djm68

Hello, I was directed to the expert forum with the issue I have. I ran into heavy privacy abuse as I may call it. During the past hour many automated mails about a new version of world of warcraft, all with the same title and contents, were sent from my hotmail address to several other addresses. I am not a gamer and I don't have the game or an illegal version installed on my pc. Is this a matter of 'just' an infected pc or is something else going on? I haven't been able to change my password yet sinds the reference e-mail is outdated and the confirmation mails to recent addresses don't come through. The spam like mails are even sent while I am not logged in! These are the dds.txt contents DDS (Ver_10-10-10.03) - NTFSx86 Run by dieter at 20:25:34,86 on ma 18-10-2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.2046.884 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Windows\system32\taskhost.exe C:\Program Files\PhenomMsrTweaker\PhenomMsrTweakerService.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\PhenomMsrTweaker\PhenomMsrTweaker.exe E:\programma's\1. BASIS PROGRAMMA'S NA NIEUWE WINDOWS INSTALLATIE\NetworkIndicator.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Windows\explorer.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe E:\programma's\ANTI VIRUS, SPYWARE, ADWARE, ETC\clean up software major geeks\Defogger.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\dieter\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.nl/ uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m uRun: [PhenomMsrTweaker.exe] c:\program files\phenommsrtweaker\PhenomMsrTweaker.exe uRun: [NetworkIndicator.exe] e:\programma's\1. basis programma's na nieuwe windows installatie\NetworkIndicator.exe uRun: [AdobeBridge] mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe" mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\dieter\appdata\roaming\mozilla\firefox\profiles\ymf0tf4n.default\ FF - prefs.js: browser.search.selectedEngine - bol.com FF - prefs.js: browser.startup.homepage - www.google.nl FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\abn amro e.dentifier2\mozilla\npBECON.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); ============= SERVICES / DRIVERS =============== R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104] R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-10-5 361216] R2 PhenomMsrTweaker;PhenomMsrTweaker service;c:\program files\phenommsrtweaker\PhenomMsrTweakerService.exe [2010-6-3 158720] R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [2008-3-20 23040] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-10-17 277536] R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-8-9 123112] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\phenommsrtweaker\WinRing0.sys [2010-6-3 14416] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-17 135664] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-17 1343400] =============== Created Last 30 ================ 2010-10-18 18:06:03 -------- d-----w- c:\users\dieter\appdata\roaming\MailWasherFree 2010-10-18 18:06:03 -------- d-----w- c:\program files\FireTrust 2010-10-18 18:04:16 -------- d-----w- c:\users\dieter\appdata\roaming\Malwarebytes 2010-10-18 18:04:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-10-18 18:04:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-10-18 18:04:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-10-18 18:04:08 -------- d-----w- c:\progra~2\Malwarebytes 2010-10-18 13:08:18 -------- d-----w- c:\program files\common files\ScanSoft Shared 2010-10-18 13:07:56 -------- d-----w- c:\program files\ScanSoft 2010-10-18 13:06:29 -------- d-----w- c:\program files\common files\CANON 2010-10-18 13:05:41 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP87.DLL 2010-10-18 13:05:41 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD87.DLL 2010-10-18 13:05:41 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\1_CNMPD87.DLL 2010-10-18 13:05:21 197632 ----a-w- c:\windows\system32\CNMLM87.DLL 2010-10-18 13:05:14 106496 ----a-w- c:\windows\system32\cnco600.dll 2010-10-18 13:05:13 57344 ----a-w- c:\windows\system32\CNCI600.DLL 2010-10-18 13:05:13 135168 ----a-w- c:\windows\system32\CNCL600.DLL 2010-10-18 13:05:12 1298432 ----a-w- c:\windows\system32\CNCC600.DLL 2010-10-18 13:04:13 -------- d-----w- c:\program files\Canon 2010-10-18 10:41:20 -------- d-----w- c:\program files\Microsoft 2010-10-18 10:41:02 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-10-18 05:32:43 24576 ----a-r- c:\windows\system32\AsIO.dll 2010-10-18 05:32:43 11296 ----a-r- c:\windows\system32\drivers\AsIO.sys 2010-10-18 05:32:37 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys 2010-10-18 05:32:37 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys 2010-10-18 05:32:37 -------- d-----w- c:\program files\ASUS 2010-10-18 05:32:06 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll 2010-10-18 05:32:06 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll 2010-10-18 05:32:05 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll 2010-10-18 05:32:05 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll 2010-10-17 23:56:17 -------- d-----w- c:\windows\Panther 2010-10-17 19:46:49 -------- d-----w- c:\program files\common files\PX Storage Engine 2010-10-17 19:46:26 -------- d-----w- c:\program files\common files\DivX Shared 2010-10-17 19:45:40 -------- d-----w- c:\users\dieter\appdata\local\Google 2010-10-17 19:45:33 -------- d-----w- c:\program files\DivX 2010-10-17 19:45:08 -------- d-----w- c:\progra~2\DivX 2010-10-17 19:42:21 165376 ----a-w- c:\windows\system32\unrar.dll 2010-10-17 19:42:20 839680 ----a-w- c:\windows\system32\lameACM.acm 2010-10-17 19:42:20 790528 ----a-w- c:\windows\system32\xvidcore.dll 2010-10-17 19:42:20 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-10-17 19:42:20 151552 ----a-w- c:\windows\system32\ac3acm.acm 2010-10-17 19:42:20 134144 ----a-w- c:\windows\system32\xvidvfw.dll 2010-10-17 19:42:20 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-10-17 19:42:18 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-10-17 19:31:51 -------- d-----w- c:\program files\Total Video Converter 2010-10-17 19:21:51 -------- d-----w- c:\users\dieter\appdata\local\ATI 2010-10-17 19:18:37 10632 ----a-w- c:\windows\system32\drivers\amdide.sys 2010-10-17 19:18:35 7680 ----a-w- c:\windows\system32\drivers\AtiPcie.sys 2010-10-17 19:18:33 -------- d-----w- c:\program files\common files\ATI Technologies 2010-10-17 19:18:09 372736 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-10-17 18:37:31 -------- d-----w- c:\progra~2\regid.1986-12.com.adobe 2010-10-17 18:19:22 -------- d-----w- c:\users\dieter\Library 2010-10-17 18:19:22 -------- d-----w- c:\users\dieter\appdata\roaming\com.adobe.ExMan 2010-10-17 18:11:50 -------- d-----w- c:\program files\common files\Macrovision Shared 2010-10-17 17:51:48 -------- d-----w- c:\users\dieter\Tracing 2010-10-17 17:42:30 3181568 ----a-w- c:\windows\system32\mf.dll 2010-10-17 17:42:30 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-10-17 17:42:29 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-10-17 17:41:15 -------- d-----w- c:\users\dieter\appdata\local\Windows Live 2010-10-17 17:41:14 -------- d-----w- c:\program files\common files\Windows Live 2010-10-17 17:13:22 -------- d-----w- c:\users\dieter\dwhelper 2010-10-17 17:11:28 -------- d-----w- c:\users\dieter\appdata\roaming\AVS4YOU 2010-10-17 17:11:27 -------- d-----w- c:\progra~2\AVS4YOU 2010-10-17 17:09:38 -------- d-----w- c:\program files\common files\AVSMedia 2010-10-17 17:09:17 974848 ----a-w- c:\windows\system32\mfc70.dll 2010-10-17 17:09:17 487424 ----a-w- c:\windows\system32\msvcp70.dll 2010-10-17 17:09:17 344064 ----a-w- c:\windows\system32\msvcr70.dll 2010-10-17 17:09:17 24576 ----a-w- c:\windows\system32\msxml3a.dll 2010-10-17 17:09:17 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2010-10-17 17:09:17 -------- d-----w- c:\program files\AVS4YOU 2010-10-17 16:44:00 -------- d-----w- c:\program files\ABN AMRO e.dentifier2 2010-10-17 16:37:28 -------- d-----w- c:\program files\Unlocker 2010-10-17 16:26:30 -------- d-----w- c:\users\dieter\appdata\roaming\Auslogics 2010-10-17 16:26:21 -------- d-----w- c:\program files\Auslogics 2010-10-17 16:22:47 -------- d-----w- c:\program files\CCleaner 2010-10-17 16:09:02 -------- d-----w- c:\users\dieter\appdata\local\Adobe 2010-10-17 15:58:07 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-10-17 15:58:07 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll 2010-10-17 15:48:43 -------- d-----r- C:\Sandbox 2010-10-17 15:48:11 -------- d-----w- c:\program files\Sandboxie 2010-10-17 15:45:47 -------- d-----w- c:\program files\IObit 2010-10-17 15:40:22 -------- d-----w- c:\program files\PhenomMsrTweaker 2010-10-17 15:32:29 109240 ----a-w- c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll 2010-10-17 15:32:28 150200 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll 2010-10-17 15:32:22 97549 ----a-w- c:\windows\system32\drivers\klick.dat 2010-10-17 15:32:22 113933 ----a-w- c:\windows\system32\drivers\klin.dat 2010-10-17 15:31:49 -------- d-----w- c:\program files\Kaspersky Lab 2010-10-17 15:31:49 -------- d-----w- c:\progra~2\Kaspersky Lab 2010-10-17 15:26:14 -------- d-----w- c:\program files\Microsoft Synchronization Services 2010-10-17 15:26:06 -------- d-----w- c:\windows\PCHEALTH 2010-10-17 15:26:06 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-10-17 15:24:45 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-10-17 15:24:22 -------- d-----w- c:\users\dieter\appdata\local\Microsoft Help 2010-10-17 15:22:26 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys 2010-10-17 15:22:26 -------- d-----w- c:\program files\MagicDisc 2010-10-17 15:19:28 -------- d-----w- c:\users\dieter\appdata\roaming\Azureus 2010-10-17 15:19:14 -------- d-----w- c:\program files\Vuze 2010-10-17 15:19:12 -------- d-----w- c:\program files\Conduit 2010-10-17 15:19:11 -------- d-----w- c:\program files\ConduitEngine 2010-10-17 15:19:10 -------- d-----w- c:\program files\Vuze_Remote 2010-10-17 15:17:29 -------- d-----w- c:\windows\system32\Adobe 2010-10-17 15:10:58 -------- d-----w- c:\program files\VS Revo Group 2010-10-17 14:48:53 -------- d-----w- c:\users\dieter\appdata\roaming\IObit 2010-10-17 14:47:01 -------- d-----w- c:\windows\nl-NL 2010-10-17 14:47:00 -------- d-----w- c:\windows\system32\nl 2010-10-17 14:47:00 -------- d-----w- c:\windows\system32\0413 2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\XPSViewer 2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL 2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\drivers\nl-NL 2010-10-17 14:46:54 -------- d-----w- c:\windows\system32\wbem\nl-NL 2010-10-17 14:44:51 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\nl-nl\LXKPTPRC.DLL.mui 2010-10-17 14:44:27 -------- d-----w- c:\windows\system32\Wat 2010-10-17 14:42:33 -------- d-----w- c:\users\dieter\appdata\local\Mozilla 2010-10-17 14:38:06 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{f5a57b72-9189-4914-b0a2-274686a6e682}\mpengine.dll 2010-10-17 14:38:06 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 14:37:40 -------- d-----w- c:\progra~2\Kaspersky Lab ZAO 2010-10-17 14:37:28 257024 ----a-w- c:\windows\system32\msv1_0.dll 2010-10-17 14:36:39 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-10-17 14:36:39 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-10-17 14:36:39 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-10-17 14:36:39 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-10-17 14:36:39 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-10-17 14:34:17 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-10-17 14:30:36 70656 ----a-w- c:\windows\system32\fontsub.dll 2010-10-17 14:30:36 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-10-17 14:30:36 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-10-17 14:30:26 132608 ----a-w- c:\windows\system32\cabview.dll 2010-10-17 14:23:49 94208 ----a-w- c:\windows\system32\RTNUninst32.dll 2010-10-17 14:23:49 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2010-10-17 14:23:49 277536 ----a-w- c:\windows\system32\drivers\Rt86win7.sys 2010-10-17 14:23:25 -------- d-----w- c:\program files\Realtek 2010-10-17 14:09:39 -------- d-----w- c:\program files\ATI 2010-10-17 14:08:57 -------- d-----w- c:\program files\ATI Technologies 2010-10-17 14:08:32 -------- d-----w- c:\windows\system32\wbem\Performance 2010-10-17 14:08:30 -------- d-----w- c:\program files\VIA 2010-10-17 14:08:17 -------- d-sh--w- c:\windows\Installer 2010-10-17 14:04:56 -------- d-sh--w- C:\Recovery 2010-10-17 14:00:12 71168 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNBPP4.DLL 2010-10-17 13:59:07 0 ----a-w- c:\windows\ativpsrm.bin 2010-10-05 19:27:04 228024 ----a-w- c:\windows\system32\klogon.dll 2010-10-02 18:40:48 -------- d-----w- C:\c57c2a19d822d0b176a2c0dc886f ==================== Find3M ==================== 2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll 2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec 2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll 2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-18 05:58:02 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-08-18 05:58:02 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll 2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll ============= FINISH: 20:26:33,22 =============== attach.zip mbam_log_2010_10_18__20_22_35_.txt

Yes, those posts crossed eachother, i'll post to the hijack this forum. I cannot use the hotmail filters since all the mails are sent in my name and using my e-mail address to only different receivers. It's all outgoing. thanks for all the help so far.

Thanks for your answer, malware bytes is running I just tried mailwasher but unfortunately it can only be used for pop3 like e-mail. What's the difference between msn and regular hotmail? I searched for blocking options but only incoming mail can be blocked or filtered.

hello, I ran into heavy privacy abuse as I may call it. During the past hour 6 automated mails about a new version of world of warcraft, all with the same title and contents, were sent from my hotmail address to several other addresses. I am not a gamer and I don't have the game or an illegal version installed on my pc. Is this a matter of 'just' an infected pc or is something else going on? I haven't been able to change my password yet sinds the reference e-mail is outdated and the confirmation mails to recent addresses don't come through. I just found out that the spam like mails are even sent while I am not logged in!