Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Emailadresse versendet Spammails

Emailadresse versendet Spammails


Log-Analyse und Auswertung: Emailadresse versendet Spammails

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.01.2014, 04:24   #1
Jonissar
 
Emailadresse versendet Spammails - Standard

Emailadresse versendet Spammails


Hallo,

ich habe seit einigen Tagen etwas merkwürdige Aktivitäten bei einer meiner Emailadressen (ist bei Arcor.de) festgestellt. Habe daher vor einigen Tagen schonmal das Passwort geändert, aber grad eben feststellen müssen, dass von meiner Emailadresse Spammails verschickt werden. Sehe dazu zwar nichts im Gesendet Ordner, habe aber mehrere Mailer-Demon-Rückmeldungen das Empfängeradressen unbekannt sind.

Daraufhin hab ich das Passwort nochmal geändert und meinen Virenscanner (avast) durchlaufen lassen, der aber nichts gefunden hat.

Bin eigentlich der Meinung, dass mein Rechner sauber ist, aber kann mir irgendwie nicht erklären, warum nachdem ich mein PW geändert hab, jemand anderes weiterhin Zugriff auf meinen Email Acc haben sollte.

Rufe meine Mails normalerweise mit Thunderbird ab, das sollte ja kein Problem sein, oder?


Hab grade nach eure Anleitung mal die Scans durchlaufen lassen:

defogger:
Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 03:40 on 30/01/2014 (PC2)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-
frst64:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by PC2 (administrator) on PC on 30-01-2014 03:41:21
Running from C:\Users\PC2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\Remote Control\RCService64.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\Remote Control\P7131RemoteAppl.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Soeperman Enterprises Ltd.) E:\downloads\software\hijackthis_199\HijackThis.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [160256 2012-12-29] (IvoSoft)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [P7131Appl] - C:\Program Files (x86)\ASUS\P7131\Remote Control\P7131RemoteAppl.exe [65536 2008-07-31] (ASUSTeK)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-08-12] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-27] (AVAST Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\50900ea5-0bf1-4a62-97e9-c9c8873d2690.exe /check [181136 2014-01-29] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
MountPoints2: {5f154b40-9209-11e2-b26a-902b34a37ffa} - 1
HKU\nachname\...\Run: [ExpressCacheUI] - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCacheApp.exe [3991424 2013-01-08] ()
HKU\nachname\...\Run: [Akamai NetSession Interface] - "C:\Users\PC2\AppData\Local\Akamai\netsession_win.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=de&gu=7a878e1cd26849e38232ca77109adc89&tu=10G9z00AK1B0Ca0&sku=&tstsId=&ver=&
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default
FF user.js: detected! => C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\user.js
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "http", "41.202.206.53"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Users\PC2\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPPDLicenseHelper.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\PC2\AppData\Roaming\mozilla\plugins\NpFp530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Users\PC2\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-17]
FF Extension: Live HTTP Headers - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2014-01-14]
FF Extension: Block LinkBucks - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\dgs229@nyu.edu.xpi [2013-08-04]
FF Extension: Ghostery - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\firefox@ghostery.com.xpi [2013-08-16]
FF Extension: sabnzbdfox - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\sabnzbd-fox@techno-barje.fr.xpi [2013-10-26]
FF Extension: NoScript - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-03-18]
FF Extension: Adblock Plus - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-18]
FF Extension: DownThemAll! - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-18]
FF Extension: User Agent Switcher - C:\Users\PC2\AppData\Roaming\Mozilla\Firefox\Profiles\lbzmnn0f.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-08]

==================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-27] (AVAST Software)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 RCSERVICE; C:\Program Files (x86)\ASUS\Remote Control\RCService64.exe [61440 2008-07-30] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-08-12] (Check Point Software Technologies LTD)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [3110656 2007-01-25] (ASUSTeK Computer Inc.)
S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2013-07-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-27] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-08] ()
S3 DSDrv4; C:\Program Files (x86)\DScaler\DSDrv4.sys [8801 2005-12-18] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-03-22] (DT Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2013-08-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2013-08-03] (Kaspersky Lab)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2014-01-13] (Nicomsoft Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [451096 2013-06-13] (Check Point Software Technologies LTD)
S3 ALSysIO; \??\C:\Users\PC2\AppData\Local\Temp\ALSysIO64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2013-08-03] (Kaspersky Lab)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-30 03:41 - 2014-01-30 03:41 - 00016538 _____ C:\Users\PC2\Desktop\FRST.txt
2014-01-30 03:40 - 2014-01-30 03:40 - 00000468 _____ C:\Users\PC2\Desktop\defogger_disable.log
2014-01-30 03:40 - 2014-01-30 03:40 - 00000000 _____ C:\Users\PC2\defogger_reenable
2014-01-30 03:39 - 2014-01-30 03:39 - 00050477 _____ C:\Users\PC2\Desktop\Defogger.exe
2014-01-30 03:38 - 2014-01-30 03:38 - 00000527 _____ C:\Users\PC2\Desktop\Neues Textdokument.txt
2014-01-30 03:34 - 2014-01-30 03:41 - 00000000 ____D C:\FRST
2014-01-30 03:33 - 2014-01-30 03:33 - 02079744 _____ (Farbar) C:\Users\PC2\Desktop\FRST64.exe
2014-01-30 03:08 - 2014-01-30 03:08 - 00000000 ___SH C:\DkHyperbootSync
2014-01-28 00:07 - 2014-01-28 20:41 - 00000000 ____D C:\Program Files (x86)\JDownloader
2014-01-28 00:07 - 2014-01-28 00:07 - 00000000 ____D C:\JDownloader
2014-01-25 16:06 - 2014-01-25 16:06 - 00192693 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-25 16_06_43.352909.dmp
2014-01-24 15:43 - 2014-01-24 14:22 - 47601992 _____ C:\JDownloader-0002.zip
2014-01-24 13:43 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-24 13:42 - 2014-01-24 13:42 - 00005298 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-24 13:42 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-24 13:42 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-24 13:42 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-24 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-01-23 18:39 - 2014-01-23 18:39 - 00192693 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-23 18_39_11.788463.dmp
2014-01-21 19:14 - 2014-01-21 19:14 - 00191437 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-21 19_14_10.382129.dmp
2014-01-15 09:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 09:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 09:26 - 2013-11-26 12:34 - 01897408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-15 09:26 - 2013-11-26 12:34 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 09:26 - 2013-11-26 12:34 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-01-15 09:26 - 2013-11-26 11:22 - 03160064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:50 - 2014-01-14 20:50 - 00187858 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-14 20_50_04.581264.dmp
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\Users\PC2\AppData\Local\CrashRpt
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\ProgramData\RapidSolution
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\Program Files (x86)\Audials
2014-01-14 03:10 - 2014-01-14 03:10 - 00000000 ____D C:\Users\PC2\AppData\Local\RapidSolution
2014-01-14 02:51 - 2014-01-14 02:51 - 00000000 ____D C:\Users\PC2\Documents\Stream Catcher
2014-01-14 02:47 - 2014-01-14 02:47 - 00335288 _____ (Protect Software GmbH) C:\Windows\system32\Drivers\acedrv11.sys
2014-01-14 02:47 - 2014-01-14 02:47 - 00000000 ____D C:\Program Files (x86)\ProtectDisc
2014-01-14 02:47 - 2014-01-14 02:47 - 00000000 ____D C:\Program Files (x86)\DATA BECKER
2014-01-13 22:20 - 2014-01-13 22:20 - 00000000 ____D C:\Users\PC2\AppData\Local\NVIDIA Corporation
2014-01-13 22:19 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-13 22:19 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-13 22:18 - 2014-01-13 22:20 - 00000000 ____D C:\Users\PC2\AppData\Local\NVIDIA
2014-01-13 22:18 - 2014-01-13 22:18 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-13 22:14 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-13 22:14 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-13 22:14 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-13 22:14 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-13 22:14 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-13 22:14 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-13 22:14 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-13 22:14 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-13 22:12 - 2014-01-13 22:12 - 00000000 ____D C:\NVIDIA
2014-01-13 20:11 - 2014-01-13 20:11 - 00187669 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-13 20_11_48.248003.dmp
2014-01-13 18:05 - 2014-01-13 18:06 - 00000000 ____D C:\Program Files (x86)\SMPlayer
2014-01-13 17:08 - 2014-01-13 17:08 - 00020784 _____ (Nicomsoft Ltd.) C:\Windows\system32\Drivers\mi2c.sys
2014-01-13 17:07 - 2014-01-13 17:09 - 00000000 ____D C:\Program Files (x86)\i-Menu
2014-01-09 19:57 - 2014-01-09 19:57 - 00201246 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-09 19_57_31.714527.dmp
2014-01-09 19:57 - 2014-01-09 19:57 - 00186685 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-09 19_57_30.073433.dmp
2014-01-08 16:32 - 2014-01-08 16:38 - 00000000 ____D C:\Users\PC2\Documents\BattleWorldsKronos
2014-01-08 16:31 - 2014-01-08 16:35 - 00000000 ____D C:\Users\PC2\AppData\Local\BattleWorldsKronos
2014-01-08 16:26 - 2014-01-20 12:14 - 00000000 ____D C:\Users\PC2\AppData\Local\cache
2014-01-08 16:19 - 2014-01-08 16:19 - 00000561 _____ C:\Users\PC2\Desktop\Battle Worlds Kronos.lnk
2014-01-08 09:29 - 2014-01-27 05:50 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-08 09:29 - 2014-01-08 09:29 - 00000000 ____D C:\Users\PC2\AppData\Roaming\AVAST Software
2014-01-08 09:28 - 2014-01-27 05:50 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-08 09:28 - 2014-01-27 05:50 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-08 09:28 - 2014-01-27 05:50 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-08 09:28 - 2014-01-27 05:50 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-08 09:28 - 2014-01-27 05:50 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-08 09:28 - 2014-01-27 05:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-08 09:28 - 2014-01-08 09:28 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-08 09:00 - 2014-01-08 08:59 - 00000675 _____ C:\Users\PC2\Desktop\Path Of Exile.lnk
2014-01-08 08:59 - 2014-01-30 02:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 08:59 - 2014-01-08 08:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== One Month Modified Files and Folders =======

2014-01-30 03:41 - 2014-01-30 03:41 - 00016538 _____ C:\Users\PC2\Desktop\FRST.txt
2014-01-30 03:41 - 2014-01-30 03:34 - 00000000 ____D C:\FRST
2014-01-30 03:41 - 2013-03-18 01:48 - 00000000 ___RD C:\Users\PC2\Desktop\Programme
2014-01-30 03:40 - 2014-01-30 03:40 - 00000468 _____ C:\Users\PC2\Desktop\defogger_disable.log
2014-01-30 03:40 - 2014-01-30 03:40 - 00000000 _____ C:\Users\PC2\defogger_reenable
2014-01-30 03:40 - 2013-03-18 01:18 - 00000000 ____D C:\Users\PC2
2014-01-30 03:39 - 2014-01-30 03:39 - 00050477 _____ C:\Users\PC2\Desktop\Defogger.exe
2014-01-30 03:38 - 2014-01-30 03:38 - 00000527 _____ C:\Users\PC2\Desktop\Neues Textdokument.txt
2014-01-30 03:33 - 2014-01-30 03:33 - 02079744 _____ (Farbar) C:\Users\PC2\Desktop\FRST64.exe
2014-01-30 03:08 - 2014-01-30 03:08 - 00000000 ___SH C:\DkHyperbootSync
2014-01-30 03:00 - 2013-02-19 23:25 - 02083637 _____ C:\Windows\WindowsUpdate.log
2014-01-30 02:59 - 2014-01-08 08:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-30 00:07 - 2013-03-18 02:15 - 00000000 ____D C:\Users\PC2\AppData\Roaming\TS3Client
2014-01-29 18:10 - 2013-03-18 19:05 - 00000000 ____D C:\Users\PC2\.smplayer
2014-01-29 13:02 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-29 13:02 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-29 12:55 - 2013-09-23 00:47 - 00013852 _____ C:\Windows\setupact.log
2014-01-29 12:55 - 2013-02-20 13:40 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-29 12:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 21:56 - 2013-06-19 16:19 - 00000000 ____D C:\Users\PC2\AppData\Roaming\.purple
2014-01-28 20:45 - 2013-03-18 19:04 - 00000000 ____D C:\Users\PC2\AppData\Roaming\vlc
2014-01-28 20:41 - 2014-01-28 00:07 - 00000000 ____D C:\Program Files (x86)\JDownloader
2014-01-28 08:11 - 2013-03-22 00:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-28 00:07 - 2014-01-28 00:07 - 00000000 ____D C:\JDownloader
2014-01-27 13:50 - 2010-11-21 04:47 - 00374738 _____ C:\Windows\PFRO.log
2014-01-27 05:53 - 2011-04-12 08:43 - 00710994 _____ C:\Windows\system32\perfh007.dat
2014-01-27 05:53 - 2011-04-12 08:43 - 00152266 _____ C:\Windows\system32\perfc007.dat
2014-01-27 05:53 - 2009-07-14 06:13 - 01639856 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 05:50 - 2014-01-08 09:29 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-27 05:50 - 2014-01-08 09:28 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-27 05:50 - 2014-01-08 09:28 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-27 05:50 - 2014-01-08 09:28 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-27 05:50 - 2014-01-08 09:28 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-27 05:50 - 2014-01-08 09:28 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-27 05:50 - 2014-01-08 09:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 16:06 - 2014-01-25 16:06 - 00192693 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-25 16_06_43.352909.dmp
2014-01-24 14:22 - 2014-01-24 15:43 - 47601992 _____ C:\JDownloader-0002.zip
2014-01-24 13:43 - 2013-10-29 14:44 - 00000000 ____D C:\ProgramData\Oracle
2014-01-24 13:42 - 2014-01-24 13:42 - 00005298 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-24 13:42 - 2013-10-29 14:44 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-24 13:37 - 2013-04-07 11:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-24 13:34 - 2013-03-19 02:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-23 18:39 - 2014-01-23 18:39 - 00192693 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-23 18_39_11.788463.dmp
2014-01-21 19:14 - 2014-01-21 19:14 - 00191437 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-21 19_14_10.382129.dmp
2014-01-21 14:51 - 2013-04-19 23:27 - 00000000 ____D C:\Users\PC2\AppData\Roaming\Audacity
2014-01-20 12:14 - 2014-01-08 16:26 - 00000000 ____D C:\Users\PC2\AppData\Local\cache
2014-01-20 03:47 - 2013-04-17 00:32 - 00000000 ____D C:\Users\PC2\AppData\Roaming\dvdcss
2014-01-19 19:26 - 2013-10-14 19:24 - 00000000 ____D C:\Users\PC2\AppData\Local\Battle.net
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 09:56 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 07:38 - 2009-07-14 05:45 - 00294184 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 01:31 - 2013-08-15 02:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 01:30 - 2013-02-22 19:53 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:50 - 2014-01-14 20:50 - 00187858 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-14 20_50_04.581264.dmp
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\Users\PC2\AppData\Local\CrashRpt
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\ProgramData\RapidSolution
2014-01-14 03:11 - 2014-01-14 03:11 - 00000000 ____D C:\Program Files (x86)\Audials
2014-01-14 03:10 - 2014-01-14 03:10 - 00000000 ____D C:\Users\PC2\AppData\Local\RapidSolution
2014-01-14 03:08 - 2013-09-30 12:52 - 00000000 ____D C:\Users\PC2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-14 02:51 - 2014-01-14 02:51 - 00000000 ____D C:\Users\PC2\Documents\Stream Catcher
2014-01-14 02:47 - 2014-01-14 02:47 - 00335288 _____ (Protect Software GmbH) C:\Windows\system32\Drivers\acedrv11.sys
2014-01-14 02:47 - 2014-01-14 02:47 - 00000000 ____D C:\Program Files (x86)\ProtectDisc
2014-01-14 02:47 - 2014-01-14 02:47 - 00000000 ____D C:\Program Files (x86)\DATA BECKER
2014-01-14 02:47 - 2013-12-13 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-01-14 02:47 - 2013-07-19 19:33 - 00000000 ____D C:\Program Files (x86)\SeaMonkey2
2014-01-14 02:47 - 2013-06-15 00:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 22:20 - 2014-01-13 22:20 - 00000000 ____D C:\Users\PC2\AppData\Local\NVIDIA Corporation
2014-01-13 22:20 - 2014-01-13 22:18 - 00000000 ____D C:\Users\PC2\AppData\Local\NVIDIA
2014-01-13 22:20 - 2013-02-20 13:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-13 22:19 - 2013-02-20 13:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-13 22:19 - 2013-02-20 13:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-13 22:18 - 2014-01-13 22:18 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-13 22:12 - 2014-01-13 22:12 - 00000000 ____D C:\NVIDIA
2014-01-13 20:11 - 2014-01-13 20:11 - 00187669 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-13 20_11_48.248003.dmp
2014-01-13 18:06 - 2014-01-13 18:05 - 00000000 ____D C:\Program Files (x86)\SMPlayer
2014-01-13 18:05 - 2013-03-18 01:48 - 00001007 _____ C:\Users\PC2\Desktop\Smplayer.lnk
2014-01-13 17:09 - 2014-01-13 17:07 - 00000000 ____D C:\Program Files (x86)\i-Menu
2014-01-13 17:08 - 2014-01-13 17:08 - 00020784 _____ (Nicomsoft Ltd.) C:\Windows\system32\Drivers\mi2c.sys
2014-01-10 17:19 - 2013-07-25 16:04 - 00007675 _____ C:\Users\PC2\AppData\Local\Resmon.ResmonCfg
2014-01-09 19:57 - 2014-01-09 19:57 - 00201246 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-09 19_57_31.714527.dmp
2014-01-09 19:57 - 2014-01-09 19:57 - 00186685 _____ C:\Users\PC2\Documents\ts3_clientui-win32-1378715177-2014-01-09 19_57_30.073433.dmp
2014-01-08 21:01 - 2013-10-28 11:01 - 00001198 _____ C:\Users\PC2\Desktop\Atlantica Online.lnk
2014-01-08 16:38 - 2014-01-08 16:32 - 00000000 ____D C:\Users\PC2\Documents\BattleWorldsKronos
2014-01-08 16:35 - 2014-01-08 16:31 - 00000000 ____D C:\Users\PC2\AppData\Local\BattleWorldsKronos
2014-01-08 16:19 - 2014-01-08 16:19 - 00000561 _____ C:\Users\PC2\Desktop\Battle Worlds Kronos.lnk
2014-01-08 15:30 - 2013-04-10 09:07 - 00031369 ____H C:\Windows\SysWOW64\BTImages.dat
2014-01-08 09:29 - 2014-01-08 09:29 - 00000000 ____D C:\Users\PC2\AppData\Roaming\AVAST Software
2014-01-08 09:28 - 2014-01-08 09:28 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-08 09:28 - 2014-01-08 09:28 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-08 09:27 - 2013-02-22 19:25 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-08 08:59 - 2014-01-08 09:00 - 00000675 _____ C:\Users\PC2\Desktop\Path Of Exile.lnk
2014-01-08 08:59 - 2014-01-08 08:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-08 08:59 - 2013-09-24 11:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-08 08:59 - 2013-09-24 11:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 08:55 - 2013-04-03 13:20 - 00000000 ____D C:\Users\PC2\AppData\Roaming\GHISLER
2014-01-08 08:55 - 2013-03-18 01:51 - 00000000 ____D C:\Users\PC2\AppData\Roaming\Winamp
2014-01-08 08:55 - 2013-02-20 15:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2014-01-08 08:55 - 2013-02-20 15:01 - 00000000 ____D C:\Windows\system32\Macromed
2014-01-08 08:55 - 2013-02-19 19:27 - 00000000 ____D C:\Users\nachname
2014-01-08 08:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-08 08:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-05 14:51 - 2013-05-05 20:44 - 00000000 ____D C:\Users\PC2\AppData\Roaming\Offline Explorer
2014-01-05 14:49 - 2013-06-19 12:39 - 00000000 ____D C:\download
2014-01-05 12:48 - 2013-02-22 19:26 - 00000000 _____ C:\Windows\SysWOW64\config.nt

Some content of TEMP:
====================
C:\Users\PC2\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\PC2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\PC2\AppData\Local\Temp\u6tqjyxe.dll
C:\Users\PC2\AppData\Local\Temp\Uninstall.exe
C:\Users\nachname\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-07-16 03:05] - [2012-07-16 03:05] - 0391680 ____A (Microsoft Corporation) 13CD6BA1F798A61AEE985E78D3644A1E

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-07-16 03:01] - [2012-07-16 03:01] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-07-16 03:01] - [2012-07-16 03:01] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-07-16 02:53] - [2012-07-16 02:53] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-07-16 02:53] - [2012-07-16 02:53] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2012-07-16 03:00] - [2012-07-16 03:00] - 0512512 ____A (Microsoft Corporation) 29AC62409BF4939EE14D70EC07CA12BB

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2012-07-16 03:13] - [2012-07-16 03:13] - 0296304 ____A (Microsoft Corporation) F77D373432412073DD5B7BE10CD04306



LastRegBack: 2014-01-29 18:36

==================== End Of Log ============================
--- --- ---


bei GMER kam die Meldung das nichts gefunden wurde, somit ist das log leer.


Hoffe ihr könnt mir helfen, danke schonmal.

mfg
Jonissar

/edit
mir ist grad noch eingefallen, dass ich vor ein paar Tagen mal mit Spybot nen Scan gemacht hab und der damals eine Montera Toolbar gefunden hat.
Geändert von Jonissar (30.01.2014 um 04:38 Uhr)

 

Themen zu Emailadresse versendet Spammails
adblock, adware, akamai, antivirus, browser, firefox, flash player, google, helper, hijack, hijackthis, home, homepage, icreinstall, iexplore.exe, kaspersky, mozilla, object, port, problem, realtek, registry, remote control, safer networking, scan, security, software, svchost.exe, system, warum


« Windows 7: Werbung und Popups im Firefox, unterstrichene Wörter mit PopUps bei Mouse-Over EXP/JAVA.Rafold.A.Gen | Vista: xdva347.sys(etc.) | Computer sehr langsam | svchost.exe (peak: 500mb ram) »


Ähnliche Themen: Emailadresse versendet Spammails


  1. Email-Adresse versendet Spammails
    Plagegeister aller Art und deren Bekämpfung - 03.10.2015 (6)
  2. Emailadresse versendet Junkmails
    Log-Analyse und Auswertung - 05.09.2015 (21)
  3. Win7: Email versendet Spammails
    Log-Analyse und Auswertung - 11.12.2014 (18)
  4. PC versendet Spammails von unterschiedlichen Emailadressen
    Plagegeister aller Art und deren Bekämpfung - 28.07.2014 (1)
  5. Mailaccount versendet mutmaßlich Spammails
    Überwachung, Datenschutz und Spam - 04.06.2014 (5)
  6. Spammails werden über meine Emailadresse verschickt!
    Log-Analyse und Auswertung - 04.08.2013 (7)
  7. Von meiner Emailadresse werden Spammails versendet
    Log-Analyse und Auswertung - 06.05.2013 (12)
  8. TR/SESSY von AVIRA Gefunden; Spammails unerwünscht versendet, nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 07.04.2013 (13)
  9. IPhone versendet Spammails aus GMX Account
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (0)
  10. T-Online-Emailadresse versendet Rechnungen
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (1)
  11. Hotmail versendet automatisch Spammails
    Log-Analyse und Auswertung - 08.06.2012 (3)
  12. Hotmail versendet ungewollt Spammails an Kontaktliste
    Plagegeister aller Art und deren Bekämpfung - 01.07.2011 (1)
  13. Mein AOL E-Mail Account versendet Spammails an meine Kontakte Outlook2007
    Plagegeister aller Art und deren Bekämpfung - 11.04.2011 (18)
  14. Spammails von meiner Emailadresse aus versandt!
    Plagegeister aller Art und deren Bekämpfung - 01.09.2010 (10)
  15. Über IP-Adresse werden Spammails versendet, T-Online beschränkt Mailversand
    Überwachung, Datenschutz und Spam - 05.07.2010 (1)
  16. Spamm über meine Emailadresse versendet!
    Log-Analyse und Auswertung - 25.01.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Emailadresse versendet Spammails - Hallo, ich habe seit einigen Tagen etwas merkwürdige Aktivitäten bei einer meiner Emailadressen (ist bei Arcor.de) festgestellt. Habe daher vor einigen Tagen schonmal das Passwort geändert, aber grad eben feststellen - Emailadresse versendet Spammails...

Alle Zeitangaben in WEZ +1. Es ist jetzt 02:54 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: Emailadresse versendet Spammails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131