Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Automatischer Versand von Spammails (mail.live.com)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.05.2011, 13:56   #1
kakuzu
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Guten Tag,

seit einiger Zeit stelle ich fest das von meinem E-Mail Account regelmäßig Spammails versendet werden die legentlich einen Link enthalten. Meist zu Englischen Seiten auf denen Produkte beworben werden.
Nachdem ich das Kennwort bereits mehrmals geändert habe vermute ich das das Problem von meinem PC aus geht.
Ich habe vor einigen Tagen Windows 7 Neu Installiert aber dennoch werden weitere E-Mail versendet.
Ich bin bei euch im Forum schon auf ähnliche Probleme aufmerksam geworden. Aber da dort ja mit den Log Dateien des Jeweiligen Users gearbeitet wird, habe ich meinen PC nun mal mit Malewarebytes und OTL gescannt. Logfiles befinden sich im Anhang. Malewaarebytes hat ach schon 3 sachen gefunden da ich mir aber nicht sicher bin ob ein reines Löschen der Dateien ausreicht wende ich mich guten Gewissens lieber an euch, die ein wenig mehr Erfahrung mit dem Thema haben.

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6633

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

21.05.2011 14:45:26
mbam-log-2011-05-21 (14-45-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 127421
Laufzeit: 19 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\alte daten\DIVERSES\scripte web\losexxl\r4e keno\e lizenz\game_keno_1.2_e_vms1_cfree\images\keno\feld_blau.gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\alte daten\DIVERSES\scripte web\losexxl\r4e keno\r4e\ordner\game_keno_1.2_r4e_vms1_cfree\game_keno_1.2_r4e_vms1_cfree\images\keno\feld_blau.gif (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\alte daten\DIVERSES\scripte web\wiki\deki_wiki_1.8.2a_hayes_source\deki_wiki_1.8.2a_hayes_source\web\editor\images\ed_buttons_old.gif (Extension.Mismatch) -> Quarantined and deleted successfully.
         
Code:
ATTFilter
OTL logfile created on: 21.05.2011 14:46:30 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\kakuzu\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,86 Gb Total Space | 235,74 Gb Free Space | 82,18% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 3,12 Gb Free Space | 31,91% Space Free | Partition Type: NTFS
 
Computer Name: ******** | User Name: ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\******\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 42 70 4C 39 14 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {056d0610-e44d-11df-bccf-0800200c9a66}:3.3.5
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.16 01:23:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.16 01:23:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.05.15 22:34:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.16 16:00:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.05.15 22:26:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.05.16 01:23:50 | 000,000,000 | ---D | M]
 
[2011.05.15 22:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions
[2011.05.15 22:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.16 18:04:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions
[2011.05.16 18:04:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.16 18:04:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.16 18:04:45 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2011.05.16 18:04:45 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.16 18:04:44 | 000,000,000 | ---D | M] (Multi Links) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\yz55t0ui.default\extensions\multilinks@plugin
[2011.05.16 18:07:01 | 000,000,950 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\yz55t0ui.default\searchplugins\icqplugin-1.xml
[2011.03.05 21:08:38 | 000,000,950 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\yz55t0ui.default\searchplugins\icqplugin-2.xml
[2011.03.27 05:29:38 | 000,000,950 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\yz55t0ui.default\searchplugins\icqplugin-3.xml
[2010.05.12 18:40:48 | 000,001,042 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\yz55t0ui.default\searchplugins\icqplugin.xml
[2010.08.18 02:30:59 | 000,002,791 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\yz55t0ui.default\searchplugins\world-of-warcraft-arsenal.xml
[2011.05.16 17:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.05.16 17:34:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.05.15 22:34:30 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YZ55T0UI.DEFAULT\EXTENSIONS\{02450954-CDD9-410F-B1DA-DB804E18C671}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YZ55T0UI.DEFAULT\EXTENSIONS\{056D0610-E44D-11DF-BCCF-0800200C9A66}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YZ55T0UI.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YZ55T0UI.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YZ55T0UI.DEFAULT\EXTENSIONS\SELECTIONLINKS@FLORIANGILLES.COM.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.05.16 16:12:07 | 000,000,687 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LiveZilla] C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.10 18:32:46 | 000,000,049 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.21 08:52:35 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Malwarebytes
[2011.05.21 08:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.21 08:52:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.21 08:52:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.21 08:52:18 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.21 08:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.21 08:51:48 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\kakuzu\Desktop\mbam-setup-1.50.1.1100.exe
[2011.05.21 00:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wipedisk
[2011.05.21 00:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2011.05.21 00:14:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2011.05.20 23:55:26 | 000,000,000 | ---D | C] -- C:\Alte Daten
[2011.05.20 19:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OGT-Diagnostic Tool
[2011.05.20 19:23:44 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OGT-Diagnostic Tool
[2011.05.20 19:23:42 | 000,000,000 | ---D | C] -- C:\Analysis
[2011.05.20 19:23:38 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2011.05.20 19:23:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2011.05.20 17:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
[2011.05.20 17:36:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runtime Software
[2011.05.19 10:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.05.17 04:36:22 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\DivX
[2011.05.17 04:35:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.05.17 04:07:16 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Google Chrome Backup
[2011.05.17 04:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
[2011.05.17 04:07:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google Chrome Backup
[2011.05.17 02:42:41 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\ElevatedDiagnostics
[2011.05.16 19:33:58 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\TortoiseGit
[2011.05.16 19:14:15 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\TGitCache
[2011.05.16 19:05:43 | 000,135,168 | ---- | C] (Simon Tatham) -- C:\Users\kakuzu\Desktop\pageant.exe
[2011.05.16 19:04:39 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\.ssh
[2011.05.16 18:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
[2011.05.16 18:48:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\TortoiseOverlays
[2011.05.16 18:48:41 | 000,000,000 | ---D | C] -- C:\Programme\TortoiseGit
[2011.05.16 18:48:41 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.05.16 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
[2011.05.16 18:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Git
[2011.05.16 18:30:31 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\Documents\4545
[2011.05.16 18:06:10 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\Documents\NetBeansProjects
[2011.05.16 17:49:58 | 000,036,864 | ---- | C] (FOBit, Inh. Frank Olschewski) -- C:\Users\kakuzu\Desktop\Dateiinhalte durchsuchen.exe
[2011.05.16 17:42:47 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Apps
[2011.05.16 17:41:45 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011.05.16 17:41:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011.05.16 17:41:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011.05.16 17:41:44 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011.05.16 17:40:30 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Weaverslave
[2011.05.16 17:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weaverslave
[2011.05.16 17:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Weaverslave
[2011.05.16 17:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.05.16 17:34:25 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.05.16 17:34:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.05.16 17:34:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.05.16 17:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.05.16 17:15:46 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\Desktop\elgg-1.8b1
[2011.05.16 16:00:29 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Mozilla
[2011.05.16 16:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.16 15:57:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011.05.16 15:45:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.05.16 15:45:44 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.05.16 15:45:44 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.05.16 15:45:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.05.16 15:45:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.05.16 15:45:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.05.16 15:45:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.05.16 15:45:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.05.16 15:45:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.05.16 15:45:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.05.16 15:45:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.05.16 15:45:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.05.16 15:45:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.05.16 15:45:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.05.16 15:45:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.05.16 15:45:44 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.05.16 15:45:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.05.16 15:45:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.05.16 15:45:43 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.05.16 15:45:43 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.05.16 15:45:43 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.05.16 15:45:43 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.05.16 15:45:43 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.05.16 15:45:43 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.05.16 15:45:43 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.05.16 15:45:43 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.05.16 15:45:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.05.16 15:45:43 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.05.16 15:45:43 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.05.16 15:45:43 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.05.16 15:45:43 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.05.16 15:45:43 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.05.16 15:45:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.05.16 15:45:43 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.05.16 15:45:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.05.16 15:45:43 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.05.16 15:45:43 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.05.16 15:45:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.05.16 15:45:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.05.16 15:45:43 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.05.16 15:45:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.05.16 15:45:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.05.16 15:45:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.05.16 15:45:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.05.16 15:45:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.05.16 15:45:43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.05.16 15:45:43 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.05.16 15:45:43 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.05.16 15:45:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.05.16 15:45:43 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.05.16 15:45:43 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.05.16 15:45:43 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.05.16 15:45:43 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.05.16 15:45:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.05.16 15:45:43 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.05.16 15:45:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.05.16 15:45:43 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.05.16 15:45:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.05.16 15:45:43 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.05.16 15:45:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.05.16 15:45:43 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.05.16 15:45:43 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.05.16 15:45:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.05.16 15:45:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.05.16 15:45:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.05.16 15:45:43 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.05.16 15:45:43 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.05.16 15:45:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.05.16 15:45:43 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.05.16 15:45:43 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.05.16 15:45:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.05.16 15:45:43 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.05.16 15:45:43 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.05.16 15:45:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.05.16 15:45:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.05.16 15:45:43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.05.16 15:45:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.05.16 15:45:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.05.16 13:59:47 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\TeamViewer
[2011.05.16 13:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011.05.16 13:37:20 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2011.05.16 01:33:35 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011.05.16 01:33:35 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011.05.16 01:33:35 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011.05.16 01:33:35 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011.05.16 01:33:35 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011.05.16 01:33:35 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011.05.16 01:33:35 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011.05.16 01:33:35 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011.05.16 01:33:10 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011.05.16 01:25:48 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\DDMSettings
[2011.05.16 01:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.05.16 01:23:25 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011.05.16 01:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.05.16 01:21:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.05.16 01:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.05.16 01:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2011.05.16 01:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.05.16 01:10:03 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Adobe
[2011.05.16 01:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.05.16 01:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.05.16 00:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.05.16 00:48:13 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\.netbeans-registration
[2011.05.16 00:45:11 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\Desktop\thinkphp_2.1_full
[2011.05.16 00:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 6.9.1
[2011.05.16 00:32:50 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\.netbeans
[2011.05.16 00:25:23 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Diagnostics
[2011.05.16 00:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2011.05.16 00:23:00 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.3
[2011.05.16 00:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3
[2011.05.16 00:20:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 7.0
[2011.05.16 00:19:32 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\.nbi
[2011.05.16 00:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.16 00:18:09 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.05.16 00:17:21 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\skypePM
[2011.05.16 00:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.16 00:16:42 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Skype
[2011.05.16 00:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.16 00:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.16 00:16:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.05.16 00:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.05.16 00:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2011.05.16 00:05:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2011.05.15 23:03:34 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.05.15 23:03:16 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\WinRAR
[2011.05.15 23:03:16 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.15 23:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.15 23:03:06 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.05.15 22:35:21 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.05.15 22:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.05.15 22:35:20 | 000,287,576 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.05.15 22:35:18 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.05.15 22:35:17 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.05.15 22:35:16 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.05.15 22:35:14 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.05.15 22:35:14 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.05.15 22:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashFXP 4
[2011.05.15 22:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FlashFXP
[2011.05.15 22:34:29 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.05.15 22:34:29 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.05.15 22:34:20 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2011.05.15 22:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.05.15 22:31:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.05.15 22:31:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.05.15 22:30:13 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.15 22:30:13 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.05.15 22:30:08 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.05.15 22:30:08 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.05.15 22:30:08 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.05.15 22:30:08 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.05.15 22:30:08 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.05.15 22:30:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.05.15 22:30:08 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.05.15 22:30:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.05.15 22:30:05 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011.05.15 22:30:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011.05.15 22:30:03 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011.05.15 22:30:00 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011.05.15 22:30:00 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011.05.15 22:30:00 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011.05.15 22:29:59 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011.05.15 22:29:59 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011.05.15 22:29:59 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011.05.15 22:29:59 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011.05.15 22:29:59 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011.05.15 22:29:58 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011.05.15 22:29:54 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2011.05.15 22:29:54 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2011.05.15 22:29:46 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2011.05.15 22:29:45 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2011.05.15 22:29:45 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2011.05.15 22:29:45 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2011.05.15 22:29:45 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2011.05.15 22:29:45 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2011.05.15 22:29:45 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2011.05.15 22:29:45 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2011.05.15 22:29:45 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011.05.15 22:29:45 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011.05.15 22:29:45 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2011.05.15 22:29:45 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2011.05.15 22:29:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011.05.15 22:29:45 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2011.05.15 22:29:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2011.05.15 22:29:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2011.05.15 22:29:35 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011.05.15 22:29:34 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.05.15 22:29:34 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2011.05.15 22:29:34 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011.05.15 22:29:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.05.15 22:29:09 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.05.15 22:29:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.05.15 22:29:06 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.15 22:29:06 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.15 22:29:06 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.15 22:29:03 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011.05.15 22:28:59 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.05.15 22:28:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.05.15 22:28:58 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.05.15 22:28:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.05.15 22:28:58 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.05.15 22:28:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.05.15 22:28:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.05.15 22:28:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.05.15 22:28:48 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.05.15 22:28:47 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011.05.15 22:28:45 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.05.15 22:28:44 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.05.15 22:28:44 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.05.15 22:28:44 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.05.15 22:28:43 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.05.15 22:28:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.05.15 22:28:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.05.15 22:28:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.05.15 22:28:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.05.15 22:28:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.05.15 22:28:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011.05.15 22:28:42 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011.05.15 22:28:33 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.05.15 22:28:32 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.05.15 22:28:32 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.05.15 22:28:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.05.15 22:28:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.05.15 22:28:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.05.15 22:27:57 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.05.15 22:27:55 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.05.15 22:27:55 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.05.15 22:27:55 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.05.15 22:27:55 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.05.15 22:27:54 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.05.15 22:27:54 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.05.15 22:27:54 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.05.15 22:27:54 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.05.15 22:27:54 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.05.15 22:27:53 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.05.15 22:27:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.05.15 22:27:52 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.05.15 22:27:52 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.05.15 22:27:52 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.05.15 22:27:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.05.15 22:27:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.05.15 22:27:52 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.05.15 22:27:52 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.05.15 22:27:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.05.15 22:27:52 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.05.15 22:27:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.05.15 22:27:52 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.05.15 22:27:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.05.15 22:27:52 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\Documents\LiveZilla
[2011.05.15 22:27:45 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011.05.15 22:27:44 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011.05.15 22:27:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011.05.15 22:27:42 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.05.15 22:27:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.05.15 22:27:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.05.15 22:27:38 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011.05.15 22:27:38 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011.05.15 22:27:38 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2011.05.15 22:27:38 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2011.05.15 22:27:37 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011.05.15 22:27:37 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011.05.15 22:27:25 | 000,000,000 | ---D | C] -- C:\ProgramData\{503C37A9-D7FC-4D65-B7D0-55886F41E2BA}
[2011.05.15 22:27:23 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.05.15 22:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveZilla
[2011.05.15 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveZilla
[2011.05.15 22:27:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.05.15 22:27:04 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Mozilla
[2011.05.15 22:27:01 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Thunderbird
[2011.05.15 22:27:01 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Thunderbird
[2011.05.15 22:26:56 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.15 22:26:53 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011.05.15 22:26:42 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.05.15 22:26:42 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.05.15 22:26:42 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.05.15 22:26:42 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.05.15 22:26:41 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.05.15 22:26:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.05.15 22:26:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.05.15 22:26:38 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011.05.15 22:26:37 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011.05.15 22:26:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2011.05.15 22:26:30 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.05.15 22:26:30 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.05.15 22:26:29 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.05.15 22:26:29 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.05.15 22:26:18 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011.05.15 22:26:17 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011.05.15 22:26:16 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011.05.15 22:26:16 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011.05.15 22:26:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.05.15 22:26:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.05.15 22:26:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.05.15 22:26:10 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011.05.15 22:26:08 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.05.15 22:26:08 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.05.15 22:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011.05.15 22:26:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011.05.15 22:23:15 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.05.15 22:22:27 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Google
[2011.05.15 22:20:31 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Macromedia
[2011.05.15 22:20:31 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Adobe
[2011.05.15 22:19:37 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.15 22:19:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.05.15 22:14:37 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.05.15 22:14:37 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Searches
[2011.05.15 22:14:37 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.05.15 22:14:27 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Identities
[2011.05.15 22:14:24 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Contacts
[2011.05.15 22:14:22 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\VirtualStore
[2011.05.15 22:14:12 | 000,000,000 | --SD | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Videos
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Saved Games
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Pictures
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Music
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Links
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Favorites
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Downloads
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Documents
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\Desktop
[2011.05.15 22:14:12 | 000,000,000 | R--D | C] -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Vorlagen
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\AppData\Local\Verlauf
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\AppData\Local\Temporary Internet Files
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Startmenü
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\SendTo
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Recent
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Netzwerkumgebung
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Lokale Einstellungen
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Documents\Eigene Videos
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Documents\Eigene Musik
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Eigene Dateien
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Documents\Eigene Bilder
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Druckumgebung
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Cookies
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\AppData\Local\Anwendungsdaten
[2011.05.15 22:14:12 | 000,000,000 | -HSD | C] -- C:\Users\kakuzu\Anwendungsdaten
[2011.05.15 22:14:12 | 000,000,000 | -H-D | C] -- C:\Users\kakuzu\AppData
[2011.05.15 22:14:12 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Temp
[2011.05.15 22:14:12 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Local\Microsoft
[2011.05.15 22:14:12 | 000,000,000 | ---D | C] -- C:\Users\kakuzu\AppData\Roaming\Media Center Programs
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.15 22:13:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.05.15 22:07:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.05.15 22:04:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.05.15 22:04:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.04.26 07:58:12 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011.04.26 07:58:12 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.21 14:27:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174987235-2124422742-3843735593-1001UA.job
[2011.05.21 14:23:14 | 000,014,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 14:23:14 | 000,014,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 14:19:38 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.21 14:19:38 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.21 14:19:38 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.21 14:19:38 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.21 14:19:38 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.21 14:15:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.21 14:14:58 | 3216,949,248 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.21 08:52:22 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 08:52:00 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\kakuzu\Desktop\mbam-setup-1.50.1.1100.exe
[2011.05.21 00:51:50 | 000,001,426 | ---- | M] () -- C:\Users\kakuzu\Desktop\WipeDisk - Verknüpfung.lnk
[2011.05.20 22:27:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174987235-2124422742-3843735593-1001Core.job
[2011.05.20 19:23:38 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2011.05.20 19:23:37 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2011.05.20 17:36:01 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk
[2011.05.17 04:36:29 | 000,001,615 | ---- | M] () -- C:\Users\kakuzu\Desktop\DivX Movies.lnk
[2011.05.17 04:36:03 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011.05.17 03:01:36 | 000,001,882 | ---- | M] () -- C:\Users\kakuzu\Documents\adfree.php
[2011.05.17 02:57:43 | 000,001,279 | ---- | M] () -- C:\Users\kakuzu\Documents\adfree.html
[2011.05.17 02:55:06 | 000,001,632 | ---- | M] () -- C:\Users\kakuzu\Documents\shop.php
[2011.05.16 19:30:38 | 000,000,119 | ---- | M] () -- C:\Users\kakuzu\.gitconfig
[2011.05.16 19:05:44 | 000,135,168 | ---- | M] (Simon Tatham) -- C:\Users\kakuzu\Desktop\pageant.exe
[2011.05.16 18:46:58 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Git Bash.lnk
[2011.05.16 17:40:23 | 000,001,050 | ---- | M] () -- C:\Users\kakuzu\Desktop\Weaverslave.lnk
[2011.05.16 17:34:09 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.05.16 17:34:09 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.05.16 17:34:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.05.16 17:34:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.05.16 16:01:36 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.16 16:00:26 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.16 15:45:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.05.16 15:45:44 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.05.16 15:45:44 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.05.16 15:45:44 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.05.16 15:45:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.05.16 15:45:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.05.16 15:45:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.05.16 15:45:44 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.05.16 15:45:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.05.16 15:45:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.05.16 15:45:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.05.16 15:45:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.05.16 15:45:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.05.16 15:45:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.05.16 15:45:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.05.16 15:45:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.05.16 15:45:44 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.05.16 15:45:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.05.16 15:45:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.05.16 15:45:43 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.05.16 15:45:43 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.05.16 15:45:43 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.05.16 15:45:43 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.05.16 15:45:43 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.05.16 15:45:43 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.05.16 15:45:43 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.05.16 15:45:43 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.05.16 15:45:43 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.05.16 15:45:43 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.05.16 15:45:43 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.05.16 15:45:43 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.05.16 15:45:43 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.05.16 15:45:43 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.05.16 15:45:43 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.05.16 15:45:43 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.05.16 15:45:43 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.05.16 15:45:43 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.05.16 15:45:43 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.05.16 15:45:43 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.05.16 15:45:43 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.05.16 15:45:43 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.05.16 15:45:43 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.05.16 15:45:43 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.05.16 15:45:43 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.05.16 15:45:43 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.05.16 15:45:43 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.05.16 15:45:43 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.05.16 15:45:43 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.05.16 15:45:43 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.05.16 15:45:43 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.05.16 15:45:43 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.05.16 15:45:43 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.05.16 15:45:43 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.05.16 15:45:43 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.05.16 15:45:43 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.05.16 15:45:43 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.05.16 15:45:43 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.05.16 15:45:43 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.05.16 15:45:43 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.05.16 15:45:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.05.16 15:45:43 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.05.16 15:45:43 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.05.16 15:45:43 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.05.16 15:45:43 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.05.16 15:45:43 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.05.16 15:45:43 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.16 15:45:43 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.16 15:45:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.05.16 15:45:43 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.05.16 15:45:43 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.05.16 15:45:43 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.05.16 15:45:43 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.05.16 15:45:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.05.16 15:45:43 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.05.16 15:45:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.05.16 15:45:43 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.05.16 15:45:43 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.05.16 15:45:43 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.05.16 15:45:43 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.05.16 15:45:43 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.05.16 13:58:53 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.05.16 02:04:03 | 000,298,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.16 00:48:04 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 6.9.1.lnk
[2011.05.16 00:28:03 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.05.16 00:23:37 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.0.lnk
[2011.05.16 00:16:19 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.05.16 00:06:01 | 000,000,600 | ---- | M] () -- C:\Users\kakuzu\AppData\Roaming\winscp.rnd
[2011.05.16 00:02:05 | 000,008,412 | ---- | M] () -- C:\Users\kakuzu\Documents\quest.php
[2011.05.16 00:00:29 | 000,002,106 | ---- | M] () -- C:\Users\kakuzu\Documents\quests.html
[2011.05.15 22:35:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.05.15 22:08:07 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.05.15 22:08:07 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.05.10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.05.10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.05.10 14:10:44 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.05.10 14:04:08 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.05.10 14:04:07 | 000,287,576 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.05.10 14:02:41 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.05.10 13:59:59 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.05.10 13:59:48 | 000,064,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.05.10 13:59:37 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.05.08 04:56:16 | 000,011,275 | ---- | M] () -- C:\Users\kakuzu\Documents\members.html
[2011.05.02 02:54:12 | 000,000,273 | ---- | M] () -- C:\Users\kakuzu\Documents\username_ok.html
[2011.04.26 07:58:12 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011.04.26 07:58:12 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
 
========== Files Created - No Company Name ==========
 
[2011.05.21 08:52:22 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 00:51:50 | 000,001,426 | ---- | C] () -- C:\Users\kakuzu\Desktop\WipeDisk - Verknüpfung.lnk
[2011.05.20 17:36:01 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk
[2011.05.17 04:36:29 | 000,001,615 | ---- | C] () -- C:\Users\kakuzu\Desktop\DivX Movies.lnk
[2011.05.17 04:36:03 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011.05.17 02:20:16 | 000,001,882 | ---- | C] () -- C:\Users\kakuzu\Documents\adfree.php
[2011.05.17 02:18:26 | 000,001,279 | ---- | C] () -- C:\Users\kakuzu\Documents\adfree.html
[2011.05.17 01:54:08 | 000,001,632 | ---- | C] () -- C:\Users\kakuzu\Documents\shop.php
[2011.05.16 19:30:25 | 000,000,119 | ---- | C] () -- C:\Users\kakuzu\.gitconfig
[2011.05.16 18:46:58 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Git Bash.lnk
[2011.05.16 17:40:23 | 000,001,050 | ---- | C] () -- C:\Users\kakuzu\Desktop\Weaverslave.lnk
[2011.05.16 16:00:26 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.16 16:00:26 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.16 15:45:43 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.16 15:45:43 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.16 13:58:53 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.05.16 13:58:53 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.05.16 01:15:01 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011.05.16 01:00:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.05.16 00:48:04 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 6.9.1.lnk
[2011.05.16 00:28:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.05.16 00:23:37 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.0.lnk
[2011.05.16 00:16:19 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.05.16 00:05:32 | 000,000,600 | ---- | C] () -- C:\Users\kakuzu\AppData\Roaming\winscp.rnd
[2011.05.15 23:42:12 | 000,002,106 | ---- | C] () -- C:\Users\kakuzu\Documents\quests.html
[2011.05.15 23:39:56 | 000,008,412 | ---- | C] () -- C:\Users\kakuzu\Documents\quest.php
[2011.05.15 22:35:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011.05.15 22:22:29 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174987235-2124422742-3843735593-1001UA.job
[2011.05.15 22:22:27 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174987235-2124422742-3843735593-1001Core.job
[2011.05.15 22:14:46 | 000,001,409 | ---- | C] () -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.05.15 22:14:40 | 000,001,443 | ---- | C] () -- C:\Users\kakuzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.05.15 22:07:58 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.05.15 22:07:55 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.05.15 22:04:16 | 3216,949,248 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.08 04:56:16 | 000,011,275 | ---- | C] () -- C:\Users\kakuzu\Documents\members.html
[2011.05.02 02:54:12 | 000,000,273 | ---- | C] () -- C:\Users\kakuzu\Documents\username_ok.html
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003.11.25 17:05:20 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\UNLHA32.DLL
[1998.01.15 14:46:22 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\OatLHA.DLL

< End of report >
         

Alt 23.05.2011, 12:07   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



War das der erste und einzige Scan mit Malwarebytes? Oder schon öfter gescannt? Wenn ja, zu jedem Scan gibt es auch ein Log, dann bitte alle posten.
__________________

__________________

Alt 23.05.2011, 12:35   #3
kakuzu
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Das war der erste und einzige Scan von Malewarebytes. Frisch nach der Installation.
Noch nen kleiner Zusatz, ich habe vor 2 Tagen das E-Mail PW wieder geändert. Heute haben mich wieder Meldungen erreicht über Spammails die aber von der gegenseite nicht angenommen werden konnten, weil zB der Empfänger nicht mehr vorhanden war.
Es scheinen nur EMails an Personen zu gehen, die auf meiner Kontaktliste stehen und zu Personen zu denen ich bereits EMails gesendet hatte.
Wodurch ich ausschließen kann das nur die Absenderadresse in dem Fall meine EMail Adresse gefakt wurde.
__________________

Alt 23.05.2011, 13:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Zitat:
eil zB der Empfänger nicht mehr vorhanden war.
Das passiert wenn Spammer Adressen fälschen. Hatten wir schon öfter hier. Machen kannst du dagegen garnichts, wenn die Spammer zufällig ihre Absendeadresse fälschen und deine dann einfach eintragen. Das ist Zufall/Pech.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 23.05.2011, 14:18   #5
kakuzu
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Ok, mich wundert nur das die Mails ausgerechnet an die Kontakte und die Personen gehen, denen ich Bereits eine EMail gesendet habe. Irgendwoher müssen sie ja meine Kontakte haben.


Alt 23.05.2011, 18:36   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Wie einfach/komplex ist denn dein Passwort gestrickt für das Mailkonto?
Vorher schonmal Befall gehabt, wodurch Schädlinge an die Kontaktdaten rangekommen sein könnten?
__________________
--> Automatischer Versand von Spammails (mail.live.com)

Alt 24.05.2011, 13:16   #7
kakuzu
 
Automatischer Versand von Spammails (mail.live.com) - Standard

Automatischer Versand von Spammails (mail.live.com)



Es wäre natürlich möglich das derjenige vor dem neu aufsetzen des Betriebssystemes an die Daten gekommen ist.
Passwort ist recht Sicher. Zahlen + Buchstaben + Sonderzeichen und 9 Stellen lang das zu Knacken würde etwas länger dauern.
Ich werde mal den E-Mail verkehr weiter Beobachten und hoffen das derjenige irgendwann von Alleine auf hört.

Antwort

Themen zu Automatischer Versand von Spammails (mail.live.com)
.dll, 64-bit, adobe, antivirus, autorun, avast, avast!, bho, e-mail, e-mail account, error, explorer, extension.mismatch, firefox, format, google, google chrome, home, langs, lizenz, log, löschen, mozilla, mozilla thunderbird, nicht sicher, object, oldtimer, ordner, plug-in, problem, programme, registry, searchplugins, seiten, software, start menu, syswow64, webcheck, windows




Ähnliche Themen: Automatischer Versand von Spammails (mail.live.com)


  1. Seltsame E-Mail zurück bekommen (failure notice) beim E-Mail-Versand
    Überwachung, Datenschutz und Spam - 14.09.2015 (7)
  2. selbständiger e-Mail Versand
    Alles rund um Windows - 08.05.2015 (1)
  3. Spammails werden von meinem 1&1 Account versand ( Win7)
    Log-Analyse und Auswertung - 13.07.2014 (13)
  4. Mail delivery failed, aber nur in Windows live mail
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (8)
  5. Jemand nutzt meine Mail Adresse zum SPAM Versand - unverwünschte Mails vom Mailder Deameon
    Überwachung, Datenschutz und Spam - 18.07.2013 (3)
  6. Windows Live Mail - Spam versand ?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (7)
  7. Spammails versand von meinem pc
    Log-Analyse und Auswertung - 14.08.2012 (1)
  8. Automatischer Mail-Versand /Malwarebytes- und ESET Log
    Log-Analyse und Auswertung - 22.07.2012 (10)
  9. Automatischer E-MAIL Versand im GMX Postfach
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (4)
  10. automatischer Versand von Emails durch gmx
    Log-Analyse und Auswertung - 13.07.2012 (3)
  11. Hotmail Konto gesperrt nach Spam Mail Versand / Trojaner Verdacht!
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (4)
  12. Automatischer eMail-Versand aus Web.de mit Link
    Plagegeister aller Art und deren Bekämpfung - 03.06.2012 (5)
  13. Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (18)
  14. Automatischer Versand von Spammails (doppel)
    Mülltonne - 21.05.2011 (0)
  15. Mein AOL E-Mail Account versendet Spammails an meine Kontakte Outlook2007
    Plagegeister aller Art und deren Bekämpfung - 11.04.2011 (18)
  16. Ungewollter E-Mail Versand und C:\Windows\system32\mfplay.dll
    Log-Analyse und Auswertung - 20.03.2010 (4)
  17. E-Mail-Adressen für Sober-Versand
    Plagegeister aller Art und deren Bekämpfung - 14.01.2004 (0)

Zum Thema Automatischer Versand von Spammails (mail.live.com) - Guten Tag, seit einiger Zeit stelle ich fest das von meinem E-Mail Account regelmäßig Spammails versendet werden die legentlich einen Link enthalten. Meist zu Englischen Seiten auf denen Produkte beworben - Automatischer Versand von Spammails (mail.live.com)...
Archiv
Du betrachtest: Automatischer Versand von Spammails (mail.live.com) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.