"Antivirus Plus" Virus?

ichmagaber · 15.09.2009, 10:36

Hallo!
zu erst einmal eine sache: ihr habt es mit einem absoluten greenhorn zu tun, sowohl bzgl. computer als auch internetforen, ich bitte also um nachsicht bei event. fehlern.

ich habe plötzlich ein programm auf meinem computer namens "antivirus plus"
alle paar minuten popt eine "viruswarnung" auf.
ich habe keine ahnung wie ich das entfernen kann.
meine google suche war relativ erfolglos, auch da die meisten seiten sich nicht öffnen ließen.
einzig zu eurem forum konnte ich gelangen, allerdings konnte ich zu dieser adresse
w*w.trojaner-board.de/58944-ist-antivirus-2009-und-wie-entferne-ich-es. html

nicht gelangen.
meine frage jetzt: wie werd ich das ding los?
falls jemand die frage schon beantwortet hat, wäre ich dankbar wenn jemand das hier her kopieren könnte!

vielen dank für eure hilfe!

p.s. als anhang noch n paar screenshots von den "virusmeldungen":

Angel21 · 15.09.2009, 14:39

Hallo

1. Bitte erstelle ein RSIT Logfile - sodass uns ein Einblick in Dein System gestattet ist.

2. Lasse danach Malwarebytes laufen in einem Vollständigem Scan (alle Partitionen).

3. Superantispyware laufen lassen - überprüfen wir hiermit ob noch mehr Infektionen als nur die von MBAM gefundene bestehen.

4. Poste alle anstehenden Logs hier her (RSIT, MBAM & SASW).

Inflames_123 · 08.11.2009, 19:00

Hallo und einen schönen guten abend,

ich habe schon einige Stunden im Netz damit verbracht nach diesen programm zu suchen und in Erfahrung zu bringen ob es schadhaft ist für mein Laptop.
Ich habe genau das gleiche Problem wie ichmagaber.Die folgenden Schritte wie sie beschrieben worden sind habe ich ausgeführt und werde gleich die Ergebnisse posten.

Inflames_123 · 08.11.2009, 19:03

Ergebniss Log von RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Flo at 2009-11-08 18:41:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 34 GB (55%) free of 62 GB
Total RAM: 3069 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:41:40, on 08.11.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Curse\CurseClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MobMapUpdater\MobMapUpdater.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Flo\Downloads\RSIT.exe
C:\Program Files\trend micro\Flo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O1 - Hosts: 212.95.49.250 www.google.com.br
O1 - Hosts: 212.95.49.250 www.google.dk
O1 - Hosts: 212.95.49.250 www.google.be
O1 - Hosts: 212.95.49.250 www.google.at
O1 - Hosts: 212.95.49.250 www.google.com.mx
O1 - Hosts: 212.95.49.250 www.google.fr
O1 - Hosts: 212.95.49.250 uk.search.yahoo.com
O1 - Hosts: 212.95.49.250 www.google.ch
O1 - Hosts: 212.95.49.250 www.google.co.jp
O1 - Hosts: 212.95.49.250 www.google.com.au
O1 - Hosts: 212.95.49.250 www.google.de
O1 - Hosts: 212.95.49.250 search.yahoo.com
O1 - Hosts: 212.95.49.250 www.google.gr
O1 - Hosts: 212.95.49.250 www.google.co.za
O1 - Hosts: 212.95.49.250 www.google.se
O1 - Hosts: 212.95.49.250 www.google.pt
O1 - Hosts: 212.95.49.250 www.google.ie
O1 - Hosts: 212.95.49.250 www.google.no
O1 - Hosts: 212.95.49.250 www.google.fi
O1 - Hosts: 212.95.49.250 www.google.nl
O1 - Hosts: 212.95.49.250 www.google.ca
O1 - Hosts: 212.95.49.250 us.search.yahoo.com
O1 - Hosts: 212.95.49.250 www.google.es
O1 - Hosts: 212.95.49.250 www.google.it
O2 - BHO: (no name) - {061E7472-BB6F-4129-9FC6-05DA08E07D03} - C:\Windows\System32\dot3dlg32.dll (file missing)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Users\Flo\AppData\Roaming\AntiVirus Plus\AntiVirus Plus.70159.dll
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MobMapUpdater] "C:\Program Files\MobMapUpdater\MobMapUpdater.exe" --silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/707-44556-9400-3/4 (file missing)
O9 - Extra button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\Windows\System32\dot3api32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10265 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{85A7B6F4-ED8B-4893-918E-87A97F113D65}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{061E7472-BB6F-4129-9FC6-05DA08E07D03}]
C:\Windows\System32\dot3dlg32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-12 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-05-31 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Users\Flo\AppData\Roaming\AntiVirus Plus\AntiVirus Plus.70159.dll [2009-11-07 2444288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-05-23 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"NDSTray.exe"=NDSTray.exe []
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-04-02 577536]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-19 861744]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"Skytel"=C:\Windows\Skytel.exe [2007-04-13 1822720]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-12 198160]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-25 4444160]
" Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe [2009-07-31 1935360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"MobMapUpdater"=C:\Program Files\MobMapUpdater\MobMapUpdater.exe [2009-10-16 1771136]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-08 2000112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\dot3api32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44d8c2a5-30a3-11de-b00e-001eec053554}]
shell\AutoRun\command - F:\m.com
shell\open\command - F:\m.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fdaf052-2d84-11de-9305-001eec053554}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
shell\Open(&0)\command - F:\Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4579b4b-2cfd-11de-977f-001eec053554}]
shell\AutoRun\command - H:\p.exe
shell\open\command - H:\p.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-11-08 18:41:32 ----D---- C:\rsit
2009-11-08 18:41:32 ----D---- C:\Program Files\trend micro
2009-11-08 16:45:01 ----D---- C:\Users\Flo\AppData\Roaming\Malwarebytes
2009-11-08 16:44:55 ----D---- C:\ProgramData\Malwarebytes
2009-11-08 16:44:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-08 15:16:36 ----AD---- C:\ProgramData\TEMP
2009-11-07 22:16:51 ----A---- C:\Windows\ntbtlog.txt
2009-11-07 20:04:19 ----D---- C:\Program Files\a-squared Free
2009-11-07 19:39:29 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-11-07 19:38:30 ----D---- C:\Users\Flo\AppData\Roaming\SUPERAntiSpyware.com
2009-11-07 19:38:30 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-07 18:12:49 ----D---- C:\Users\Flo\AppData\Roaming\BitDefender
2009-11-07 18:11:46 ----D---- C:\ProgramData\BitDefender
2009-11-07 18:11:46 ----D---- C:\Program Files\BitDefender
2009-11-07 18:10:33 ----D---- C:\Program Files\Common Files\BitDefender
2009-11-07 18:04:50 ----D---- C:\Users\Flo\AppData\Roaming\QuickScan
2009-11-07 08:52:55 ----D---- C:\Users\Flo\AppData\Roaming\AntiVirus Plus
2009-11-04 03:25:12 ----A---- C:\Windows\system32\mshtml.dll
2009-10-28 13:16:35 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 13:16:33 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 13:16:32 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-21 14:12:25 ----D---- C:\Windows\system32\eu-ES
2009-10-21 14:12:25 ----D---- C:\Windows\system32\ca-ES
2009-10-21 14:12:24 ----D---- C:\Windows\system32\vi-VN
2009-10-21 12:10:35 ----D---- C:\Windows\system32\EventProviders
2009-10-20 15:44:14 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-10-20 15:44:11 ----A---- C:\Windows\system32\SLsvc.exe
2009-10-20 15:44:11 ----A---- C:\Windows\system32\SLCExt.dll
2009-10-20 15:44:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-10-20 15:44:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-10-20 15:44:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-10-20 15:44:05 ----A---- C:\Windows\system32\mssrch.dll
2009-10-20 15:44:03 ----A---- C:\Windows\system32\tquery.dll
2009-10-20 15:44:02 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-10-20 15:44:02 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-10-20 15:44:01 ----A---- C:\Windows\system32\scavenge.dll
2009-10-20 15:44:01 ----A---- C:\Windows\system32\RMActivate.exe
2009-10-20 15:44:00 ----A---- C:\Windows\system32\msi.dll
2009-10-20 15:43:59 ----A---- C:\Windows\system32\WscEapPr.dll
2009-10-20 15:43:59 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-10-20 15:43:59 ----A---- C:\Windows\system32\secproc_isv.dll
2009-10-20 15:43:59 ----A---- C:\Windows\system32\imapi2fs.dll
2009-10-20 15:43:58 ----A---- C:\Windows\system32\sysmain.dll
2009-10-20 15:43:56 ----A---- C:\Windows\system32\icardagt.exe
2009-10-20 15:43:55 ----A---- C:\Windows\system32\EhStorShell.dll
2009-10-20 15:43:55 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-10-20 15:43:54 ----A---- C:\Windows\system32\spreview.exe
2009-10-20 15:43:54 ----A---- C:\Windows\system32\spinstall.exe
2009-10-20 15:43:54 ----A---- C:\Windows\system32\drmv2clt.dll
2009-10-20 15:43:53 ----A---- C:\Windows\system32\spwizui.dll
2009-10-20 15:43:53 ----A---- C:\Windows\system32\shell32.dll
2009-10-20 15:43:53 ----A---- C:\Windows\system32\secproc.dll
2009-10-20 15:43:53 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-10-20 15:43:51 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-10-20 15:43:51 ----A---- C:\Windows\system32\p2psvc.dll
2009-10-20 15:43:51 ----A---- C:\Windows\system32\mssvp.dll
2009-10-20 15:43:50 ----A---- C:\Windows\system32\mssphtb.dll
2009-10-20 15:43:50 ----A---- C:\Windows\system32\mssph.dll
2009-10-20 15:43:50 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-10-20 15:43:50 ----A---- C:\Windows\system32\mscoree.dll
2009-10-20 15:43:50 ----A---- C:\Windows\system32\imapi2.dll
2009-10-20 15:43:49 ----A---- C:\Windows\system32\sdohlp.dll
2009-10-20 15:43:49 ----A---- C:\Windows\system32\esent.dll
2009-10-20 15:43:48 ----A---- C:\Windows\system32\sperror.dll
2009-10-20 15:43:48 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-10-20 15:43:48 ----A---- C:\Windows\system32\korwbrkr.dll
2009-10-20 15:43:48 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-10-20 15:43:48 ----A---- C:\Windows\system32\DevicePairing.dll
2009-10-20 15:43:47 ----A---- C:\Windows\system32\wevtsvc.dll
2009-10-20 15:43:47 ----A---- C:\Windows\system32\SLC.dll
2009-10-20 15:43:47 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-10-20 15:43:47 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-10-20 15:43:47 ----A---- C:\Windows\system32\msshsq.dll
2009-10-20 15:43:47 ----A---- C:\Windows\system32\IasMigReader.exe
2009-10-20 15:43:44 ----A---- C:\Windows\system32\msxml6.dll
2009-10-20 15:43:44 ----A---- C:\Windows\system32\msjet40.dll
2009-10-20 15:43:44 ----A---- C:\Windows\system32\MPSSVC.dll
2009-10-20 15:43:43 ----A---- C:\Windows\system32\Query.dll
2009-10-20 15:43:43 ----A---- C:\Windows\system32\qmgr.dll
2009-10-20 15:43:42 ----A---- C:\Windows\system32\P2PGraph.dll
2009-10-20 15:43:42 ----A---- C:\Windows\system32\ole32.dll
2009-10-20 15:43:42 ----A---- C:\Windows\system32\msexch40.dll
2009-10-20 15:43:42 ----A---- C:\Windows\system32\diagperf.dll
2009-10-20 15:43:41 ----A---- C:\Windows\system32\winload.exe
2009-10-20 15:43:41 ----A---- C:\Windows\system32\srchadmin.dll
2009-10-20 15:43:41 ----A---- C:\Windows\system32\ntdll.dll
2009-10-20 15:43:41 ----A---- C:\Windows\system32\msxml3.dll
2009-10-20 15:43:41 ----A---- C:\Windows\system32\mblctr.exe
2009-10-20 15:43:41 ----A---- C:\Windows\system32\EncDec.dll
2009-10-20 15:43:40 ----A---- C:\Windows\system32\uDWM.dll
2009-10-20 15:43:40 ----A---- C:\Windows\system32\riched20.dll
2009-10-20 15:43:40 ----A---- C:\Windows\system32\mmc.exe
2009-10-20 15:43:40 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-10-20 15:43:40 ----A---- C:\Windows\system32\dfsr.exe
2009-10-20 15:43:39 ----A---- C:\Windows\system32\RacEngn.dll
2009-10-20 15:43:39 ----A---- C:\Windows\system32\fdBth.dll
2009-10-20 15:43:38 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-10-20 15:43:38 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-10-20 15:43:38 ----A---- C:\Windows\system32\milcore.dll
2009-10-20 15:43:38 ----A---- C:\Windows\system32\kernel32.dll
2009-10-20 15:43:37 ----A---- C:\Windows\system32\spoolss.dll
2009-10-20 15:43:37 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-10-20 15:43:37 ----A---- C:\Windows\system32\CertEnroll.dll
2009-10-20 15:43:36 ----A---- C:\Windows\system32\schedsvc.dll
2009-10-20 15:43:36 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-10-20 15:43:34 ----A---- C:\Windows\system32\msvcp60.dll
2009-10-20 15:43:34 ----A---- C:\Windows\system32\msjtes40.dll
2009-10-20 15:43:34 ----A---- C:\Windows\system32\gpedit.dll
2009-10-20 15:43:34 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-10-20 15:43:33 ----A---- C:\Windows\system32\infocardapi.dll
2009-10-20 15:43:32 ----A---- C:\Windows\system32\WinSAT.exe
2009-10-20 15:43:31 ----A---- C:\Windows\system32\es.dll
2009-10-20 15:43:30 ----A---- C:\Windows\system32\PresentationSettings.exe

Inflames_123 · 08.11.2009, 19:05

2009-10-20 15:43:30 ----A---- C:\Windows\system32\mstext40.dll
2009-10-20 15:43:30 ----A---- C:\Windows\system32\Magnify.exe
2009-10-20 15:43:30 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-10-20 15:43:30 ----A---- C:\Windows\system32\advapi32.dll
2009-10-20 15:43:28 ----A---- C:\Windows\system32\WMPhoto.dll
2009-10-20 15:43:28 ----A---- C:\Windows\system32\WebClnt.dll
2009-10-20 15:43:28 ----A---- C:\Windows\system32\slwmi.dll
2009-10-20 15:43:28 ----A---- C:\Windows\system32\msexcl40.dll
2009-10-20 15:43:27 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-10-20 15:43:27 ----A---- C:\Windows\system32\vssapi.dll
2009-10-20 15:43:27 ----A---- C:\Windows\system32\msxbde40.dll
2009-10-20 15:43:27 ----A---- C:\Windows\system32\comsvcs.dll
2009-10-20 15:43:26 ----A---- C:\Windows\system32\authui.dll
2009-10-20 15:43:25 ----A---- C:\Windows\system32\NetProjW.dll
2009-10-20 15:43:24 ----A---- C:\Windows\system32\propsys.dll
2009-10-20 15:43:24 ----A---- C:\Windows\system32\PresentationHost.exe
2009-10-20 15:43:24 ----A---- C:\Windows\system32\newdev.dll
2009-10-20 15:43:24 ----A---- C:\Windows\system32\msrepl40.dll
2009-10-20 15:43:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-10-20 15:43:23 ----A---- C:\Windows\system32\iasrecst.dll
2009-10-20 15:43:23 ----A---- C:\Windows\system32\gpsvc.dll
2009-10-20 15:43:23 ----A---- C:\Windows\system32\eudcedit.exe
2009-10-20 15:43:23 ----A---- C:\Windows\system32\crypt32.dll
2009-10-20 15:43:23 ----A---- C:\Windows\explorer.exe
2009-10-20 15:43:22 ----A---- C:\Windows\system32\setupapi.dll
2009-10-20 15:43:22 ----A---- C:\Windows\system32\rpcss.dll
2009-10-20 15:43:21 ----A---- C:\Windows\system32\mspbde40.dll
2009-10-20 15:43:21 ----A---- C:\Windows\system32\d3d9.dll
2009-10-20 15:43:20 ----A---- C:\Windows\system32\msltus40.dll
2009-10-20 15:43:20 ----A---- C:\Windows\system32\davclnt.dll
2009-10-20 15:43:19 ----A---- C:\Windows\system32\shlwapi.dll
2009-10-20 15:43:19 ----A---- C:\Windows\system32\msrd3x40.dll
2009-10-20 15:43:19 ----A---- C:\Windows\system32\mfc42.dll
2009-10-20 15:43:19 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-10-20 15:43:19 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-10-20 15:43:18 ----A---- C:\Windows\system32\msdtctm.dll
2009-10-20 15:43:18 ----A---- C:\Windows\system32\browseui.dll
2009-10-20 15:43:17 ----A---- C:\Windows\system32\wevtapi.dll
2009-10-20 15:43:17 ----A---- C:\Windows\system32\photowiz.dll
2009-10-20 15:43:17 ----A---- C:\Windows\system32\nlhtml.dll
2009-10-20 15:43:15 ----A---- C:\Windows\system32\user32.dll
2009-10-20 15:43:15 ----A---- C:\Windows\system32\samsrv.dll
2009-10-20 15:43:15 ----A---- C:\Windows\system32\quartz.dll
2009-10-20 15:43:15 ----A---- C:\Windows\system32\ci.dll
2009-10-20 15:43:14 ----A---- C:\Windows\system32\win32spl.dll
2009-10-20 15:43:14 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-10-20 15:43:14 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-10-20 15:43:14 ----A---- C:\Windows\system32\oleaut32.dll
2009-10-20 15:43:13 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-10-20 15:43:13 ----A---- C:\Windows\system32\netshell.dll
2009-10-20 15:43:13 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-10-20 15:43:12 ----A---- C:\Windows\system32\winhttp.dll
2009-10-20 15:43:12 ----A---- C:\Windows\system32\compcln.exe
2009-10-20 15:43:12 ----A---- C:\Windows\system32\apds.dll
2009-10-20 15:43:11 ----A---- C:\Windows\system32\xmlfilter.dll
2009-10-20 15:43:11 ----A---- C:\Windows\system32\mswstr10.dll
2009-10-20 15:43:11 ----A---- C:\Windows\system32\audiosrv.dll
2009-10-20 15:43:10 ----A---- C:\Windows\system32\msctf.dll
2009-10-20 15:43:10 ----A---- C:\Windows\system32\emdmgmt.dll
2009-10-20 15:43:09 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-10-20 15:43:09 ----A---- C:\Windows\system32\msvcrt.dll
2009-10-20 15:43:09 ----A---- C:\Windows\system32\gdi32.dll
2009-10-20 15:43:08 ----A---- C:\Windows\system32\VSSVC.exe
2009-10-20 15:43:08 ----A---- C:\Windows\system32\mfc42u.dll
2009-10-20 15:43:08 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-10-20 15:43:07 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-10-20 15:43:07 ----A---- C:\Windows\system32\SLUI.exe
2009-10-20 15:43:07 ----A---- C:\Windows\system32\msrd2x40.dll
2009-10-20 15:43:07 ----A---- C:\Windows\system32\eapphost.dll
2009-10-20 15:43:06 ----A---- C:\Windows\system32\odbc32.dll
2009-10-20 15:43:05 ----A---- C:\Windows\system32\winresume.exe
2009-10-20 15:43:05 ----A---- C:\Windows\system32\propdefs.dll
2009-10-20 15:43:04 ----A---- C:\Windows\system32\shdocvw.dll
2009-10-20 15:43:03 ----A---- C:\Windows\system32\wevtutil.exe
2009-10-20 15:43:03 ----A---- C:\Windows\system32\mssitlb.dll
2009-10-20 15:43:03 ----A---- C:\Windows\system32\dbgeng.dll
2009-10-20 15:43:01 ----A---- C:\Windows\system32\WsmSvc.dll
2009-10-20 15:43:01 ----A---- C:\Windows\system32\swprv.dll
2009-10-20 15:43:01 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-10-20 15:43:00 ----A---- C:\Windows\system32\usp10.dll
2009-10-20 15:42:59 ----A---- C:\Windows\system32\vds.exe
2009-10-20 15:42:58 ----A---- C:\Windows\system32\msctfp.dll
2009-10-20 15:42:58 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-10-20 15:42:58 ----A---- C:\Windows\system32\drvinst.exe
2009-10-20 15:42:58 ----A---- C:\Windows\system32\devmgr.dll
2009-10-20 15:42:57 ----A---- C:\Windows\system32\netlogon.dll
2009-10-20 15:42:57 ----A---- C:\Windows\system32\msscb.dll
2009-10-20 15:42:57 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-10-20 15:42:57 ----A---- C:\Windows\system32\BFE.DLL
2009-10-20 15:42:57 ----A---- C:\Windows\system32\adsldpc.dll
2009-10-20 15:42:55 ----A---- C:\Windows\system32\wcnwiz.dll
2009-10-20 15:42:55 ----A---- C:\Windows\system32\evr.dll
2009-10-20 15:42:54 ----A---- C:\Windows\system32\WSDApi.dll
2009-10-20 15:42:54 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-10-20 15:42:54 ----A---- C:\Windows\system32\Wldap32.dll
2009-10-20 15:42:54 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-10-20 15:42:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-10-20 15:42:53 ----A---- C:\Windows\system32\services.exe
2009-10-20 15:42:52 ----A---- C:\Windows\system32\wercon.exe
2009-10-20 15:42:52 ----A---- C:\Windows\system32\mimefilt.dll
2009-10-20 15:42:52 ----A---- C:\Windows\system32\comdlg32.dll
2009-10-20 15:42:52 ----A---- C:\Windows\system32\adtschema.dll
2009-10-20 15:42:51 ----A---- C:\Windows\system32\wcncsvc.dll
2009-10-20 15:42:51 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-10-20 15:42:51 ----A---- C:\Windows\system32\msdtcprx.dll
2009-10-20 15:42:51 ----A---- C:\Windows\system32\msdrm.dll
2009-10-20 15:42:51 ----A---- C:\Windows\system32\certcli.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\taskeng.exe
2009-10-20 15:42:50 ----A---- C:\Windows\system32\rtffilt.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\reg.exe
2009-10-20 15:42:50 ----A---- C:\Windows\system32\mswdat10.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\msjter40.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-10-20 15:42:50 ----A---- C:\Windows\system32\dnsapi.dll
2009-10-20 15:42:49 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-10-20 15:42:49 ----A---- C:\Windows\system32\w32time.dll
2009-10-20 15:42:49 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-10-20 15:42:49 ----A---- C:\Windows\system32\certutil.exe
2009-10-20 15:42:48 ----A---- C:\Windows\system32\rsaenh.dll
2009-10-20 15:42:48 ----A---- C:\Windows\system32\msshooks.dll
2009-10-20 15:42:48 ----A---- C:\Windows\system32\msscntrs.dll
2009-10-20 15:42:48 ----A---- C:\Windows\system32\bthserv.dll
2009-10-20 15:42:48 ----A---- C:\Windows\system32\bcrypt.dll
2009-10-20 15:42:47 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-10-20 15:42:47 ----A---- C:\Windows\system32\msstrc.dll
2009-10-20 15:42:47 ----A---- C:\Windows\system32\msihnd.dll
2009-10-20 15:42:47 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-10-20 15:42:47 ----A---- C:\Windows\system32\inetcomm.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\netapi32.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\mtxclu.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\mscories.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\inetpp.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\hidserv.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\fundisc.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\dfshim.dll
2009-10-20 15:42:46 ----A---- C:\Windows\system32\cryptsvc.dll
2009-10-20 15:42:45 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-10-20 15:42:45 ----A---- C:\Windows\system32\termsrv.dll
2009-10-20 15:42:45 ----A---- C:\Windows\system32\profsvc.dll
2009-10-20 15:42:45 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-10-20 15:42:44 ----A---- C:\Windows\system32\shsvcs.dll
2009-10-20 15:42:44 ----A---- C:\Windows\system32\msiexec.exe
2009-10-20 15:42:44 ----A---- C:\Windows\system32\imapi.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\wdc.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\spoolsv.exe
2009-10-20 15:42:43 ----A---- C:\Windows\system32\rasmans.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\pnidui.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\icardres.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\iassdo.dll
2009-10-20 15:42:43 ----A---- C:\Windows\system32\chsbrkr.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\wersvc.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\slmgr.vbs
2009-10-20 15:42:42 ----A---- C:\Windows\system32\scrrun.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\PSHED.DLL
2009-10-20 15:42:42 ----A---- C:\Windows\system32\pdh.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\azroles.dll
2009-10-20 15:42:42 ----A---- C:\Windows\system32\autofmt.exe
2009-10-20 15:42:41 ----A---- C:\Windows\system32\wmpmde.dll
2009-10-20 15:42:41 ----A---- C:\Windows\system32\pidgenx.dll
2009-10-20 15:42:40 ----A---- C:\Windows\system32\winlogon.exe
2009-10-20 15:42:40 ----A---- C:\Windows\system32\SyncCenter.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\SLUINotify.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\sethc.exe
2009-10-20 15:42:39 ----A---- C:\Windows\system32\ncrypt.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\kd1394.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\comuid.dll
2009-10-20 15:42:39 ----A---- C:\Windows\system32\certmgr.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\untfs.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\spp.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\scrobj.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\rtutils.dll
2009-10-20 15:42:38 ----A---- C:\Windows\system32\iassam.dll
2009-10-20 15:42:37 ----A---- C:\Windows\system32\wisptis.exe
2009-10-20 15:42:36 ----A---- C:\Windows\system32\taskcomp.dll
2009-10-20 15:42:36 ----A---- C:\Windows\system32\dwm.exe
2009-10-20 15:42:35 ----A---- C:\Windows\system32\printui.dll
2009-10-20 15:42:35 ----A---- C:\Windows\system32\iasnap.dll
2009-10-20 15:42:35 ----A---- C:\Windows\system32\autoconv.exe
2009-10-20 15:42:35 ----A---- C:\Windows\system32\autochk.exe
2009-10-20 15:42:34 ----A---- C:\Windows\system32\winsrv.dll
2009-10-20 15:42:34 ----A---- C:\Windows\system32\userenv.dll
2009-10-20 15:42:34 ----A---- C:\Windows\system32\onex.dll
2009-10-20 15:42:34 ----A---- C:\Windows\system32\kdcom.dll
2009-10-20 15:42:34 ----A---- C:\Windows\system32\cscript.exe
2009-10-20 15:42:34 ----A---- C:\Windows\system32\basecsp.dll
2009-10-20 15:42:34 ----A---- C:\Windows\system32\audiodg.exe
2009-10-20 15:42:33 ----A---- C:\Windows\system32\wow32.dll
2009-10-20 15:42:33 ----A---- C:\Windows\system32\winmm.dll
2009-10-20 15:42:33 ----A---- C:\Windows\system32\spcmsg.dll
2009-10-20 15:42:33 ----A---- C:\Windows\system32\RelMon.dll
2009-10-20 15:42:33 ----A---- C:\Windows\system32\osk.exe
2009-10-20 15:42:33 ----A---- C:\Windows\system32\mswsock.dll
2009-10-20 15:42:33 ----A---- C:\Windows\system32\kdusb.dll
2009-10-20 15:42:32 ----A---- C:\Windows\system32\WinSCard.dll
2009-10-20 15:42:32 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-10-20 15:42:32 ----A---- C:\Windows\system32\rdpencom.dll
2009-10-20 15:42:32 ----A---- C:\Windows\system32\offfilt.dll
2009-10-20 15:42:32 ----A---- C:\Windows\system32\msftedit.dll
2009-10-20 15:42:32 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-10-20 15:42:31 ----A---- C:\Windows\system32\wsepno.dll
2009-10-20 15:42:31 ----A---- C:\Windows\system32\WerFault.exe
2009-10-20 15:42:31 ----A---- C:\Windows\system32\Utilman.exe
2009-10-20 15:42:31 ----A---- C:\Windows\system32\stobject.dll
2009-10-20 15:42:31 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-10-20 15:42:31 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\wiaservc.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\sysclass.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\SndVol.exe
2009-10-20 15:42:30 ----A---- C:\Windows\system32\prnntfy.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\msnetobj.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\mscms.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\mfplat.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\mcmde.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\diskraid.exe
2009-10-20 15:42:30 ----A---- C:\Windows\system32\apphelp.dll
2009-10-20 15:42:30 ----A---- C:\Windows\system32\adsmsext.dll
2009-10-20 15:42:29 ----A---- C:\Windows\system32\wscript.exe
2009-10-20 15:42:29 ----A---- C:\Windows\system32\ulib.dll
2009-10-20 15:42:29 ----A---- C:\Windows\system32\odbccp32.dll
2009-10-20 15:42:29 ----A---- C:\Windows\system32\iasdatastore.dll
2009-10-20 15:42:29 ----A---- C:\Windows\system32\dsound.dll
2009-10-20 15:42:29 ----A---- C:\Windows\system32\cryptui.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\wscntfy.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\wlangpui.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\rastapi.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\pnpsetup.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-10-20 15:42:28 ----A---- C:\Windows\system32\fdProxy.dll
2009-10-20 15:42:28 ----A---- C:\Windows\system32\brcpl.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\wscsvc.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-10-20 15:42:27 ----A---- C:\Windows\system32\vdsdyn.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\regsvc.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\rastls.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\rasapi32.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\ntprint.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\logman.exe
2009-10-20 15:42:27 ----A---- C:\Windows\system32\iashlpr.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\gpapi.dll
2009-10-20 15:42:27 ----A---- C:\Windows\system32\diskpart.exe
2009-10-20 15:42:26 ----A---- C:\Windows\system32\zipfldr.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\wusa.exe
2009-10-20 15:42:26 ----A---- C:\Windows\system32\wshext.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\wpccpl.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\netcenter.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\mscorier.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\iasrad.dll
2009-10-20 15:42:26 ----A---- C:\Windows\system32\findstr.exe
2009-10-20 15:42:25 ----A---- C:\Windows\system32\wsnmp32.dll
2009-10-20 15:42:25 ----A---- C:\Windows\system32\wer.dll
2009-10-20 15:42:25 ----A---- C:\Windows\system32\themecpl.dll
2009-10-20 15:42:25 ----A---- C:\Windows\system32\rasdlg.dll
2009-10-20 15:42:25 ----A---- C:\Windows\system32\iassvcs.dll
2009-10-20 15:42:24 ----A---- C:\Windows\system32\uxsms.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\tsbyuv.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\srvsvc.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\slcc.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\scansetting.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\powrprof.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\ntmarta.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\msutb.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\mstlsapi.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\mssprxy.dll
2009-10-20 15:42:23 ----A---- C:\Windows\system32\iasads.dll
2009-10-20 15:42:22 ----A---- C:\Windows\system32\powercpl.dll
2009-10-20 15:42:22 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-10-20 15:42:22 ----A---- C:\Windows\system32\networkmap.dll
2009-10-20 15:42:22 ----A---- C:\Windows\system32\mstsc.exe

Inflames_123 · 08.11.2009, 19:07

2009-10-20 15:42:22 ----A---- C:\Windows\system32\authz.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\themeui.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\systemcpl.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\sud.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\pcaui.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\newdev.exe
2009-10-20 15:42:21 ----A---- C:\Windows\system32\dot3svc.dll
2009-10-20 15:42:21 ----A---- C:\Windows\system32\connect.dll
2009-10-20 15:42:20 ----A---- C:\Windows\system32\samlib.dll
2009-10-20 15:42:20 ----A---- C:\Windows\system32\mmci.dll
2009-10-20 15:42:20 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-10-20 15:42:19 ----A---- C:\Windows\system32\wlanpref.dll
2009-10-20 15:42:19 ----A---- C:\Windows\system32\usercpl.dll
2009-10-20 15:42:19 ----A---- C:\Windows\system32\qdvd.dll
2009-10-20 15:42:19 ----A---- C:\Windows\system32\autoplay.dll
2009-10-20 15:42:18 ----A---- C:\Windows\system32\rpchttp.dll
2009-10-20 15:42:18 ----A---- C:\Windows\system32\regapi.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\wpcao.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\vdsutil.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\tapisrv.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\scksp.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\scesrv.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\psisdecd.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\oleprn.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\msinfo32.exe
2009-10-20 15:42:17 ----A---- C:\Windows\system32\mpr.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\feclient.dll
2009-10-20 15:42:17 ----A---- C:\Windows\system32\AudioSes.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\wscisvif.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\sdclt.exe
2009-10-20 15:42:16 ----A---- C:\Windows\system32\rekeywiz.exe
2009-10-20 15:42:16 ----A---- C:\Windows\system32\imm32.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\iaspolcy.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\Faultrep.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\dpapimig.exe
2009-10-20 15:42:16 ----A---- C:\Windows\system32\dot3msm.dll
2009-10-20 15:42:16 ----A---- C:\Windows\system32\DeviceEject.exe
2009-10-20 15:42:15 ----A---- C:\Windows\system32\scecli.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\rasplap.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\rasgcw.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\qedit.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\pnpui.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\perfdisk.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\ncryptui.dll
2009-10-20 15:42:15 ----A---- C:\Windows\system32\hdwwiz.exe
2009-10-20 15:42:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-10-20 15:42:15 ----A---- C:\Windows\system32\certreq.exe
2009-10-20 15:42:14 ----A---- C:\Windows\system32\whealogr.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\TSTheme.exe
2009-10-20 15:42:14 ----A---- C:\Windows\system32\tcpmon.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\spwinsat.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-10-20 15:42:14 ----A---- C:\Windows\system32\fdWSD.dll
2009-10-20 15:42:14 ----A---- C:\Windows\system32\cmmon32.exe
2009-10-20 15:42:13 ----A---- C:\Windows\system32\srcore.dll
2009-10-20 15:42:13 ----A---- C:\Windows\system32\SnippingTool.exe
2009-10-20 15:42:13 ----A---- C:\Windows\system32\SCardSvr.dll
2009-10-20 15:42:13 ----A---- C:\Windows\system32\raschap.dll
2009-10-20 15:42:13 ----A---- C:\Windows\system32\conime.exe
2009-10-20 15:42:13 ----A---- C:\Windows\system32\cmdial32.dll
2009-10-20 15:42:12 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-10-20 15:42:12 ----A---- C:\Windows\system32\fontext.dll
2009-10-20 15:42:11 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-10-20 15:42:11 ----A---- C:\Windows\system32\wlanui.dll
2009-10-20 15:42:11 ----A---- C:\Windows\system32\wiaaut.dll
2009-10-20 15:42:11 ----A---- C:\Windows\system32\rasppp.dll
2009-10-20 15:42:11 ----A---- C:\Windows\system32\PnPutil.exe
2009-10-20 15:42:11 ----A---- C:\Windows\system32\dsprop.dll
2009-10-20 15:42:10 ----A---- C:\Windows\system32\shwebsvc.dll
2009-10-20 15:42:10 ----A---- C:\Windows\system32\oobefldr.dll
2009-10-20 15:42:10 ----A---- C:\Windows\system32\dimsroam.dll
2009-10-20 15:42:09 ----A---- C:\Windows\system32\shsetup.dll
2009-10-20 15:42:09 ----A---- C:\Windows\system32\rasmontr.dll
2009-10-20 15:42:09 ----A---- C:\Windows\system32\mscandui.dll
2009-10-20 15:42:09 ----A---- C:\Windows\system32\modemui.dll
2009-10-20 15:42:09 ----A---- C:\Windows\system32\chtbrkr.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\smss.exe
2009-10-20 15:42:08 ----A---- C:\Windows\system32\rdpwsx.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\dataclen.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\credui.dll
2009-10-20 15:42:08 ----A---- C:\Windows\system32\blackbox.dll
2009-10-20 15:42:07 ----A---- C:\Windows\system32\WSDMon.dll
2009-10-20 15:42:07 ----A---- C:\Windows\system32\wmpeffects.dll
2009-10-20 15:42:07 ----A---- C:\Windows\system32\netplwiz.dll
2009-10-20 15:42:07 ----A---- C:\Windows\system32\certprop.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\wscapi.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\wpcsvc.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\networkexplorer.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\msscp.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\msimtf.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\logagent.exe
2009-10-20 15:42:06 ----A---- C:\Windows\system32\InkEd.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\ifmon.dll
2009-10-20 15:42:06 ----A---- C:\Windows\system32\gpresult.exe
2009-10-20 15:42:06 ----A---- C:\Windows\system32\cipher.exe
2009-10-20 15:42:05 ----A---- C:\Windows\system32\thawbrkr.dll
2009-10-20 15:42:05 ----A---- C:\Windows\system32\softkbd.dll
2009-10-20 15:42:05 ----A---- C:\Windows\system32\sendmail.dll
2009-10-20 15:42:04 ----A---- C:\Windows\system32\olepro32.dll
2009-10-20 15:42:04 ----A---- C:\Windows\system32\msctfui.dll
2009-10-20 15:42:04 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-10-20 15:42:04 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-10-20 15:42:04 ----A---- C:\Windows\system32\dmsynth.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\wshbth.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\version.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\SLLUA.exe
2009-10-20 15:42:03 ----A---- C:\Windows\system32\puiapi.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\msisip.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\mprapi.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\input.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-10-20 15:42:03 ----A---- C:\Windows\system32\cdd.dll
2009-10-20 15:42:02 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-10-20 15:42:02 ----A---- C:\Windows\system32\fdSSDP.dll
2009-10-20 15:42:02 ----A---- C:\Windows\system32\fc.exe
2009-10-20 15:42:02 ----A---- C:\Windows\system32\dmusic.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\wsdchngr.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\msjint40.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\l2nacp.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\ftp.exe
2009-10-20 15:42:01 ----A---- C:\Windows\system32\eapp3hst.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\cscdll.dll
2009-10-20 15:42:01 ----A---- C:\Windows\system32\cscapi.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\Storprop.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\rasdial.exe
2009-10-20 15:42:00 ----A---- C:\Windows\system32\rasdiag.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\fdWCN.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\eappcfg.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\dot3cfg.dll
2009-10-20 15:42:00 ----A---- C:\Windows\system32\bthudtask.exe
2009-10-20 15:42:00 ----A---- C:\Windows\system32\bthci.dll
2009-10-20 15:41:59 ----A---- C:\Windows\system32\tscupgrd.exe
2009-10-20 15:41:59 ----A---- C:\Windows\system32\slcinst.dll
2009-10-20 15:41:59 ----A---- C:\Windows\system32\ocsetup.exe
2009-10-20 15:41:59 ----A---- C:\Windows\system32\nslookup.exe
2009-10-20 15:41:59 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-10-20 15:41:59 ----A---- C:\Windows\system32\ipconfig.exe
2009-10-20 15:41:59 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-10-20 15:41:59 ----A---- C:\Windows\system32\eappgnui.dll
2009-10-20 15:41:59 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-10-20 15:41:58 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-10-20 15:41:58 ----A---- C:\Windows\system32\mmcico.dll
2009-10-20 15:41:58 ----A---- C:\Windows\system32\hbaapi.dll
2009-10-20 15:41:58 ----A---- C:\Windows\system32\fdeploy.dll
2009-10-20 15:41:57 ----A---- C:\Windows\system32\gpupdate.exe
2009-10-20 15:41:57 ----A---- C:\Windows\system32\cbsra.exe
2009-10-20 15:41:56 ----A---- C:\Windows\system32\NcdProp.dll
2009-10-20 15:41:56 ----A---- C:\Windows\system32\iscsilog.dll
2009-10-20 15:41:56 ----A---- C:\Windows\system32\csrstub.exe
2009-10-20 15:41:56 ----A---- C:\Windows\system32\bitsigd.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\winrnr.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\vdmdbg.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\slwga.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\odbcconf.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\midimap.dll
2009-10-20 15:41:55 ----A---- C:\Windows\system32\inetppui.dll
2009-10-20 15:41:52 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-10-20 15:41:51 ----A---- C:\Windows\system32\msimsg.dll
2009-10-20 15:41:18 ----A---- C:\Windows\system32\SmiEngine.dll
2009-10-20 15:41:17 ----A---- C:\Windows\system32\wdscore.dll
2009-10-20 15:41:17 ----A---- C:\Windows\system32\PkgMgr.exe
2009-10-20 15:40:56 ----A---- C:\Windows\system32\drvstore.dll
2009-10-20 14:57:26 ----D---- C:\Users\Flo\AppData\Roaming\NCH Software
2009-10-20 14:57:26 ----D---- C:\ProgramData\NCH Software
2009-10-14 10:41:00 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-14 10:40:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-14 10:40:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-14 10:40:30 ----A---- C:\Windows\system32\iertutil.dll
2009-10-14 10:40:30 ----A---- C:\Windows\system32\ieframe.dll
2009-10-14 10:40:29 ----A---- C:\Windows\system32\wininet.dll
2009-10-14 10:40:29 ----A---- C:\Windows\system32\urlmon.dll
2009-10-14 10:40:29 ----A---- C:\Windows\system32\occache.dll
2009-10-14 10:40:29 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-14 10:40:29 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-14 10:40:28 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-14 10:40:28 ----A---- C:\Windows\system32\ieui.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\iesetup.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\iernonce.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\iepeers.dll
2009-10-14 10:40:28 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-14 10:40:25 ----A---- C:\Windows\system32\msasn1.dll
2009-10-14 10:40:19 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-12 22:35:51 ----A---- C:\Windows\system32\TubeFinder.exe
2009-10-12 22:35:50 ----D---- C:\Users\Flo\AppData\Roaming\FreeFLVConverter
2009-10-12 22:35:50 ----D---- C:\Program Files\Free FLV Converter
2009-10-12 22:35:50 ----A---- C:\Windows\system32\VB6STKIT.DLL
2009-10-12 22:35:50 ----A---- C:\Windows\system32\VB6FR.DLL
2009-10-12 22:35:50 ----A---- C:\Windows\system32\PCCLPFR.DLL
2009-10-12 22:35:50 ----A---- C:\Windows\system32\MSCMCFR.DLL
2009-10-12 22:35:50 ----A---- C:\Windows\system32\CMDLGFR.DLL
2009-10-12 22:25:50 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-12 22:25:42 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-12 22:25:42 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-12 22:25:40 ----D---- C:\Program Files\Common Files\xing shared
2009-10-12 22:25:29 ----A---- C:\Windows\system32\pncrt.dll
2009-10-12 22:25:27 ----D---- C:\Program Files\Real
2009-10-12 22:25:26 ----D---- C:\ProgramData\Real
2009-10-12 22:25:26 ----D---- C:\Program Files\Common Files\Real
2009-10-12 22:25:15 ----D---- C:\Users\Flo\AppData\Roaming\Real
2009-10-12 18:55:31 ----D---- C:\Users\Flo\AppData\Roaming\FileZilla
2009-10-12 18:55:23 ----D---- C:\Program Files\FileZilla FTP Client
2009-10-11 07:53:02 ----D---- C:\ProgramData\Backup
2009-10-10 03:14:56 ----A---- C:\Windows\wininit.ini

======List of files/folders modified in the last 1 months======

2009-11-08 18:41:37 ----D---- C:\Windows\Temp
2009-11-08 18:41:32 ----RD---- C:\Program Files
2009-11-08 18:33:07 ----D---- C:\Windows\Internet Logs
2009-11-08 18:14:46 ----D---- C:\Windows\System32
2009-11-08 18:14:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-08 17:00:19 ----SHD---- C:\System Volume Information
2009-11-08 16:44:56 ----D---- C:\Windows\system32\drivers
2009-11-08 16:44:55 ----HD---- C:\ProgramData
2009-11-08 16:38:18 ----D---- C:\Windows\system32\catroot2
2009-11-08 15:32:20 ----D---- C:\Program Files\Common Files
2009-11-08 15:30:30 ----D---- C:\Windows
2009-11-08 15:29:56 ----D---- C:\Program Files\Mozilla Firefox
2009-11-08 15:18:03 ----SHD---- C:\Windows\Installer
2009-11-08 15:18:01 ----D---- C:\Windows\winsxs
2009-11-08 03:22:45 ----D---- C:\Windows\system32\Tasks
2009-11-07 22:17:00 ----D---- C:\Windows\Minidump
2009-11-07 19:37:37 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-07 18:14:26 ----D---- C:\Windows\system32\catroot
2009-11-07 18:14:26 ----D---- C:\Windows\inf
2009-11-07 18:12:59 ----D---- C:\Windows\Prefetch
2009-11-05 09:43:22 ----A---- C:\Windows\system32\rbap350.dll
2009-11-05 05:59:22 ----D---- C:\Users\Flo\AppData\Roaming\OpenOffice.org2
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-30 14:35:48 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2009-10-30 14:29:33 ----D---- C:\Program Files\NCH Software
2009-10-30 14:28:36 ----D---- C:\Windows\Tasks
2009-10-30 14:24:42 ----DC---- C:\Windows\system32\DRVSTORE
2009-10-30 14:20:31 ----D---- C:\ProgramData\Symantec
2009-10-30 14:20:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-10-30 14:19:30 ----D---- C:\Program Files\Symantec
2009-10-28 20:53:07 ----D---- C:\Users\Flo\AppData\Roaming\teamspeak2
2009-10-28 17:02:04 ----D---- C:\Windows\rescache
2009-10-28 16:45:01 ----D---- C:\Program Files\Internet Explorer
2009-10-28 16:45:00 ----D---- C:\Windows\system32\de-DE
2009-10-28 16:45:00 ----D---- C:\Program Files\Windows Media Player
2009-10-27 03:25:51 ----D---- C:\Users\Flo\AppData\Roaming\Azureus
2009-10-26 10:19:26 ----D---- C:\Users\Flo\AppData\Roaming\Samsung
2009-10-26 10:18:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-22 00:14:34 ----D---- C:\Windows\Microsoft.NET
2009-10-22 00:14:33 ----RSD---- C:\Windows\assembly
2009-10-21 14:20:51 ----SHD---- C:\Boot
2009-10-21 14:13:31 ----D---- C:\Program Files\Windows Sidebar
2009-10-21 14:13:31 ----D---- C:\Program Files\Windows Mail
2009-10-21 14:13:31 ----D---- C:\Program Files\Windows Calendar
2009-10-21 14:13:31 ----D---- C:\Program Files\Movie Maker
2009-10-21 14:13:30 ----D---- C:\Program Files\Windows Journal
2009-10-21 14:13:30 ----D---- C:\Program Files\Windows Collaboration
2009-10-21 14:13:29 ----D---- C:\Program Files\Windows Photo Gallery
2009-10-21 14:13:29 ----D---- C:\Program Files\Common Files\System
2009-10-21 14:13:26 ----D---- C:\Windows\servicing
2009-10-21 14:13:26 ----D---- C:\Windows\ehome
2009-10-21 14:13:26 ----D---- C:\Program Files\Windows Defender
2009-10-21 14:13:17 ----D---- C:\Windows\system32\XPSViewer
2009-10-21 14:13:17 ----D---- C:\Windows\system32\lv-LV
2009-10-21 14:13:17 ----D---- C:\Windows\IME
2009-10-21 14:13:16 ----D---- C:\Windows\system32\sk-SK
2009-10-21 14:13:16 ----D---- C:\Windows\system32\ko-KR
2009-10-21 14:13:16 ----D---- C:\Windows\system32\hr-HR
2009-10-21 14:13:16 ----D---- C:\Windows\system32\et-EE
2009-10-21 14:13:16 ----D---- C:\Windows\system32\en-US
2009-10-21 14:13:16 ----D---- C:\Windows\system32\da-DK
2009-10-21 14:13:11 ----D---- C:\Windows\system32\oobe
2009-10-21 14:13:11 ----D---- C:\Windows\system32\migration
2009-10-21 14:13:11 ----D---- C:\Windows\system32\it-IT
2009-10-21 14:13:11 ----D---- C:\Windows\system32\el-GR
2009-10-21 14:13:10 ----D---- C:\Windows\system32\sv-SE
2009-10-21 14:13:10 ----D---- C:\Windows\system32\SLUI
2009-10-21 14:13:10 ----D---- C:\Windows\system32\setup
2009-10-21 14:13:10 ----D---- C:\Windows\system32\ru-RU
2009-10-21 14:13:10 ----D---- C:\Windows\system32\pt-PT
2009-10-21 14:13:10 ----D---- C:\Windows\system32\hu-HU
2009-10-21 14:13:10 ----D---- C:\Windows\system32\he-IL
2009-10-21 14:13:10 ----D---- C:\Windows\system32\fr-FR
2009-10-21 14:13:10 ----D---- C:\Windows\system32\fi-FI
2009-10-21 14:13:10 ----D---- C:\Windows\system32\cs-CZ
2009-10-21 14:13:10 ----D---- C:\Windows\system32\AdvancedInstallers
2009-10-21 14:13:08 ----D---- C:\Windows\system32\zh-CN
2009-10-21 14:13:08 ----D---- C:\Windows\system32\sr-Latn-CS
2009-10-21 14:13:08 ----D---- C:\Windows\system32\sl-SI
2009-10-21 14:13:08 ----D---- C:\Windows\system32\manifeststore
2009-10-21 14:13:08 ----D---- C:\Windows\system32\es-ES
2009-10-21 14:13:07 ----D---- C:\Windows\system32\zh-TW
2009-10-21 14:13:07 ----D---- C:\Windows\system32\uk-UA
2009-10-21 14:13:07 ----D---- C:\Windows\system32\tr-TR
2009-10-21 14:13:07 ----D---- C:\Windows\system32\th-TH
2009-10-21 14:13:07 ----D---- C:\Windows\system32\ro-RO
2009-10-21 14:13:07 ----D---- C:\Windows\system32\pl-PL
2009-10-21 14:13:07 ----D---- C:\Windows\system32\ja-JP
2009-10-21 14:13:07 ----D---- C:\Windows\system32\bg-BG
2009-10-21 14:13:06 ----D---- C:\Windows\system32\wbem
2009-10-21 14:13:05 ----D---- C:\Windows\system32\pt-BR
2009-10-21 14:13:05 ----D---- C:\Windows\system32\nl-NL
2009-10-21 14:13:05 ----D---- C:\Windows\system32\nb-NO
2009-10-21 14:13:05 ----D---- C:\Windows\system32\migwiz
2009-10-21 14:13:05 ----D---- C:\Windows\system32\lt-LT
2009-10-21 14:13:05 ----D---- C:\Windows\system32\ar-SA
2009-10-21 14:12:37 ----RSD---- C:\Windows\Fonts
2009-10-21 14:12:36 ----D---- C:\Windows\AppPatch
2009-10-21 14:12:24 ----D---- C:\Windows\system32\Boot
2009-10-21 14:09:58 ----D---- C:\Windows\system32\RTCOM
2009-10-16 16:53:09 ----D---- C:\Program Files\MobMapUpdater
2009-10-11 08:03:40 ----A---- C:\Windows\win.ini
2009-10-10 10:45:11 ----D---- C:\Program Files\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-09-15 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-09-15 74480]
R2 DLPortIO;DriverLINX Port I/O Driver; C:\Windows\system32\drivers\DLPortIO.sys [1999-01-10 3584]
R2 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-28 694784]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-05-16 2602496]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-25 1771944]
R3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2009-07-25 27136]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-12-25 67072]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-09-15 7408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

Inflames_123 · 08.11.2009, 19:08

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-04-19 186552]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-03-12 11264]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver; C:\Windows\System32\Drivers\FTD2XX.sys [2004-10-15 29292]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-05-16 602112]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-05-17 114688]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

-----------------EOF-----------------

Inflames_123 · 08.11.2009, 19:14

so ich hab das mal nen wenig einfacher gemacht will das hier nich zu spammen mit den sachen

"Antivirus Plus" Virus?

Plagegeister aller Art und deren Bekämpfung: "Antivirus Plus" Virus?