Zurück   Trojaner-Board > Malware entfernen > Überwachung, Datenschutz und Spam

Überwachung, Datenschutz und Spam: Ich verschicke Spammail

Windows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

 
Alt 19.05.2010, 01:08   #1
baskerville
 
Ich verschicke Spammail - Standard

Ich verschicke Spammail



Hallo,

seit einigen Tagen verschicke ich Spammail von meinem Mail-Account. Bin ein wenig verzweifelt. AntiVir kann nichts Auffälliges finden. Habe mir vor einiger Zeit Thunderbird zugelegt. Könnte es damit zusammenhängen?

Nun ja. Hier die Informationen aus
Malwarebytes:

Malwarebytes' Anti-Malware 1.46
w*w.malwarebytes.org

Datenbank Version: 4113

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

19.05.2010 01:36:14
mbam-log-2010-05-19 (01-36-14).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 117430
Laufzeit: 12 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


Und OTL


Code:
ATTFilter
OTL logfile created on: 19.05.2010 01:41:13 - Run 1
OTL by OldTimer - Version 3.2.4.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 239,00 Mb Available Physical Memory | 24,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 9,69 Gb Free Space | 17,34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 54,43 Gb Total Space | 44,68 Gb Free Space | 82,09% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\ShrewSoft\VPN Client\dtpd.exe ()
PRC - C:\Programme\ShrewSoft\VPN Client\iked.exe ()
PRC - C:\Programme\ShrewSoft\VPN Client\ipsecd.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Lexmark 5600-6600 Series\lxdumon.exe ()
PRC - C:\Programme\Lexmark 5600-6600 Series\lxdumsdmon.exe ()
PRC - C:\Windows\System32\lxducoms.exe ( )
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
PRC - C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Programme\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Symantec Core LC) --  File not found
SRV - (Automatisches LiveUpdate - Scheduler) --  File not found
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (dtpd) -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe ()
SRV - (iked) -- C:\Program Files\ShrewSoft\VPN Client\iked.exe ()
SRV - (ipsecd) -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (lxdu_device) -- C:\Windows\System32\lxducoms.exe ( )
SRV - (lxduCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (de_serv) -- C:\Programme\Common Files\AVM\DE_SERV.EXE (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (vflt) -- C:\Windows\System32\drivers\vfilter.sys (Shrew Soft Inc)
DRV - (vnet) -- C:\Windows\System32\drivers\virtualnet.sys (Shrew Soft Inc)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (AF05BDA) -- C:\Windows\System32\drivers\AF05BDA.sys (AfaTech                  )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2009.7.1
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {899DF1F8-2F43-4394-8315-37F6744E6319}:1.0.5
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.31 18:07:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.31 18:07:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2009.01.15 22:45:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2009.04.17 16:57:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.31 17:13:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2010.03.29 23:18:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.03.29 23:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.05.19 00:26:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\khzkv7es.default\extensions
[2010.04.28 01:40:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\khzkv7es.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.20 14:03:31 | 000,000,000 | ---D | M] (NewsFox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\khzkv7es.default\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}
[2010.01.26 19:20:26 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\khzkv7es.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009.04.06 00:21:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\khzkv7es.default\extensions\moveplayer@movenetworks.com
[2009.01.15 22:46:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\jct92j5c.default\extensions
[2010.04.07 22:58:38 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.12.07 18:56:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2008.08.29 09:16:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org
[2010.01.25 14:20:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.25 14:20:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.25 14:20:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.25 14:20:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.25 14:20:20 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TerraTec Remote Control] C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus D92 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} -  File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.22 23:42:21 | 000,000,083 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3d4c1e18-f5d5-11dc-a485-0016d4fd02cc}\Shell\verb1\command - "" = desktop.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.19 01:38:14 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.05.19 01:21:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.05.19 01:21:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.19 01:21:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.19 01:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.19 01:21:33 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.19 01:20:37 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\***\Documents\mbam-setup.exe
[2010.05.19 01:10:57 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\51464-anleitung-ccleaner-Dateien
[2010.05.19 00:58:00 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Users\***\Documents\ccsetup231.exe
[2010.05.19 00:35:34 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\***\Documents\HiJackThis.exe
[2010.05.10 19:10:44 | 000,000,000 | ---D | C] -- C:\Programme\Teachmaster 4.3
[2010.05.09 21:58:31 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Vokabeln
[2009.12.28 22:02:30 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2009.12.28 22:02:29 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2009.12.28 22:02:29 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2009.12.28 22:02:28 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2009.12.28 22:02:28 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2009.12.28 22:02:28 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2009.12.28 22:02:28 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2009.12.28 22:02:27 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2009.12.28 22:02:25 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2009.12.28 22:02:25 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\***\*.tmp files -> C:\Users\***\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.19 01:42:02 | 002,883,584 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.05.19 01:39:02 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\fsvclw.sys
[2010.05.19 01:38:22 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.05.19 01:21:41 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 01:20:45 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\***\Documents\mbam-setup.exe
[2010.05.19 01:18:01 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011758.reg
[2010.05.19 01:17:40 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011730.reg
[2010.05.19 01:16:32 | 000,002,100 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011627.reg
[2010.05.19 01:14:54 | 000,060,736 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011435.reg
[2010.05.19 01:11:02 | 000,055,604 | ---- | M] () -- C:\Users\***\Desktop\51464-anleitung-ccleaner.html
[2010.05.19 01:07:51 | 000,005,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 01:07:51 | 000,005,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 00:58:03 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Users\***\Documents\ccsetup231.exe
[2010.05.19 00:35:42 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Documents\HiJackThis.exe
[2010.05.19 00:14:32 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{102961D4-B19D-43EE-9063-54F4E8709B09}.job
[2010.05.19 00:07:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.19 00:07:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.19 00:07:37 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.18 12:59:25 | 002,951,872 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.05.12 20:54:37 | 028,053,890 | ---- | M] () -- C:\Users\***\Documents\Die_drei_Fragezeichen_-_Der_Todesflug.rar
[2010.05.10 19:42:29 | 000,000,132 | ---- | M] () -- C:\Users\***\Desktop\unidad 3.kk
[2010.05.10 19:10:45 | 000,000,905 | ---- | M] () -- C:\Users\***\Desktop\Teachmaster 4.3.lnk
[2010.05.10 19:10:19 | 000,933,622 | ---- | M] () -- C:\Users\***\Documents\teachmaster_4-3_setup.exe
[2010.05.09 22:17:55 | 000,001,278 | ---- | M] () -- C:\Users\***\Documents\Unidad 3.pau.gz
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.04.29 15:22:24 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.29 15:22:24 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.29 15:22:24 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.29 15:22:24 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.29 15:22:24 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.19 15:35:12 | 000,114,313 | ---- | M] () -- C:\Users\***\Desktop\Tanzarchiv.pdf
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\***\*.tmp files -> C:\Users\***\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.05.19 01:39:02 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\fsvclw.sys
[2010.05.19 01:21:41 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 01:18:00 | 000,000,206 | ---- | C] () -- C:\Users\***\Documents\cc_20100519_011758.reg
[2010.05.19 01:17:32 | 000,000,206 | ---- | C] () -- C:\Users\***\Documents\cc_20100519_011730.reg
[2010.05.19 01:16:29 | 000,002,100 | ---- | C] () -- C:\Users\***\Documents\cc_20100519_011627.reg
[2010.05.19 01:14:40 | 000,060,736 | ---- | C] () -- C:\Users\***\Documents\cc_20100519_011435.reg
[2010.05.19 01:10:57 | 000,055,604 | ---- | C] () -- C:\Users\***\Desktop\51464-anleitung-ccleaner.html
[2010.05.12 20:51:34 | 028,053,890 | ---- | C] () -- C:\Users\***\Documents\Die_drei_Fragezeichen_-_Der_Todesflug.rar
[2010.05.10 19:42:29 | 000,000,132 | ---- | C] () -- C:\Users\***\Desktop\unidad 3.kk
[2010.05.10 19:10:45 | 000,000,905 | ---- | C] () -- C:\Users\***\Desktop\Teachmaster 4.3.lnk
[2010.05.10 19:10:16 | 000,933,622 | ---- | C] () -- C:\Users\***\Documents\teachmaster_4-3_setup.exe
[2010.05.09 22:17:54 | 000,001,278 | ---- | C] () -- C:\Users\***\Documents\Unidad 3.pau.gz
[2010.04.19 15:35:12 | 000,114,313 | ---- | C] () -- C:\Users\***\Desktop\Tanzarchiv.pdf
[2009.12.28 22:11:27 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2009.12.28 22:09:25 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2009.12.28 22:06:55 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2009.12.28 22:06:55 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2009.12.28 22:06:54 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2009.12.28 22:03:47 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2009.12.28 22:02:30 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2009.12.28 22:02:26 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2009.12.22 23:41:43 | 000,081,920 | ---- | C] () -- C:\Windows\asr3232.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.11.06 18:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.09.30 19:06:17 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.09.30 18:58:31 | 000,000,025 | ---- | C] () -- C:\Windows\CDED92Euro.ini
[2007.10.03 22:28:24 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2007.10.03 22:28:23 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2007.09.06 21:29:45 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2007.09.02 01:45:33 | 000,172,032 | ---- | C] () -- C:\Windows\System32\tifmicon.dll
[2007.09.02 01:45:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll
[2007.09.02 01:45:09 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007.09.02 01:45:09 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.09.02 01:45:09 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007.08.20 17:29:29 | 000,823,808 | ---- | C] () -- C:\Windows\System32\libxml2.dll.off
[2007.08.20 17:29:29 | 000,081,920 | ---- | C] () -- C:\Windows\System32\xmltok.dll.off
[2007.08.20 17:29:29 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll.off
[2007.08.20 17:29:29 | 000,053,248 | ---- | C] () -- C:\Windows\System32\xmlparse.dll.off
[2007.07.08 17:05:23 | 000,000,059 | ---- | C] () -- C:\Windows\WINPHONE.INI
[2007.03.14 10:34:13 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.03.13 13:03:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.03.13 13:03:08 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.03.13 13:03:08 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.03.13 13:03:08 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.03.13 13:03:08 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.03.13 13:03:08 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.03.13 12:52:13 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.03.13 12:31:43 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.03.13 12:31:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.03.13 12:31:43 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.03.13 12:31:43 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006.12.05 14:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.24 08:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 15:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 22:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

[2010.05.19 01:45:42 | 000,000,000 | R--D | M] -- C:\Users\***\Desktop
[2010.05.19 01:42:02 | 002,883,584 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.05.19 01:42:02 | 000,262,144 | -H-- | M] () -- C:\Users\***\ntuser.dat.LOG1
[2010.05.19 01:38:22 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.05.19 01:38:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Local\Temp
[2010.05.19 01:21:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.05.19 01:21:43 | 000,000,000 | ---D | M] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.19 01:21:41 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 01:21:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2010.05.19 01:20:45 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\***\Documents\mbam-setup.exe
[2010.05.19 01:20:37 | 000,000,000 | R--D | M] -- C:\Users\***\Documents
[2010.05.19 01:18:01 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011758.reg
[2010.05.19 01:17:40 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011730.reg
[2010.05.19 01:16:32 | 000,002,100 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011627.reg
[2010.05.19 01:14:54 | 000,060,736 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011435.reg
[2010.05.19 01:11:02 | 000,055,604 | ---- | M] () -- C:\Users\***\Desktop\51464-anleitung-ccleaner.html
[2010.05.19 00:58:03 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Users\***\Documents\ccsetup231.exe
[2010.05.19 00:35:42 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Documents\HiJackThis.exe
[2010.05.19 00:35:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2010.05.19 00:14:32 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{102961D4-B19D-43EE-9063-54F4E8709B09}.job
[2010.05.19 00:07:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.19 00:07:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.18 12:59:25 | 002,951,872 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.05.18 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org2
[2010.05.18 12:05:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2010.05.12 20:54:37 | 028,053,890 | ---- | M] () -- C:\Users\***\Documents\Die_drei_Fragezeichen_-_Der_Todesflug.rar
[2010.05.10 19:42:29 | 000,000,132 | ---- | M] () -- C:\Users\***\Desktop\unidad 3.kk
[2010.05.10 19:10:45 | 000,000,905 | ---- | M] () -- C:\Users\***\Desktop\Teachmaster 4.3.lnk
[2010.05.10 19:10:45 | 000,000,000 | ---D | M] -- C:\Programme\Teachmaster 4.3
[2010.05.10 19:10:19 | 000,933,622 | ---- | M] () -- C:\Users\***\Documents\teachmaster_4-3_setup.exe
[2010.05.09 22:17:55 | 000,001,278 | ---- | M] () -- C:\Users\***\Documents\Unidad 3.pau.gz
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.04.30 12:38:46 | 000,000,000 | R--D | M] -- C:\Users\***\Music
[2010.04.29 15:22:24 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.29 15:22:24 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.29 15:22:24 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.29 15:22:24 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.29 15:22:24 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.27 12:26:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexmark 5600-6600 Series
[2010.04.26 00:12:44 | 000,000,000 | R--D | M] -- C:\Users\***\Downloads
[2010.04.19 15:35:12 | 000,114,313 | ---- | M] () -- C:\Users\***\Desktop\Tanzarchiv.pdf
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\***\*.tmp files -> C:\Users\***\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.19 01:42:02 | 002,883,584 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.05.19 01:39:02 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\fsvclw.sys
[2010.05.19 01:38:22 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.05.19 01:21:41 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 01:20:45 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\***\Documents\mbam-setup.exe
[2010.05.19 01:18:01 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011758.reg
[2010.05.19 01:17:40 | 000,000,206 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011730.reg
[2010.05.19 01:16:32 | 000,002,100 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011627.reg
[2010.05.19 01:14:54 | 000,060,736 | ---- | M] () -- C:\Users\***\Documents\cc_20100519_011435.reg
[2010.05.19 01:11:02 | 000,055,604 | ---- | M] () -- C:\Users\***\Desktop\51464-anleitung-ccleaner.html
[2010.05.19 01:07:51 | 000,005,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 01:07:51 | 000,005,056 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.19 00:58:03 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Users\***\Documents\ccsetup231.exe
[2010.05.19 00:35:42 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Documents\HiJackThis.exe
[2010.05.19 00:14:32 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{102961D4-B19D-43EE-9063-54F4E8709B09}.job
[2010.05.19 00:07:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.19 00:07:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.19 00:07:37 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.18 12:59:25 | 002,951,872 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.05.12 20:54:37 | 028,053,890 | ---- | M] () -- C:\Users\***\Documents\Die_drei_Fragezeichen_-_Der_Todesflug.rar
[2010.05.10 19:42:29 | 000,000,132 | ---- | M] () -- C:\Users\***\Desktop\unidad 3.kk
[2010.05.10 19:10:45 | 000,000,905 | ---- | M] () -- C:\Users\***\Desktop\Teachmaster 4.3.lnk
[2010.05.10 19:10:19 | 000,933,622 | ---- | M] () -- C:\Users\***\Documents\teachmaster_4-3_setup.exe
[2010.05.09 22:17:55 | 000,001,278 | ---- | M] () -- C:\Users\***\Documents\Unidad 3.pau.gz
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.04.29 15:22:24 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.29 15:22:24 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.29 15:22:24 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.29 15:22:24 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.29 15:22:24 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.19 15:35:12 | 000,114,313 | ---- | M] () -- C:\Users\***\Desktop\Tanzarchiv.pdf
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Users\***\*.tmp files -> C:\Users\***\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< End of report >
         


Teil 2

----> im nächsten thread

 

Themen zu Ich verschicke Spammail
agere systems, antivir, autorun, avgntflt.sys, avira, bho, bonjour, ccsetup, components, corp./icp, defender, dropbox, error, explorer, firefox, firefox.exe, hijack, home, home premium, hängen, icq, jucheck.exe, location, logfile, microsoft, mozilla, mozilla thunderbird, nvidia, nvstor.sys, oldtimer, otl logfile, otl.exe, plug-in, port, programdata, programme, realtek, registry, remote control, saver, sched.exe, searchplugins, software, start menu, symantec, trojan.downloader, uleadburninghelper, vista, winlogon, worm.allaple




Ähnliche Themen: Ich verschicke Spammail


  1. Dhl Spammail, Virenverdacht!
    Log-Analyse und Auswertung - 27.03.2015 (17)
  2. Spammail von Anwaltskanzlei
    Überwachung, Datenschutz und Spam - 23.01.2015 (5)
  3. Windows 7 -- Mail delivery failed obwohl ich keine Mails verschicke
    Log-Analyse und Auswertung - 01.11.2013 (11)
  4. Spammail geöffnet
    Überwachung, Datenschutz und Spam - 27.02.2013 (7)
  5. Verschicke Spam Mails
    Log-Analyse und Auswertung - 25.01.2013 (12)
  6. Verschicke Spam-Emails
    Plagegeister aller Art und deren Bekämpfung - 06.07.2012 (13)
  7. Netzbetreiber sagt ich verschicke Schadware/Spam
    Plagegeister aller Art und deren Bekämpfung - 29.06.2012 (6)
  8. Verschicke Spam-Mails an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (6)
  9. Merkwürdige Sicherheitscenter-Meldungen, verschicke ungewollt Spammails, ...
    Antiviren-, Firewall- und andere Schutzprogramme - 14.02.2011 (13)
  10. Ich verschicke per MSN Email spam Nachrichten
    Log-Analyse und Auswertung - 23.08.2010 (14)
  11. verschicke spam mit msn und er stürzt immer ab
    Log-Analyse und Auswertung - 04.05.2010 (22)
  12. Ich verschicke Links über MSN...HILFE!!!
    Log-Analyse und Auswertung - 24.04.2009 (7)
  13. verschicke über MSN perverse Nachrichten - Hier mein Logfile!
    Log-Analyse und Auswertung - 31.07.2008 (8)
  14. ProRat_v1.9-Trojaner wie verschicke ich den über icq???
    Mülltonne - 05.03.2008 (5)
  15. verschicke ich spam?
    Überwachung, Datenschutz und Spam - 19.06.2007 (7)
  16. Verschicke unabsichtlich Daten über Msn! Bitte LogFile checken.
    Log-Analyse und Auswertung - 08.09.2006 (3)
  17. Ärger mit T-Online, weil ich angeblich Spam-Mails verschicke.
    Plagegeister aller Art und deren Bekämpfung - 14.11.2003 (3)

Zum Thema Ich verschicke Spammail - Hallo, seit einigen Tagen verschicke ich Spammail von meinem Mail-Account. Bin ein wenig verzweifelt. AntiVir kann nichts Auffälliges finden. Habe mir vor einiger Zeit Thunderbird zugelegt. Könnte es damit zusammenhängen? - Ich verschicke Spammail...
Archiv
Du betrachtest: Ich verschicke Spammail auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.