.2010 10:43:10 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 09.01.2010 10:44:12 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
Beim GMER Scan ist der PC abgestürzt, daher habe ich ihn jetzt erstmal nicht wiederholt. Einen Malwarebytes QuickScan habe ich ebenfalls durchgeführt der hat allerdings nichts gefunden.

Vielen Dank und beste Grüße...

 

Themen zu Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte
autorun, avg, avira, avira searchfree toolbar, bho, defender, desktop, error, firefox, flash player, format, gmx.de, home, iexplore.exe, install.exe, logfile, mail.de, microsoft office 2003, nemesis, office 2007, realtek, registry, rundll, security, senden, server, software, spam, svchost.exe, udp, vista, wlan


« Deltasearch, softonic toolbar und PC extrem langsam | Internet Explorer öffnet sich von selbst und spammt Werbung »


Ähnliche Themen: Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte


  1. Hotmail-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (7)
  2. Hotmail Konto verschickt autmoatisch Spam Mails
    Log-Analyse und Auswertung - 27.05.2014 (13)
  3. Hotmail Account gehackt und verschickt automatisch Mails
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (22)
  4. Yahoo Mail Acc verschickt Spam Mails an persönliche Kontakte
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (37)
  5. E-Mail Account bei gmx.de verschickt Mails an alle meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  6. spam-mails von hotmail-account verschickt --> trojaner?
    Plagegeister aller Art und deren Bekämpfung - 09.07.2012 (14)
  7. web.de verschickt eigenständig Spam-mails
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (30)
  8. (2x) Hotmail Emailaccount verschickt "spam" mails an Kontakte
    Mülltonne - 20.05.2012 (1)
  9. Hotmail-Account hat selbständig Spam verschickt (2xmal)
    Log-Analyse und Auswertung - 13.04.2012 (1)
  10. AOL-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (1)
  11. MSN - Hotmail verschickt von alleine Spam Mails
    Plagegeister aller Art und deren Bekämpfung - 28.11.2011 (1)
  12. Hotmail verschickt automatisch Spam mails
    Plagegeister aller Art und deren Bekämpfung - 17.08.2011 (1)
  13. Hotmail verschickt Spam-Mails
    Überwachung, Datenschutz und Spam - 16.08.2011 (1)
  14. MSN Hotmail verschickt Spam an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 07.05.2011 (18)
  15. Hotmail Account verschickt automatisch Spam Mails!
    Plagegeister aller Art und deren Bekämpfung - 14.02.2011 (7)
  16. Computer versendet automatisch mit Hotmail an alle Kontakte Spam-Mails
    Log-Analyse und Auswertung - 08.02.2011 (13)
  17. MSN e-mail konto verschickt eigenständig spam mails an kontakte.. WORM/kido.XI gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte - Hallo, von meinem (eigentlich gelöschten) Hotmail-Account werden Spam Mails an meine Kontakte versendet (Betreff ist leer, Mail enthält nur einen Link). Würde mich freuen wenn ihr mich bei der Suche - Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte...
Archiv
Du betrachtest: Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131