Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.10.2013, 18:56   #1
bigron
 
Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! - Standard

Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!



Moin Moin!

Ich habe seit gestern überdurchschnittlich viele "Mail delivery failed: returning message to sender" Mails im GMX Account. (Alle mails die ich über GMX Bekomme werden bei mir an meinen GMAIL account weitergeleitet)


Hier mal der Inhalt solch einer MAIL:

Code:
ATTFilter
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of
its recipients. This is a permanent error. The following address
failed:

"meine.emailadresse@googlemail.com": (hier habe ich meine Adresse zensiert)
SMTP error from remote server after transfer of mail text:
host: gmail-smtp-in.l.google.com
5.7.1 [212.227.15.19      11] Our system has detected that this message is
5.7.1 not RFC 2822 compliant. To reduce the amount of spam sent to Gmail,
5.7.1 this message has been blocked. Please review
5.7.1 RFC 2822 specifications for more information. o7si11663521eep.288 - gsmtp


--- The header of the original message is following. ---

Return-Path: tsom@users.physics.harvard.edu
Received:  from amba.lu ([83.101.89.18]) by mx-ha.gmx.net (mxgmx012) with
 ESMTP (Nemesis) id 0LduHD-1W1HKt3ODr-00j4Rx for <meine.emailadresse@gmx.de>; Sun,
 27 Oct 2013 15:09:17 +0100
kip ykbf
zyd ztp
From: "jds wkei" <tsom@users.physics.harvard.edu>
Reply-To: "jds wkei" <tsom@users.physics.harvard.edu>
To: peter.strang@gmx.de
Subject: slzr uwi
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain;
Envelope-To: <meine.emailadresse@gmx.de> (hier habe ich meine Adresse zensiert)
X-GMX-Antispam: 6 (nemesis text pattern profiler); Detail=V3;
X-GMX-Antivirus: 0 (no virus found)
X-UI-Filterresults: junk:10;V01:K0:vZtr6oCCMFc=:Tpjyz5J0Ml6q4HiXboaWvbxMGJy+
 kNfzqr4hgNRKStK3K0YuW3RlIfUqoryoyEMyNEtgHr6kA/kawsxlJFbn9ow5B7UEU9tWvVGuK
 upHlKSrlRfiTqpQ6mPOPEYVM0Lzh6zZ2w7ZfxEQcS2N2aU6bW17QAxAnuf+7WpnLqegcRRY6k
 sLEptV6az0M+dx57OEygqXT+RdwQzwfQk34QJ7K0uDeNa6po7vimFK7BpUngvU8U6PWiUTUXm
 YMXayMxyPElkC25fA/F9tg9j2tuTY55C8J26olo2R8fiMX/Tb/SzafRY4Wk4C0jEEjkBCO1+I
 nVQ5bTmS4ZJpbPNy+wdvJtDNfSOCJP8O8E49cTYZw7DeEBFrl+HglWIgbgTv4Z4SJxHlyFoP6
 AxEbi6g6rEDgPUcugEY3YfQyY8/xfNcfjb9VWyWL79jAvYdnNdmG6air7RJnZEewbZ0ssN2F7
 ZxHMBJKBJ+JorGESg2luGD8K0C8ituRFNUTO1L39rWpMlz/wKaOc5v8eNXQRq7ep7q8oRkxEv
 ZCqHEdxdZ2bWS7o/dkzmhNTSlBWtltDbXGbSwb1Eiib+aWwv0p9U17gqS7kXJGqOfAUQANmHq
 3nY9/mmrlSsTesnuQWx4eoFzME84NFrQJfI4/tHCMjdtJ3FU3bx/cBzxl2AnDoBH6XDw+P2uw
 RdoQ8ihvcjPQnMKdknxY5Hi+6RWH9A7m7rhEXsxnhDw8TKoaDzNExF9QH+kkqqFD0Ky896P1Q
 DhVp923PZQnzi3DeDLWknIBnAzgddTm2rUH7GloOAfxiLS7uYp8x24EKUL1R87l+RWVJXAHcB
 Wfn1Xf0tfFgwOSHTq/a9Uww1x1ny9UyRsNcLt3cm+gDMu3CR4XG9/nepHRZ2DKxaKDaXSl+33
 0u3H7cbXmoonf6xMAOptIbdKt1sJhOWHTFG6BGbxY71GDpFI3uzSnWu/Voo94ZSltJqPyWC7N
 65EHkSCdxg+WmJ1Mgm0XPjm66dT6XOX5oDyPZm/8mp1ZhI0nRsCD/PxrRSV4t7TnS3X9LBzmA
 FZ95VMV7kh78SgInXAV1+dQMfZ71HWBBkZS0EDYZX8yxfreT6tUO1pQ1/oqbHjexdlRY8XM1G
 4YdufmZhU+FCxnWzzX0RjJJmICPbHq4vGUDnZdHpi2/dcsrSl1geAbBdf0KNDc9fqUDIYsTxc
 VHad43QbAc0OCAxDZ6k3aJk1z4aSu95Lk1SzGmOMuvLWJ26LEbEdLwxopoHraYOPLtl0p2Poy
 4KoWgTGFNv7I+grH/B1ZK8+0DHgTbDffC16jHcY0B2hUUfcOY+ykbD8YL0t6CKRUJNHpsFhXf
 PQROJXWJvZZEeoD0wGcvPlxXRk2Icdalzn5Z90zklho7BdXSV36vHTRuLXOBWT1CcdyPS3X6F
 TBsiDg3tMfQoXWLUJJfv7OeYUQJFB5yz53Kzl4dLFZ4MuF3QxRaja6UhSZMait3xxt53hsFRa
 WN0EeXZbOLBQxaFGSjb9A6oifwPA9C2bGJQmUhOeBaVcXeNnij+3ITiwZUHlqy6TnDuEZBTmh
 8MxZCwYIutz4DQyRodGECGnvl4SGucNeQklzAS1
X-UI-Loop:V01:Bx5tzkw+nO0=:okr8GYA90PT2f+PYKcj9ppwkNMxV2/UnnO2esuCDOcs=
         

Seit etwa 2 Wochen bekomme ich auch noch komische mails mit komischem Betreff und komischem inhalt ziemlich oft. Hier mal ein Screenshot dieser mails:

KLICKEN UM ZU VERGRÖßERN:






Was ist denn da passiert. Scheint mir irgendwie so als ob da jemand an mein GMX Account gekommen ist. Ich logge mich sehr selten in mein GMX Account ein. Diese Delivery Failed messages bekomme ich halt auch wenn mein momentan genutztes Laptop nicht läuft!

Könnte ich einen Keylogger oder einen Trojaner auf meinem System installiert haben?

Ich hätte normalerweise den laptop platt gemacht und Windows neu installiert. Nur auf diesem Laptop darf ich das im Moment nicht da ich mir den von meinem Bruder ausgeliehen habe weil meine beiden Laptops im Moment in Reparatur sind!


Ich habe mal die geforderten Schritte durchgeführt. Hier mal die geforderten Informationen:

FRST.txt



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2013 01
Ran by candy (administrator) on CHOCOLATE on 27-10-2013 18:10:11
Running from C:\Users\candy\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() c:\wordpress\xampp\mysql\bin\mysqld.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\candy\Desktop\N-Cry.3.4.2\adb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKCU\...\Run: [Steam] - D:\Games\Steam\steam.exe [1813928 2013-10-09] (Valve Corporation)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {330f216f-7036-11e1-b6f6-e02a82395819} - G:\AutoRun.exe
MountPoints2: {d217b981-ed33-11e0-bbe2-64315079e321} - F:\AutoRun.exe
MountPoints2: {d217b999-ed33-11e0-bbe2-64315079e321} - F:\AutoRun.exe
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Bonus.SSR.FR11] - C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1363984 2013-05-25] (ABBYY Production LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
Startup: C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={5E55CC33-1034-4EFB-AD79-AE732A5BA953}&mid=746f2097ced147d0bad1b578169d0ad2-7ec8c074a4e4b47362d8a9189205c84fe85b54c9&lang=en&ds=ga011&pr=sa&d=2012-07-28 18:43:41&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={5E55CC33-1034-4EFB-AD79-AE732A5BA953}&mid=746f2097ced147d0bad1b578169d0ad2-7ec8c074a4e4b47362d8a9189205c84fe85b54c9&lang=en&ds=ga011&pr=sa&d=2012-07-28 18:43:41&v=12.2.5.32&sap=dsp&q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activation.cloud.techsmith.com
Tcpip\Parameters: [DhcpNameServer] 192.168.50.12

FireFox:
========
FF ProfilePath: C:\Users\candy\AppData\Roaming\Mozilla\Firefox\Profiles\3jk716n9.default
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Screen Capture Plugin) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.5_0\plugins/screen_capture.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Extension: (Google Docs) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\candy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
S4 Apache2.2; c:\wordpress\xampp\apache\bin\httpd.exe [18432 2011-09-10] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 mysql; c:\wordpress\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] ()
S2 NPVR Recording Service; "C:\Program Files (x86)\NPVR\NRecord.exe" [x]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R4 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [593024 2010-11-25] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmb38464; C:\Windows\System32\DRIVERS\cmb38464.sys [38944 2012-11-21] (Amanero SRL)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-08] (DT Soft Ltd)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [30720 2005-04-13] (The OpenVPN Project)
R3 USBIPEnum; C:\Windows\System32\DRIVERS\USBIPEnum.sys [52296 2011-02-22] (Windows (R) Win 7 DDK provider)
S2 AODDriver4.01; \??\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-27 18:06 - 2013-10-27 18:06 - 00000000 _____ C:\Users\candy\defogger_reenable
2013-10-27 18:05 - 2013-10-27 18:05 - 00004731 _____ C:\Users\candy\Desktop\Neues Textdokument.txt
2013-10-27 17:53 - 2013-10-27 17:55 - 00021883 _____ C:\Users\candy\Desktop\Addition.txt
2013-10-27 17:38 - 2013-10-27 18:07 - 00000000 ____D C:\Users\candy\Desktop\troj
2013-10-27 17:33 - 2013-10-27 17:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\candy\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-27 17:32 - 2013-10-27 17:33 - 01060070 _____ C:\Users\candy\Desktop\adwcleaner.exe
2013-10-27 17:30 - 2013-10-27 17:30 - 00000000 ____D C:\FRST
2013-10-27 17:24 - 2013-10-27 17:24 - 01956160 _____ (Farbar) C:\Users\candy\Desktop\FRST64.exe
2013-10-27 16:12 - 2013-10-27 16:21 - 00000000 ____D C:\Users\candy\Desktop\N-Cry.3.4.2
2013-10-27 16:06 - 2013-10-27 16:06 - 08581933 _____ C:\Users\candy\Desktop\N-Cry.3.4.2.zip
2013-10-27 12:11 - 2013-10-27 12:11 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-10-27 12:05 - 2013-10-27 12:06 - 00000000 ____D C:\Users\candy\Desktop\Minecraft 1.7.2 by TeamExtremeMc.com
2013-10-26 20:48 - 2013-10-26 20:48 - 00000000 ____D C:\Users\candy\AppData\Roaming\LibreOffice
2013-10-26 20:21 - 2013-10-26 20:21 - 00002589 _____ C:\Users\Public\Desktop\LibreOffice 4.1.lnk
2013-10-26 20:12 - 2013-10-26 20:20 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2013-10-26 18:17 - 2013-10-27 09:56 - 00000000 ____D C:\Users\candy\Desktop\Uni
2013-10-26 12:46 - 2013-10-26 12:47 - 18841658 _____ C:\Users\candy\Desktop\R7000-V1.0.2.111_1.0.17.chk
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\ProgramData\ATI
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-10-25 21:46 - 2013-10-27 12:32 - 00000000 ____D C:\Users\candy\AppData\Roaming\.minecraft
2013-10-25 21:46 - 2013-10-27 12:11 - 00002129 _____ C:\Users\candy\Desktop\Minecraft.lnk
2013-10-25 21:31 - 2013-09-23 11:11 - 66729528 _____ (TeamExtreme                                                 ) C:\Users\candy\Desktop\Minecraft 1.6.4.exe
2013-10-23 00:43 - 2013-10-23 00:43 - 00001130 _____ C:\Users\Public\Desktop\TeamViewer 8 Host.lnk
2013-10-23 00:42 - 2013-10-23 00:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-20 07:52 - 2013-10-21 11:19 - 00000000 ____D C:\Users\candy\AppData\Roaming\mIRC
2013-10-20 07:52 - 2013-10-20 07:52 - 00000919 _____ C:\Users\Public\Desktop\mIRC.lnk
2013-10-20 07:52 - 2013-10-20 07:52 - 00000000 ____D C:\Program Files (x86)\mIRC
2013-10-16 20:58 - 2013-10-16 20:58 - 00000593 _____ C:\Users\Public\Desktop\Cygwin64 Terminal.lnk
2013-10-16 18:34 - 2013-10-16 20:58 - 00000000 ____D C:\cygwin64
2013-10-15 20:48 - 2013-10-15 20:48 - 00001258 _____ C:\Users\mile\Desktop\DiskInternals Research.lnk
2013-10-15 20:48 - 2013-10-15 20:48 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2013-10-15 20:47 - 2013-10-15 20:47 - 00000000 ____D C:\Program Files (x86)\DiskInternals
2013-10-12 09:27 - 2013-10-12 09:27 - 00000000 ____D C:\Users\candy\AppData\Roaming\XBMC
2013-10-12 09:22 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-10-12 09:22 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-10-12 09:18 - 2013-10-12 09:18 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-10-12 09:17 - 2013-10-12 09:18 - 00000000 ____D C:\Program Files (x86)\XBMC
2013-10-12 02:56 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 02:56 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 02:56 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 02:56 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 02:56 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 02:56 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 02:56 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 02:56 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 02:56 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 02:56 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 02:56 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 02:56 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-12 02:55 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 02:55 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 02:55 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 02:12 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 02:12 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-11 05:22 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 05:22 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 05:22 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 05:22 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 05:21 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 05:21 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 05:21 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 05:21 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-11 05:21 - 2013-08-29 02:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-11 05:21 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 05:21 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 05:21 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 05:21 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 05:21 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 05:21 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-11 05:21 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-11 05:21 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 05:21 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 05:21 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 05:21 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 05:21 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 05:21 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 05:21 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 05:21 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 05:21 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 05:21 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 05:21 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 05:21 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 05:21 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 05:19 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 05:19 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 05:19 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 05:19 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 05:19 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 05:19 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 05:19 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 05:19 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 05:19 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 05:19 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 05:19 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 05:19 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 05:19 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 05:19 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 05:19 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 05:18 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-11 05:18 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 05:18 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 05:18 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:33 - 2013-10-09 18:34 - 00884437 _____ C:\Users\candy\Downloads\4C44.tmp
2013-10-06 11:22 - 2013-10-06 11:22 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-03 21:52 - 2013-10-03 21:53 - 00000000 ____D C:\ProgramData\Oracle
2013-10-03 21:51 - 2013-10-03 21:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-03 21:51 - 2013-10-03 21:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-03 21:51 - 2013-10-03 21:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-03 21:51 - 2013-10-03 21:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-03 19:34 - 2013-10-03 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-03 13:23 - 2013-10-03 13:37 - 00000000 ____D C:\Users\candy\Desktop\Arduino
2013-09-30 08:08 - 2013-09-30 08:08 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-09-30 08:08 - 2013-09-30 08:08 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-09-28 16:35 - 2013-09-28 16:35 - 00000000 ____D C:\ProgramData\Logitech
2013-09-28 16:34 - 2013-09-28 16:34 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-09-28 16:30 - 2013-09-28 16:30 - 00000000 ____D C:\Users\candy\AppData\Roaming\Leadertech
2013-09-28 16:23 - 2013-10-17 13:47 - 00001928 _____ C:\Windows\LkmdfCoInst.log
2013-09-28 16:23 - 2013-10-17 13:36 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-09-28 16:19 - 2013-09-28 16:26 - 00007328 _____ C:\Windows\LDPINST.LOG
2013-09-28 16:17 - 2013-09-28 16:34 - 00000000 ____D C:\ProgramData\Logishrd
2013-09-28 16:17 - 2013-09-28 16:17 - 00000000 ____D C:\Program Files\Logitech
2013-09-28 16:16 - 2013-09-28 16:26 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-09-28 16:14 - 2013-09-28 16:32 - 00000000 ____D C:\Users\candy\AppData\Roaming\Logitech
2013-09-28 16:14 - 2013-09-28 16:16 - 00000000 ____D C:\Users\candy\AppData\Roaming\Logishrd

==================== One Month Modified Files and Folders =======

2013-10-27 18:08 - 2011-11-07 18:50 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F43A8D18-BC33-4B43-B110-C99C36CE59C0}
2013-10-27 18:07 - 2013-10-27 17:38 - 00000000 ____D C:\Users\candy\Desktop\troj
2013-10-27 18:06 - 2013-10-27 18:06 - 00000000 _____ C:\Users\candy\defogger_reenable
2013-10-27 18:06 - 2011-01-27 14:57 - 00000000 ____D C:\Users\candy
2013-10-27 18:05 - 2013-10-27 18:05 - 00004731 _____ C:\Users\candy\Desktop\Neues Textdokument.txt
2013-10-27 17:58 - 2013-01-31 12:16 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-27 17:55 - 2013-10-27 17:53 - 00021883 _____ C:\Users\candy\Desktop\Addition.txt
2013-10-27 17:50 - 2013-05-12 16:16 - 00000000 ____D C:\Users\mile
2013-10-27 17:33 - 2013-10-27 17:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\candy\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-27 17:33 - 2013-10-27 17:32 - 01060070 _____ C:\Users\candy\Desktop\adwcleaner.exe
2013-10-27 17:33 - 2013-06-29 11:09 - 00000000 ____D C:\Users\candy\AppData\Roaming\BOM
2013-10-27 17:30 - 2013-10-27 17:30 - 00000000 ____D C:\FRST
2013-10-27 17:24 - 2013-10-27 17:24 - 01956160 _____ (Farbar) C:\Users\candy\Desktop\FRST64.exe
2013-10-27 16:21 - 2013-10-27 16:12 - 00000000 ____D C:\Users\candy\Desktop\N-Cry.3.4.2
2013-10-27 16:06 - 2013-10-27 16:06 - 08581933 _____ C:\Users\candy\Desktop\N-Cry.3.4.2.zip
2013-10-27 15:58 - 2012-07-28 11:50 - 01258382 _____ C:\Windows\WindowsUpdate.log
2013-10-27 12:32 - 2013-10-25 21:46 - 00000000 ____D C:\Users\candy\AppData\Roaming\.minecraft
2013-10-27 12:11 - 2013-10-27 12:11 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-10-27 12:11 - 2013-10-25 21:46 - 00002129 _____ C:\Users\candy\Desktop\Minecraft.lnk
2013-10-27 12:06 - 2013-10-27 12:05 - 00000000 ____D C:\Users\candy\Desktop\Minecraft 1.7.2
2013-10-27 11:43 - 2011-03-06 20:51 - 00000000 ____D C:\Users\candy\AppData\Roaming\Skype
2013-10-27 10:55 - 2013-06-29 10:35 - 00000000 ____D C:\Users\candy\AppData\Roaming\HandBrake
2013-10-27 10:50 - 2013-06-16 16:36 - 00000000 ____D C:\Users\candy\AppData\Local\JDownloader v2.0
2013-10-27 09:56 - 2013-10-26 18:17 - 00000000 ____D C:\Users\candy\Desktop\Uni
2013-10-27 08:28 - 2009-07-14 18:58 - 00713006 _____ C:\Windows\system32\perfh007.dat
2013-10-27 08:28 - 2009-07-14 18:58 - 00156158 _____ C:\Windows\system32\perfc007.dat
2013-10-27 08:28 - 2009-07-14 06:13 - 01658090 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-26 22:36 - 2011-01-27 15:41 - 00076592 _____ C:\Users\candy\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-26 20:48 - 2013-10-26 20:48 - 00000000 ____D C:\Users\candy\AppData\Roaming\LibreOffice
2013-10-26 20:21 - 2013-10-26 20:21 - 00002589 _____ C:\Users\Public\Desktop\LibreOffice 4.1.lnk
2013-10-26 20:20 - 2013-10-26 20:12 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2013-10-26 17:58 - 2013-01-31 12:16 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 12:47 - 2013-10-26 12:46 - 18841658 _____ C:\Users\candy\Desktop\R7000-V1.0.2.111_1.0.17.chk
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\ProgramData\ATI
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-25 22:30 - 2013-10-25 22:30 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-10-25 22:30 - 2011-01-27 20:02 - 00000000 ____D C:\ProgramData\AMD
2013-10-25 22:29 - 2009-07-14 05:45 - 00027632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-25 22:29 - 2009-07-14 05:45 - 00027632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-25 22:28 - 2013-07-01 20:05 - 00000000 ____D C:\Program Files\ATI Technologies
2013-10-25 22:22 - 2012-07-29 00:00 - 00043235 _____ C:\Windows\setupact.log
2013-10-25 21:19 - 2009-07-14 05:45 - 02216056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-25 21:18 - 2013-01-31 15:22 - 00011408 _____ C:\Windows\PFRO.log
2013-10-25 21:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-23 00:43 - 2013-10-23 00:43 - 00001130 _____ C:\Users\Public\Desktop\TeamViewer 8 Host.lnk
2013-10-23 00:42 - 2013-10-23 00:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2013-10-22 14:24 - 2013-10-22 14:24 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-21 11:19 - 2013-10-20 07:52 - 00000000 ____D C:\Users\candy\AppData\Roaming\mIRC
2013-10-20 16:47 - 2013-09-16 15:20 - 00000000 ____D C:\Users\candy\AppData\Local\CrashDumps
2013-10-20 15:34 - 2011-02-24 20:26 - 00000000 ____D C:\Users\candy\AppData\Roaming\vlc
2013-10-20 08:03 - 2011-03-01 13:43 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-10-20 07:52 - 2013-10-20 07:52 - 00000919 _____ C:\Users\Public\Desktop\mIRC.lnk
2013-10-20 07:52 - 2013-10-20 07:52 - 00000000 ____D C:\Program Files (x86)\mIRC
2013-10-20 07:51 - 2011-03-08 21:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-19 09:08 - 2013-02-01 01:15 - 00004164 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-17 13:47 - 2013-09-28 16:23 - 00001928 _____ C:\Windows\LkmdfCoInst.log
2013-10-17 13:36 - 2013-09-28 16:23 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-10-16 20:58 - 2013-10-16 20:58 - 00000593 _____ C:\Users\Public\Desktop\Cygwin64 Terminal.lnk
2013-10-16 20:58 - 2013-10-16 18:34 - 00000000 ____D C:\cygwin64
2013-10-16 20:00 - 2012-08-05 20:22 - 00782336 ___SH C:\Users\candy\Downloads\Thumbs.db
2013-10-16 19:37 - 2013-07-05 15:08 - 00000600 _____ C:\Users\candy\AppData\Local\PUTTY.RND
2013-10-16 08:03 - 2013-01-31 12:18 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-15 20:48 - 2013-10-15 20:48 - 00001258 _____ C:\Users\mile\Desktop\DiskInternals Research.lnk
2013-10-15 20:48 - 2013-10-15 20:48 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2013-10-15 20:47 - 2013-10-15 20:47 - 00000000 ____D C:\Program Files (x86)\DiskInternals
2013-10-12 17:53 - 2013-01-31 12:16 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-12 17:53 - 2013-01-31 12:16 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-12 09:27 - 2013-10-12 09:27 - 00000000 ____D C:\Users\candy\AppData\Roaming\XBMC
2013-10-12 09:18 - 2013-10-12 09:18 - 00000000 ____D C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-10-12 09:18 - 2013-10-12 09:17 - 00000000 ____D C:\Program Files (x86)\XBMC
2013-10-12 02:54 - 2011-02-01 02:04 - 01635984 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-12 02:42 - 2013-08-15 19:38 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 02:31 - 2011-02-01 01:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 04:49 - 2013-02-02 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-09 18:34 - 2013-10-09 18:33 - 00884437 _____ C:\Users\candy\Downloads\4C44.tmp
2013-10-09 18:32 - 2011-03-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 18:30 - 2013-02-03 10:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-06 11:22 - 2013-10-06 11:22 - 00001034 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-03 21:53 - 2013-10-03 21:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-03 21:50 - 2013-10-03 21:51 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-03 21:50 - 2013-10-03 21:51 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-03 21:50 - 2013-10-03 21:51 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-03 21:50 - 2013-10-03 21:51 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-03 21:50 - 2013-02-18 19:04 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-03 21:50 - 2011-02-28 21:18 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-03 21:50 - 2011-02-28 21:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-03 19:35 - 2013-10-03 19:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-03 13:37 - 2013-10-03 13:23 - 00000000 ____D C:\Users\candy\Desktop\Arduino
2013-10-03 09:44 - 2011-03-01 16:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-03 09:25 - 2011-01-27 14:57 - 00000000 ___RD C:\Users\candy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-30 08:08 - 2013-09-30 08:08 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-09-30 08:08 - 2013-09-30 08:08 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-09-28 16:35 - 2013-09-28 16:35 - 00000000 ____D C:\ProgramData\Logitech
2013-09-28 16:34 - 2013-09-28 16:34 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-09-28 16:34 - 2013-09-28 16:17 - 00000000 ____D C:\ProgramData\Logishrd
2013-09-28 16:32 - 2013-09-28 16:14 - 00000000 ____D C:\Users\candy\AppData\Roaming\Logitech
2013-09-28 16:30 - 2013-09-28 16:30 - 00000000 ____D C:\Users\candy\AppData\Roaming\Leadertech
2013-09-28 16:26 - 2013-09-28 16:19 - 00007328 _____ C:\Windows\LDPINST.LOG
2013-09-28 16:26 - 2013-09-28 16:16 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-09-28 16:17 - 2013-09-28 16:17 - 00000000 ____D C:\Program Files\Logitech
2013-09-28 16:16 - 2013-09-28 16:14 - 00000000 ____D C:\Users\candy\AppData\Roaming\Logishrd

Some content of TEMP:
====================
C:\Users\candy\AppData\Local\Temp\13-4_mobility_win7_win8_64_dd_ccc_whql.exe
C:\Users\candy\AppData\Local\Temp\AskSLib.dll
C:\Users\candy\AppData\Local\Temp\avguidx.dll
C:\Users\candy\AppData\Local\Temp\CommonInstaller.exe
C:\Users\candy\AppData\Local\Temp\cygiconv-2.dll
C:\Users\candy\AppData\Local\Temp\cygintl-8.dll
C:\Users\candy\AppData\Local\Temp\cygwin1.dll
C:\Users\candy\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\candy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\candy\AppData\Local\Temp\LMkRstPt.exe
C:\Users\candy\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\candy\AppData\Local\Temp\md5sum.exe
C:\Users\candy\AppData\Local\Temp\mirc732.exe
C:\Users\candy\AppData\Local\Temp\oi_{147E6E83-1B95-4802-BA9A-8F2EA8B9D4F3}.exe
C:\Users\candy\AppData\Local\Temp\proxy_vole82871546064823047.dll
C:\Users\candy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\candy\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\candy\AppData\Local\Temp\_isB31C.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-20 23:59

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---





Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2013 01
Ran by candy at 2013-10-27 17:53:47
Running from C:\Users\candy\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.1.29812)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 11 (x32 Version: 11.11.169)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe Dreamweaver CS3 (x32 Version: 9)
Adobe Dreamweaver CS3 (x32 Version: 9.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Extension Manager CS3 (x32 Version: 1.8)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Photoshop CS3 (x32 Version: 10.0)
Adobe Reader X (10.0.1) - Deutsch (x32 Version: 10.0.1)
Adobe Setup (x32 Version: 1.0)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0429.2313.39747)
AMD Media Foundation Decoders (Version: 1.0.80430.0002)
AMD VISION Engine Control Center (x32 Version: 2013.0429.2313.39747)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Brother MFL-Pro Suite MFC-J5910DW (x32 Version: 1.1.1.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747)
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747)
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747)
CCC Help Czech (x32 Version: 2013.0429.2312.39747)
CCC Help Danish (x32 Version: 2013.0429.2312.39747)
CCC Help Dutch (x32 Version: 2013.0429.2312.39747)
CCC Help English (x32 Version: 2013.0429.2312.39747)
CCC Help Finnish (x32 Version: 2013.0429.2312.39747)
CCC Help French (x32 Version: 2013.0429.2312.39747)
CCC Help German (x32 Version: 2013.0429.2312.39747)
CCC Help Greek (x32 Version: 2013.0429.2312.39747)
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747)
CCC Help Italian (x32 Version: 2013.0429.2312.39747)
CCC Help Japanese (x32 Version: 2013.0429.2312.39747)
CCC Help Korean (x32 Version: 2013.0429.2312.39747)
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747)
CCC Help Polish (x32 Version: 2013.0429.2312.39747)
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747)
CCC Help Russian (x32 Version: 2013.0429.2312.39747)
CCC Help Spanish (x32 Version: 2013.0429.2312.39747)
CCC Help Swedish (x32 Version: 2013.0429.2312.39747)
CCC Help Thai (x32 Version: 2013.0429.2312.39747)
CCC Help Turkish (x32 Version: 2013.0429.2312.39747)
ccc-utility64 (Version: 2013.0429.2313.39747)
CCleaner (Version: 3.20)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
DAEMON Tools Lite (x32 Version: 4.40.2.0131)
eReg (x32 Version: 1.20.138.34)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
GIMP 2.6.11 (x32 Version: 2.6.11)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1)
HashCheck Shell Extension (x86-32) (x32 Version: 2.1.11.1)
HashCheck Shell Extension (x86-64) (Version: 2.1.11.1)
HP HotKey Support (Version: 3.5.15.1)
HP USB Disk Storage Format Tool (x32)
ImgBurn (x32 Version: 2.5.7.0)
IrfanView (remove only) (x32 Version: 4.36)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 24 (x32 Version: 6.0.240)
Java(TM) 7 Update 1 (64-bit) (Version: 7.0.10)
Java(TM) SE Development Kit 7 Update 1 (64-bit) (Version: 1.7.0.10)
JDownloader 2 (Version: 2)
JDownloader 2 (Version: 2.0)
LibreOffice 4.1.2.3 (x32 Version: 4.1.2.3)
Logitech SetPoint 6.61 (Version: 6.61.15)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Minecraft1.6.4 (x32)
Minecraft1.7.2 (x32)
MiniTool Partition Wizard Home Edition 8.0 (x32)
mIRC (x32 Version: 7.32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFonts Order M2804930 (x32 Version: 1.0)
NAS Starter Utility (x32)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1)
Notepad++ (x32 Version: 6.3)
PDF Settings (x32 Version: 1.0)
PDF-Viewer (Version: 2.5.208.0)
SDFormatter (x32 Version: 4.0.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
TeamViewer 8 Host (x32 Version: 8.0.22298)
TI Connect 1.6 (x32 Version: 1.6)
TI Connect™ (x32 Version: 4.0.0.218)
TI NoteFolio Creator (x32 Version: 1.1.0.276)
TI StudyCards Creator (x32 Version: 2.1.0.269)
Universal Adb Driver (x32 Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Vegas Pro 9.0 (64-bit) (Version: 9.0.1146)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01)
VLC media player 2.0.8 (x32 Version: 2.0.8)
WinDirStat 1.1.2 (HKCU)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows-Treiberpaket - Amanero Technologies (cmb38464) MEDIA  (11/21/2012 1.0.56) (Version: 11/21/2012 1.0.56)
XAMPP 1.7.7 (x32)
XBMC (HKCU)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-02-05 14:22 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com

==================== Scheduled Tasks (whitelisted) =============

Task: {2BA9EF52-7CC9-42CA-B2F2-31259699266C} - System32\Tasks\{414E20F3-C589-4FE2-A722-ED4EBED80165} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.119/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {444CA150-8737-430E-80FF-99922E2911C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {ABE2B556-8E8C-4445-A98A-08B8E18D19EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: {D4E5A77D-54BC-4224-B913-BA28E344876D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {E1F94E3A-1809-4C08-8621-29A1BB2DD9B1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {EF839303-EDED-4659-B1E3-86A392D28D5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-04-29 22:25 - 2013-04-29 22:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 22:08 - 2013-04-29 22:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-27 16:38 - 2013-10-27 13:57 - 02105856 _____ () C:\Program Files\AVAST\Avast\defs\13102700\algo.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-10-16 08:02 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-16 08:02 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-16 08:02 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-16 08:02 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-16 08:02 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-16 08:02 - 2013-10-09 01:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9296583

Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9296583

Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9295538

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9295538

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9294492

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9294492

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9293478


System errors:
=============
Error: (10/27/2013 04:05:11 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (10/27/2013 03:28:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpHotkeyMonitor erreicht.

Error: (10/27/2013 03:26:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer8 erreicht.

Error: (10/27/2013 11:58:21 AM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.50.100 mit dem Computer mit der
Netzwerkhardwareadresse 68-94-23-CA-54-01 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (10/27/2013 08:33:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2863058)

Error: (10/27/2013 08:25:07 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpHotkeyMonitor erreicht.

Error: (10/27/2013 02:00:14 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer8 erreicht.

Error: (10/26/2013 09:23:10 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (10/26/2013 05:18:10 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpHotkeyMonitor erreicht.

Error: (10/26/2013 00:07:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MpsSvc erreicht.


Microsoft Office Sessions:
=========================
Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9296583

Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9296583

Error: (10/27/2013 03:27:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9295538

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9295538

Error: (10/27/2013 03:27:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9294492

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9294492

Error: (10/27/2013 03:27:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/27/2013 03:27:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9293478


CodeIntegrity Errors:
===================================
  Date: 2011-06-12 00:14:06.064
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tap0801.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-06-12 00:14:06.033
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tap0801.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 92%
Total physical RAM: 1788.56 MB
Available physical RAM: 133.4 MB
Total Pagefile: 4059.23 MB
Available Pagefile: 751.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Win7) (Fixed) (Total:46.57 GB) (Free:5.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:203.09 GB) (Free:10.17 GB) NTFS
Drive f: () (Removable) (Total:3.67 GB) (Free:1.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: D2C16FE5)
Partition 1: (Active) - (Size=47 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=2 GB) - (Type=82)
Partition 3: (Not Active) - (Size=47 GB) - (Type=83)
Partition 4: (Not Active) - (Size=203 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
         
Gmer.log

ALS ZIP ANGEHÄNGT



Danke schonmal im Voraus und nette Grüße!
Ron

Geändert von bigron (27.10.2013 um 19:10 Uhr) Grund: Gmer.log als ZIP archiv angehängt

Alt 27.10.2013, 21:24   #2
bigron
 
Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! - Standard

Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!



Soo. Bekomme auch nach Änderung des GMX und Gmail passworts auf einem PC mit CrunchBang Linux immer noch die "Mail delivery failed: returning message to sender" Emails vom GMX Server auf mein Gmail Account wo es halt weitergeleitet wird.

Man Man Man. Was ist da blos nur los.
Letzten Freitag war ich bei einem Kumpel und wir haben im LAN paar Spiele gespielt. Könnte es einfach so über das Netzwerk mein Laptop kompromittiert haben?

Nette Grüße!
Ron
__________________


Alt 27.10.2013, 22:12   #3
philip83
 
Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! - Standard

Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!



Ich habe die Frage schon in einem anderen Thread beantwortet, aber ich mache es gern noch ein zweites Mal: Das ist eine ganz gewöhnliche Spam-Attacke an vorname.nachname@gmx.de-Adressen. Die Mailer-Daemon-Mails kommen durch die Weiterleitung von gmx an gmail zustande, da die Mails nicht RFC 2822 compliant sind und deshalb von gmail abgewiesen werden. Dadurch wird die Mailer-Daemon-Mail an Deinen gmx-Account geschickt, die dann wiederum an gmail weitergeleitet wird. Die Sache ist also nervig, aber harmlos.
__________________

Alt 27.10.2013, 23:24   #4
bigron
 
Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! - Standard

Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!



Moin Moin!

Vielen lieben Dank für die Aufklärung. Ich dachte schon da wäre mein GMX Account gekapert bzw. dafür genutzt um Spam zu verteilen. Ich lasse trotzdem nochmal den ESET Scanner durchlaufen, jedoch sieht es so aus als ob da keine Datei infiziert sei.

Danke nochmals!

Nette Grüße
Ron

Antwort

Themen zu Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!
4d36e972-e325-11ce-bfc1-08002be10318, adobe, bonjour, branding, browser, cid, computer, cs3, defender, failed, farbar, farbar recovery scan tool, ftp, gmer.log, gmx.de, helper, home, installation, komische mails, mail delivery, mozilla, nemesis, photoshop, plug-in, registry, rundll, scan, security, server, services.exe, spam, svchost.exe, system, tracker, trojaner, windows



Ähnliche Themen: Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!


  1. bis zu 50 x am Tag: mail delivery failed: Returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 23.11.2015 (25)
  2. keineantwortadresse@web.de/Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 18.08.2014 (6)
  3. Mail delivery failed: returning message to sender
    Überwachung, Datenschutz und Spam - 16.07.2014 (3)
  4. Seit gestern 800 Emails mit Mail delivery failed​: returning message ​to sender​
    Log-Analyse und Auswertung - 27.03.2014 (9)
  5. "Mail delivery failed: returning message to sender" bei web.de
    Log-Analyse und Auswertung - 28.01.2014 (1)
  6. Mail delivery failed: returning message to sender
    Log-Analyse und Auswertung - 06.12.2013 (7)
  7. Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (11)
  8. Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (8)
  9. mail delivery failed: returning message to sender - web.de account
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (9)
  10. mail delivery failed: returning message to sender im gmx account
    Log-Analyse und Auswertung - 12.07.2013 (5)
  11. Mail delivery failed returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  12. GMX Verschickt von selbst EMails.... Mail delivery failed: returning message to sender
    Log-Analyse und Auswertung - 15.05.2013 (1)
  13. Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (3)
  14. mail delivery failed: returning message to sender bei web.de
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (11)
  15. Mail delivery failed: returning message to sender bei web.de
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (11)
  16. Mail Delivery Failed: Returning Message to Sender
    Alles rund um Windows - 10.10.2012 (1)
  17. Noch ein Fall von "Mail delivery failed: returning message to sender"
    Plagegeister aller Art und deren Bekämpfung - 10.10.2012 (2)

Zum Thema Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! - Moin Moin! Ich habe seit gestern überdurchschnittlich viele "Mail delivery failed: returning message to sender" Mails im GMX Account. (Alle mails die ich über GMX Bekomme werden bei mir an - Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach!...
Archiv
Du betrachtest: Viele "Mail delivery failed: returning message to sender" und komische Emails im Postfach! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.