Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
AOL verschickt selbstständig weitergeleitete E-Mail

AOL verschickt selbstständig weitergeleitete E-Mail


Log-Analyse und Auswertung: AOL verschickt selbstständig weitergeleitete E-Mail

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.04.2014, 18:53   #1
Hase2014
 
AOL verschickt selbstständig weitergeleitete E-Mail - Standard

AOL verschickt selbstständig weitergeleitete E-Mail


Hi, bisher hat wohl noch keiner weitere E-Mails von mir erhalten.
Hatte zur gleichen Zeit, zu der weitergeleitete E-Mails verschickt wurden, auch weitergeleitete E-Mails erhalten, bekomme diese aber momentan auch nicht mehr.
Aber wie kann ich denn jetzt sicher sein, dass das in den nächsten Tagen nicht nochmal passiert?
Und wie sicher ist mein Computer jetzt(Online-Banking)?

Hier einmal die Logdateien:

eset.txt:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5c20e1e6e4794c429d98e09ef154c330
# engine=18012
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-24 12:05:31
# local_time=2014-04-24 02:05:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=5893 16776573 100 94 73473 149970981 0 0
# scanned=161924
# found=0
# cleaned=0
# scan_time=3756

checkup.txt:


Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2012   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 51  
 Java version out of Date! 
  Adobe Flash Player 11.9.900.152 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Mama (administrator) on PCMAMA on 24-04-2014 19:20:56
Running from C:\Users\Mama\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AOL LLC) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(America Online, Inc.) C:\Program Files (x86)\Common Files\aol\1305555921\ee\aolsoftware.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1305555921\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://deutsch.ircfast.com/de/index.php?rvs=google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://deutsch.ircfast.com/de/index.php?rvs=google
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {56DDBA8C-0531-4AA0-8543-EF60A1FAF78A} URL = hxxp://deutsch.ircfast.com/de/index.php?rvs=google
SearchScopes: HKCU - {56DDBA8C-0531-4AA0-8543-EF60A1FAF78A} URL = hxxp://deutsch.ircfast.com/de/index.php?rvs=google
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mama\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-3838763673-1115839168-2840729140-1000\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-29]

==================== Services (Whitelisted) =================

R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-29] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-29] (Kaspersky Lab ZAO)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-02-19] (Windows (R) 2003 DDK 3790 provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-11-08] (TuneUp Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 19:20 - 2014-04-24 19:20 - 00013372 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-04-24 14:19 - 2014-04-24 14:19 - 00001000 _____ () C:\Users\Mama\Desktop\checkup.txt
2014-04-24 12:54 - 2014-04-24 12:54 - 00855379 _____ () C:\Users\Mama\Desktop\SecurityCheck.exe
2014-04-24 12:53 - 2014-04-24 12:53 - 02347384 _____ (ESET) C:\Users\Mama\Desktop\esetsmartinstaller_enu.exe
2014-04-23 17:55 - 2014-04-24 19:20 - 00000000 ____D () C:\Users\Mama\Desktop\FRST-OlderVersion
2014-04-23 17:42 - 2014-04-23 17:42 - 00000755 _____ () C:\Users\Mama\Desktop\JRT.txt
2014-04-23 17:34 - 2014-04-23 17:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-23 17:32 - 2014-04-23 17:32 - 00002889 _____ () C:\Users\Mama\Desktop\AdwCleaner[S0].txt
2014-04-23 17:25 - 2014-04-23 17:29 - 00000000 ____D () C:\AdwCleaner
2014-04-23 17:22 - 2014-04-23 17:22 - 00001133 _____ () C:\Users\Mama\Desktop\mbam.txt
2014-04-23 16:52 - 2014-04-23 16:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 16:52 - 2014-04-23 16:52 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 16:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 16:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 16:52 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-23 16:50 - 2014-04-23 16:50 - 01345299 _____ () C:\Users\Mama\Desktop\adwcleaner.exe
2014-04-23 16:50 - 2014-04-23 16:50 - 01016261 _____ (Thisisu) C:\Users\Mama\Desktop\JRT.exe
2014-04-23 16:49 - 2014-04-23 16:50 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Mama\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-22 19:28 - 2014-04-22 19:28 - 00014043 _____ () C:\ComboFix.txt
2014-04-22 19:17 - 2014-04-22 19:28 - 00000000 ____D () C:\Qoobox
2014-04-22 19:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-22 19:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-22 19:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-22 19:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-22 19:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-22 19:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-22 19:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-22 19:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-22 19:16 - 2014-04-22 19:26 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 19:13 - 2014-04-22 19:14 - 05196870 ____R (Swearware) C:\Users\Mama\Desktop\ComboFix.exe
2014-04-22 19:10 - 2014-04-22 19:10 - 00001228 _____ () C:\Users\Mama\Desktop\Revo Uninstaller.lnk
2014-04-22 19:10 - 2014-04-22 19:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-22 19:07 - 2014-04-22 19:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mama\Desktop\revosetup95.exe
2014-04-21 17:50 - 2014-04-21 17:50 - 00037759 _____ () C:\Users\Mama\Desktop\Gmer.txt
2014-04-21 17:26 - 2014-04-21 17:26 - 00380416 _____ () C:\Users\Mama\Desktop\Gmer-19357.exe
2014-04-21 17:20 - 2014-04-21 17:23 - 00035765 _____ () C:\Users\Mama\Desktop\Addition.txt
2014-04-21 17:19 - 2014-04-24 19:20 - 00000000 ____D () C:\FRST
2014-04-21 17:19 - 2014-04-23 17:57 - 00025222 _____ () C:\Users\Mama\Desktop\FRST_alt.txt
2014-04-21 17:17 - 2014-04-24 19:20 - 02061824 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-04-21 17:16 - 2014-04-21 17:16 - 00000470 _____ () C:\Users\Mama\Desktop\defogger_disable.log
2014-04-21 17:16 - 2014-04-21 17:16 - 00000000 _____ () C:\Users\Mama\defogger_reenable
2014-04-21 17:15 - 2014-04-21 17:15 - 00050477 _____ () C:\Users\Mama\Desktop\Defogger.exe
2014-04-15 12:31 - 2014-04-15 12:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-15 12:31 - 2014-04-15 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-04-15 07:49 - 2014-04-15 07:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-15 07:49 - 2014-04-15 07:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-06 16:01 - 2014-04-06 16:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-24 19:21 - 2014-04-24 19:20 - 00013372 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-04-24 19:21 - 2014-01-30 15:52 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\NetSpeedMonitor
2014-04-24 19:20 - 2014-04-23 17:55 - 00000000 ____D () C:\Users\Mama\Desktop\FRST-OlderVersion
2014-04-24 19:20 - 2014-04-21 17:19 - 00000000 ____D () C:\FRST
2014-04-24 19:20 - 2014-04-21 17:17 - 02061824 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-04-24 19:19 - 2013-04-06 10:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-24 19:17 - 2012-05-10 09:51 - 00182589 _____ () C:\Windows\setupact.log
2014-04-24 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 16:19 - 2010-11-06 05:49 - 01843243 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 16:18 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 16:18 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 16:10 - 2012-03-07 18:27 - 00005974 _____ () C:\Windows\PFRO.log
2014-04-24 14:19 - 2014-04-24 14:19 - 00001000 _____ () C:\Users\Mama\Desktop\checkup.txt
2014-04-24 12:54 - 2014-04-24 12:54 - 00855379 _____ () C:\Users\Mama\Desktop\SecurityCheck.exe
2014-04-24 12:53 - 2014-04-24 12:53 - 02347384 _____ (ESET) C:\Users\Mama\Desktop\esetsmartinstaller_enu.exe
2014-04-23 17:57 - 2014-04-21 17:19 - 00025222 _____ () C:\Users\Mama\Desktop\FRST_alt.txt
2014-04-23 17:42 - 2014-04-23 17:42 - 00000755 _____ () C:\Users\Mama\Desktop\JRT.txt
2014-04-23 17:34 - 2014-04-23 17:34 - 00000000 ____D () C:\Windows\ERUNT
2014-04-23 17:32 - 2014-04-23 17:32 - 00002889 _____ () C:\Users\Mama\Desktop\AdwCleaner[S0].txt
2014-04-23 17:29 - 2014-04-23 17:25 - 00000000 ____D () C:\AdwCleaner
2014-04-23 17:22 - 2014-04-23 17:22 - 00001133 _____ () C:\Users\Mama\Desktop\mbam.txt
2014-04-23 16:55 - 2014-04-23 16:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 16:52 - 2014-04-23 16:52 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 16:52 - 2014-04-23 16:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-23 16:50 - 2014-04-23 16:50 - 01345299 _____ () C:\Users\Mama\Desktop\adwcleaner.exe
2014-04-23 16:50 - 2014-04-23 16:50 - 01016261 _____ (Thisisu) C:\Users\Mama\Desktop\JRT.exe
2014-04-23 16:50 - 2014-04-23 16:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Mama\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-22 19:28 - 2014-04-22 19:28 - 00014043 _____ () C:\ComboFix.txt
2014-04-22 19:28 - 2014-04-22 19:17 - 00000000 ____D () C:\Qoobox
2014-04-22 19:26 - 2014-04-22 19:16 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 19:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-22 19:24 - 2011-05-16 13:24 - 00000000 ____D () C:\Users\Mama
2014-04-22 19:14 - 2014-04-22 19:13 - 05196870 ____R (Swearware) C:\Users\Mama\Desktop\ComboFix.exe
2014-04-22 19:10 - 2014-04-22 19:10 - 00001228 _____ () C:\Users\Mama\Desktop\Revo Uninstaller.lnk
2014-04-22 19:10 - 2014-04-22 19:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-22 19:08 - 2014-04-22 19:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mama\Desktop\revosetup95.exe
2014-04-21 17:50 - 2014-04-21 17:50 - 00037759 _____ () C:\Users\Mama\Desktop\Gmer.txt
2014-04-21 17:26 - 2014-04-21 17:26 - 00380416 _____ () C:\Users\Mama\Desktop\Gmer-19357.exe
2014-04-21 17:23 - 2014-04-21 17:20 - 00035765 _____ () C:\Users\Mama\Desktop\Addition.txt
2014-04-21 17:16 - 2014-04-21 17:16 - 00000470 _____ () C:\Users\Mama\Desktop\defogger_disable.log
2014-04-21 17:16 - 2014-04-21 17:16 - 00000000 _____ () C:\Users\Mama\defogger_reenable
2014-04-21 17:15 - 2014-04-21 17:15 - 00050477 _____ () C:\Users\Mama\Desktop\Defogger.exe
2014-04-18 13:57 - 2010-11-06 22:19 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-18 13:57 - 2010-11-06 22:19 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-18 13:57 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 08:08 - 2011-05-16 15:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-15 14:01 - 2011-05-16 14:38 - 00068328 _____ () C:\Users\Mama\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 13:59 - 2009-07-14 06:45 - 00311184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-15 12:31 - 2014-04-15 12:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-15 12:31 - 2014-04-15 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-15 12:31 - 2011-05-16 13:25 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-15 12:31 - 2011-05-16 13:25 - 00000000 ____D () C:\ProgramData\Skype
2014-04-15 12:29 - 2011-05-16 15:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-15 07:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-15 07:50 - 2014-04-15 07:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-04-15 07:49 - 2014-04-15 07:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-15 07:49 - 2014-04-15 07:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-10 12:09 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-10 07:57 - 2013-08-15 07:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 07:56 - 2011-05-22 17:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 06:42 - 2013-03-15 16:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-06 16:02 - 2014-04-06 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 09:51 - 2014-04-23 16:52 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 16:52 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 16:52 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2011-05-16 14:24 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-25 14:31 - 2013-10-17 16:47 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-25 14:31 - 2013-06-08 21:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys

Some content of TEMP:
====================
C:\Users\Mama\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-21 18:17

==================== End Of Log ============================
--- --- ---

--- --- ---

Antwort

Themen zu AOL verschickt selbstständig weitergeleitete E-Mail
administrator, adobe, browser, canon, defender, e-mail, ebanking, error, explorer, fast start, firefox, flash player, helper, home, iexplore.exe, internet, kaspersky, mozilla, mp3, ordner, registry, scan, security, services.exe, software, svchost.exe, system, winlogon.exe


« Mail account gesperrt: Mailer daemon - undeliverable mail massenhaft | BKA Trojaner und ständige Popups auf Firefox »


Ähnliche Themen: AOL verschickt selbstständig weitergeleitete E-Mail


  1. Smartphone (Android) verschickt selbstständig SMS mit Inhalt
    Smartphone, Tablet & Handy Security - 13.01.2015 (9)
  2. Yahoo-Mail Account verschickt Spam, hinterlässt keine Spuren im Verschickt-Ordner Win8
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (11)
  3. Eigener E-Mail Account verschickt Spam
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (7)
  4. Mail delivery to Sender und ich hab nichts verschickt....
    Plagegeister aller Art und deren Bekämpfung - 22.02.2014 (9)
  5. Log Datei Malewarebytes - E-Mail verschickt selbstständig Spam
    Log-Analyse und Auswertung - 25.01.2014 (7)
  6. E-mail Account verschickt Spam Mail mit Viren Anhang an alle Kontakte
    Log-Analyse und Auswertung - 29.10.2013 (16)
  7. Email-Account verschickt selbstständig emails an Kontakte
    Log-Analyse und Auswertung - 31.03.2013 (2)
  8. Laptop verschickt Mail
    Log-Analyse und Auswertung - 30.07.2012 (12)
  9. E-Mail Account verschickt (SPAM) Mails
    Log-Analyse und Auswertung - 26.06.2012 (36)
  10. Gmx Free Mail verschickt selbstständig Mails
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  11. Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (18)
  12. Virus verschickt Mail
    Log-Analyse und Auswertung - 19.12.2011 (6)
  13. Mail-Account verschickt Spam
    Plagegeister aller Art und deren Bekämpfung - 09.12.2010 (30)
  14. Msn-Virus/ Nachrichten werden selbstständig mit einem link verschickt.
    Plagegeister aller Art und deren Bekämpfung - 22.02.2010 (0)
  15. Mail auf Mac verschickt ungefragt Mails...
    Plagegeister aller Art und deren Bekämpfung - 28.10.2009 (0)
  16. Trillian verschickt selbstständig über icq Nachrichten mit russischem Inhalt.
    Mülltonne - 05.01.2009 (0)
  17. ICQ Account verschickt selbstständig Link mit Virus
    Plagegeister aller Art und deren Bekämpfung - 24.08.2008 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema AOL verschickt selbstständig weitergeleitete E-Mail - Hi, bisher hat wohl noch keiner weitere E-Mails von mir erhalten. Hatte zur gleichen Zeit, zu der weitergeleitete E-Mails verschickt wurden, auch weitergeleitete E-Mails erhalten, bekomme diese aber momentan auch - AOL verschickt selbstständig weitergeleitete E-Mail...
Archiv
Du betrachtest: AOL verschickt selbstständig weitergeleitete E-Mail auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19