djm68
-
Posts
4 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by djm68
-
-
Yes, those posts crossed eachother, i'll post to the hijack this forum.
I cannot use the hotmail filters since all the mails are sent in my name and using my e-mail address to only different receivers.
It's all outgoing.
thanks for all the help so far.
-
Thanks for your answer, malware bytes is running
I just tried mailwasher but unfortunately it can only be used for pop3 like e-mail.
What's the difference between msn and regular hotmail?
I searched for blocking options but only incoming mail can be blocked or filtered.
-
hello,
I ran into heavy privacy abuse as I may call it.
During the past hour 6 automated mails about a new version of world of warcraft, all with the same title and contents, were sent from my hotmail address to several other addresses.
I am not a gamer and I don't have the game or an illegal version installed on my pc.
Is this a matter of 'just' an infected pc or is something else going on?
I haven't been able to change my password yet sinds the reference e-mail is outdated and the confirmation mails to recent addresses don't come through.
I just found out that the spam like mails are even sent while I am not logged in!
automated mails sent from hotmail
in Resolved Malware Removal Logs
Posted
Hello,
I was directed to the expert forum with the issue I have.
I ran into heavy privacy abuse as I may call it.
During the past hour many automated mails about a new version of world of warcraft, all with the same title and contents, were sent from my hotmail address to several other addresses.
I am not a gamer and I don't have the game or an illegal version installed on my pc.
Is this a matter of 'just' an infected pc or is something else going on?
I haven't been able to change my password yet sinds the reference e-mail is outdated and the confirmation mails to recent addresses don't come through.
The spam like mails are even sent while I am not logged in!
These are the dds.txt contents
DDS (Ver_10-10-10.03) - NTFSx86
Run by dieter at 20:25:34,86 on ma 18-10-2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1033.18.2046.884 [GMT 2:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\PhenomMsrTweaker\PhenomMsrTweakerService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\PhenomMsrTweaker\PhenomMsrTweaker.exe
E:\programma's\1. BASIS PROGRAMMA'S NA NIEUWE WINDOWS INSTALLATIE\NetworkIndicator.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
E:\programma's\ANTI VIRUS, SPYWARE, ADWARE, ETC\clean up software major geeks\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\dieter\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.nl/
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m
uRun: [PhenomMsrTweaker.exe] c:\program files\phenommsrtweaker\PhenomMsrTweaker.exe
uRun: [NetworkIndicator.exe] e:\programma's\1. basis programma's na nieuwe windows installatie\NetworkIndicator.exe
uRun: [AdobeBridge]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\dieter\appdata\roaming\mozilla\firefox\profiles\ymf0tf4n.default\
FF - prefs.js: browser.search.selectedEngine - bol.com
FF - prefs.js: browser.startup.homepage - www.google.nl
FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\abn amro e.dentifier2\mozilla\npBECON.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
============= SERVICES / DRIVERS ===============
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-10-5 361216]
R2 PhenomMsrTweaker;PhenomMsrTweaker service;c:\program files\phenommsrtweaker\PhenomMsrTweakerService.exe [2010-6-3 158720]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [2008-3-20 23040]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-10-17 277536]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-8-9 123112]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\phenommsrtweaker\WinRing0.sys [2010-6-3 14416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-17 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-17 1343400]
=============== Created Last 30 ================
2010-10-18 18:06:03 -------- d-----w- c:\users\dieter\appdata\roaming\MailWasherFree
2010-10-18 18:06:03 -------- d-----w- c:\program files\FireTrust
2010-10-18 18:04:16 -------- d-----w- c:\users\dieter\appdata\roaming\Malwarebytes
2010-10-18 18:04:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-18 18:04:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-18 18:04:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-18 18:04:08 -------- d-----w- c:\progra~2\Malwarebytes
2010-10-18 13:08:18 -------- d-----w- c:\program files\common files\ScanSoft Shared
2010-10-18 13:07:56 -------- d-----w- c:\program files\ScanSoft
2010-10-18 13:06:29 -------- d-----w- c:\program files\common files\CANON
2010-10-18 13:05:41 69632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP87.DLL
2010-10-18 13:05:41 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD87.DLL
2010-10-18 13:05:41 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\1_CNMPD87.DLL
2010-10-18 13:05:21 197632 ----a-w- c:\windows\system32\CNMLM87.DLL
2010-10-18 13:05:14 106496 ----a-w- c:\windows\system32\cnco600.dll
2010-10-18 13:05:13 57344 ----a-w- c:\windows\system32\CNCI600.DLL
2010-10-18 13:05:13 135168 ----a-w- c:\windows\system32\CNCL600.DLL
2010-10-18 13:05:12 1298432 ----a-w- c:\windows\system32\CNCC600.DLL
2010-10-18 13:04:13 -------- d-----w- c:\program files\Canon
2010-10-18 10:41:20 -------- d-----w- c:\program files\Microsoft
2010-10-18 10:41:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-10-18 05:32:43 24576 ----a-r- c:\windows\system32\AsIO.dll
2010-10-18 05:32:43 11296 ----a-r- c:\windows\system32\drivers\AsIO.sys
2010-10-18 05:32:37 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2010-10-18 05:32:37 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2010-10-18 05:32:37 -------- d-----w- c:\program files\ASUS
2010-10-18 05:32:06 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2010-10-18 05:32:06 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2010-10-18 05:32:05 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2010-10-18 05:32:05 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2010-10-17 23:56:17 -------- d-----w- c:\windows\Panther
2010-10-17 19:46:49 -------- d-----w- c:\program files\common files\PX Storage Engine
2010-10-17 19:46:26 -------- d-----w- c:\program files\common files\DivX Shared
2010-10-17 19:45:40 -------- d-----w- c:\users\dieter\appdata\local\Google
2010-10-17 19:45:33 -------- d-----w- c:\program files\DivX
2010-10-17 19:45:08 -------- d-----w- c:\progra~2\DivX
2010-10-17 19:42:21 165376 ----a-w- c:\windows\system32\unrar.dll
2010-10-17 19:42:20 839680 ----a-w- c:\windows\system32\lameACM.acm
2010-10-17 19:42:20 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-10-17 19:42:20 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-10-17 19:42:20 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-10-17 19:42:20 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-10-17 19:42:20 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-10-17 19:42:18 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-10-17 19:31:51 -------- d-----w- c:\program files\Total Video Converter
2010-10-17 19:21:51 -------- d-----w- c:\users\dieter\appdata\local\ATI
2010-10-17 19:18:37 10632 ----a-w- c:\windows\system32\drivers\amdide.sys
2010-10-17 19:18:35 7680 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2010-10-17 19:18:33 -------- d-----w- c:\program files\common files\ATI Technologies
2010-10-17 19:18:09 372736 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-10-17 18:37:31 -------- d-----w- c:\progra~2\regid.1986-12.com.adobe
2010-10-17 18:19:22 -------- d-----w- c:\users\dieter\Library
2010-10-17 18:19:22 -------- d-----w- c:\users\dieter\appdata\roaming\com.adobe.ExMan
2010-10-17 18:11:50 -------- d-----w- c:\program files\common files\Macrovision Shared
2010-10-17 17:51:48 -------- d-----w- c:\users\dieter\Tracing
2010-10-17 17:42:30 3181568 ----a-w- c:\windows\system32\mf.dll
2010-10-17 17:42:30 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-10-17 17:42:29 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-10-17 17:41:15 -------- d-----w- c:\users\dieter\appdata\local\Windows Live
2010-10-17 17:41:14 -------- d-----w- c:\program files\common files\Windows Live
2010-10-17 17:13:22 -------- d-----w- c:\users\dieter\dwhelper
2010-10-17 17:11:28 -------- d-----w- c:\users\dieter\appdata\roaming\AVS4YOU
2010-10-17 17:11:27 -------- d-----w- c:\progra~2\AVS4YOU
2010-10-17 17:09:38 -------- d-----w- c:\program files\common files\AVSMedia
2010-10-17 17:09:17 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-10-17 17:09:17 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-10-17 17:09:17 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-10-17 17:09:17 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-10-17 17:09:17 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2010-10-17 17:09:17 -------- d-----w- c:\program files\AVS4YOU
2010-10-17 16:44:00 -------- d-----w- c:\program files\ABN AMRO e.dentifier2
2010-10-17 16:37:28 -------- d-----w- c:\program files\Unlocker
2010-10-17 16:26:30 -------- d-----w- c:\users\dieter\appdata\roaming\Auslogics
2010-10-17 16:26:21 -------- d-----w- c:\program files\Auslogics
2010-10-17 16:22:47 -------- d-----w- c:\program files\CCleaner
2010-10-17 16:09:02 -------- d-----w- c:\users\dieter\appdata\local\Adobe
2010-10-17 15:58:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-17 15:58:07 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-10-17 15:48:43 -------- d-----r- C:\Sandbox
2010-10-17 15:48:11 -------- d-----w- c:\program files\Sandboxie
2010-10-17 15:45:47 -------- d-----w- c:\program files\IObit
2010-10-17 15:40:22 -------- d-----w- c:\program files\PhenomMsrTweaker
2010-10-17 15:32:29 109240 ----a-w- c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
2010-10-17 15:32:28 150200 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2010-10-17 15:32:22 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-10-17 15:32:22 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-10-17 15:31:49 -------- d-----w- c:\program files\Kaspersky Lab
2010-10-17 15:31:49 -------- d-----w- c:\progra~2\Kaspersky Lab
2010-10-17 15:26:14 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-10-17 15:26:06 -------- d-----w- c:\windows\PCHEALTH
2010-10-17 15:26:06 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-10-17 15:24:45 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-10-17 15:24:22 -------- d-----w- c:\users\dieter\appdata\local\Microsoft Help
2010-10-17 15:22:26 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2010-10-17 15:22:26 -------- d-----w- c:\program files\MagicDisc
2010-10-17 15:19:28 -------- d-----w- c:\users\dieter\appdata\roaming\Azureus
2010-10-17 15:19:14 -------- d-----w- c:\program files\Vuze
2010-10-17 15:19:12 -------- d-----w- c:\program files\Conduit
2010-10-17 15:19:11 -------- d-----w- c:\program files\ConduitEngine
2010-10-17 15:19:10 -------- d-----w- c:\program files\Vuze_Remote
2010-10-17 15:17:29 -------- d-----w- c:\windows\system32\Adobe
2010-10-17 15:10:58 -------- d-----w- c:\program files\VS Revo Group
2010-10-17 14:48:53 -------- d-----w- c:\users\dieter\appdata\roaming\IObit
2010-10-17 14:47:01 -------- d-----w- c:\windows\nl-NL
2010-10-17 14:47:00 -------- d-----w- c:\windows\system32\nl
2010-10-17 14:47:00 -------- d-----w- c:\windows\system32\0413
2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\XPSViewer
2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2010-10-17 14:46:57 -------- d-----w- c:\windows\system32\drivers\nl-NL
2010-10-17 14:46:54 -------- d-----w- c:\windows\system32\wbem\nl-NL
2010-10-17 14:44:51 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\nl-nl\LXKPTPRC.DLL.mui
2010-10-17 14:44:27 -------- d-----w- c:\windows\system32\Wat
2010-10-17 14:42:33 -------- d-----w- c:\users\dieter\appdata\local\Mozilla
2010-10-17 14:38:06 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{f5a57b72-9189-4914-b0a2-274686a6e682}\mpengine.dll
2010-10-17 14:38:06 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-10-17 14:37:40 -------- d-----w- c:\progra~2\Kaspersky Lab ZAO
2010-10-17 14:37:28 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-10-17 14:36:39 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-10-17 14:36:39 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-10-17 14:36:39 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-10-17 14:36:39 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-10-17 14:36:39 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-10-17 14:34:17 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-10-17 14:30:36 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-10-17 14:30:36 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-17 14:30:36 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-10-17 14:30:26 132608 ----a-w- c:\windows\system32\cabview.dll
2010-10-17 14:23:49 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2010-10-17 14:23:49 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-10-17 14:23:49 277536 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2010-10-17 14:23:25 -------- d-----w- c:\program files\Realtek
2010-10-17 14:09:39 -------- d-----w- c:\program files\ATI
2010-10-17 14:08:57 -------- d-----w- c:\program files\ATI Technologies
2010-10-17 14:08:32 -------- d-----w- c:\windows\system32\wbem\Performance
2010-10-17 14:08:30 -------- d-----w- c:\program files\VIA
2010-10-17 14:08:17 -------- d-sh--w- c:\windows\Installer
2010-10-17 14:04:56 -------- d-sh--w- C:\Recovery
2010-10-17 14:00:12 71168 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNBPP4.DLL
2010-10-17 13:59:07 0 ----a-w- c:\windows\ativpsrm.bin
2010-10-05 19:27:04 228024 ----a-w- c:\windows\system32\klogon.dll
2010-10-02 18:40:48 -------- d-----w- C:\c57c2a19d822d0b176a2c0dc886f
==================== Find3M ====================
2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-18 05:58:02 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-08-18 05:58:02 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
============= FINISH: 20:26:33,22 ===============
attach.zip
mbam_log_2010_10_18__20_22_35_.txt