| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: IE öffnet sich automatisch mit WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.02.2010, 17:36
| #1 |
| |  IE öffnet sich automatisch mit Werbung Hallo zusammen, ich hab seid ein paar Tagen ein Problem mit meinem IE. Er öffnet sich dauernd automatisch mit Werbung. Ich denke es kann daran liegen das ich vor ein paar Tagen eine nicht ganz vertrauenswürdige datei heruntergeladen und ausgeführt hab ohne großartig darüber nachzudenken... Ich habe mich schonmal etwas schlau gemacht, und versucht das Problem zu finden und zu beseitigen, nur leider ohne Erfolg, denn alle Forenpost haben mir nicht wirklich weitergeholfen. Auch habe ich den IE gelöscht, trotzdem erscheint er im Task-Manager in den Prozessen. Ich habe mir vorab schonmal HijackThis runtergeladen und ein Logfile erstellt. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:30:54, on 23.02.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\msa.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\System32\rundll32.exe C:\Windows\PLFSetI.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Users\Maze\AppData\Local\Temp\RtkBtMnt.exe C:\Users\Maze\AppData\Local\Temp\Lwd.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Program Files\TuneUp Utilities 2010\OneClick.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\ctfmon.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Little Fighter 2 Toolbar Helper - {AE90C38C-97CF-4696-B290-C7973DC9675E} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll O2 - BHO: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Little Fighter 2 Toolbar - {C3CD744D-2FAE-4640-8297-16B5DA423104} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Maze\AppData\Local\Temp\Lwd.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 10937 bytes Ich war leider so dumm, und habe schonmal selbst daran rumgepfuscht.... Ich habe alle anzeigen mit Internet Explorer gelöscht... Hoffe das Problem ist noch zu beheben. Ich hoffe sehr das mir hier geholfen werden kann. Vielen Dank vorab. LG J.D. P.S. entschuldigung für die vielen "ich" in den Sätzen. Geändert von J.D. (23.02.2010 um 17:51 Uhr) |
|
23.02.2010, 20:09
| #2 | |
 | IE öffnet sich automatisch mit WerbungZitat:
scanne erstmals mit Malwarebytes und kopiere das Log hier rein. lg. |
|
23.02.2010, 21:21
| #3 |
| | IE öffnet sich automatisch mit Werbung Erstmal vielen dank für die rasche Antwort.
__________________Leider hat es einige zeit gedauert bis mein System überprüft war deswegen schreibe ich erst jetzt. Hier ist der Bericht. Ich hoffe ihr könnt mir auch wieterhin helfen. Danke Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3781 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 23.02.2010 21:11:12 mbam-log-2010-02-23 (21-11-12).txt Scan-Methode: Vollständiger Scan (C:\|D:\|) Durchsuchte Objekte: 300622 Laufzeit: 56 minute(s), 7 second(s) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 1 Infizierte Registrierungsschlüssel: 4 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 8 Infizierte Speicherprozesse: C:\Windows\msa.exe (Trojan.Agent) -> Unloaded process successfully. Infizierte Speichermodule: C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\losalamos (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\toy5knq8oc (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\Maze\AppData\Roaming\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully. C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot. C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Maze\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Users\Maze\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. C:\Users\Maze\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. LG |
|
24.02.2010, 19:10
| #4 | |
| | IE öffnet sich automatisch mit WerbungZitat:
lg. |
|
24.02.2010, 20:10
| #5 |
| | IE öffnet sich automatisch mit Werbung So hier ist der Log von RSIT. Vielen dank für die Hilfe  Logfile of random's system information tool 1.06 (written by random/random) Run by Maze at 2010-02-24 20:06:28 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 36 GB (25%) free of 148 GB Total RAM: 3068 MB (61% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:06:31, on 24.02.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\System32\rundll32.exe C:\Windows\PLFSetI.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Users\Maze\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\ctfmon.exe C:\Windows\system32\wuauclt.exe D:\Program Files\Steam\steam.exe C:\Users\Maze\AppData\Local\Temp\Lwd.exe C:\Users\Maze\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Maze.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Little Fighter 2 Toolbar Helper - {AE90C38C-97CF-4696-B290-C7973DC9675E} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll O2 - BHO: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Softonic Deutsch TC Toolbar - {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: Little Fighter 2 Toolbar - {C3CD744D-2FAE-4640-8297-16B5DA423104} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Maze\AppData\Local\Temp\Lwd.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 10942 bytes ======Scheduled tasks folder====== C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}] ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE90C38C-97CF-4696-B290-C7973DC9675E}] Little Fighter 2 Toolbar Helper - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll [2009-08-27 806912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1ae9383-9442-4e9c-ab8c-d441fd0021cf}] Softonic Deutsch TC Toolbar - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll [2008-11-23 1784856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0BF43445-2F28-4351-9252-17FE6E806AA0} {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896] {f1ae9383-9442-4e9c-ab8c-d441fd0021cf} - Softonic Deutsch TC Toolbar - C:\Program Files\Softonic_Deutsch_TC\tbSoft.dll [2008-11-23 1784856] {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200] {C3CD744D-2FAE-4640-8297-16B5DA423104} - Little Fighter 2 Toolbar - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter_2_Toolbar.dll [2009-08-27 806912] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-04 1037608] "ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600] "eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768] "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-28 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-28 92704] "PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-06-16 809480] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-08-14 3719680] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] "ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-09-07 152872] "CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-09-07 206120] "Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816] " Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "TOY5KNQ8OC"=C:\Users\Maze\AppData\Local\Temp\Lwd.exe [2010-02-22 153600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-10-28 257440] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-08-14 3162624] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{25c00c63-1649-11de-9bb8-0016ea646444}] shell\AutoRun\command - E:\Borderlands.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be65b71f-163b-11de-a3f2-00a0d1a9bee2}] shell\AutoRun\command - setup.exe ======List of files/folders created in the last 1 months====== 2010-02-24 20:06:28 ----D---- C:\rsit 2010-02-24 18:38:48 ----D---- C:\Windows\LastGood 2010-02-24 18:37:51 ----D---- C:\Program Files\Sony Ericsson 2010-02-23 20:12:58 ----D---- C:\Users\Maze\AppData\Roaming\Malwarebytes 2010-02-23 20:12:52 ----D---- C:\ProgramData\Malwarebytes 2010-02-23 20:12:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-22 23:58:39 ----D---- C:\Program Files\Trend Micro 2010-02-22 22:23:03 ----SHD---- C:\Config.Msi 2010-02-21 02:46:18 ----RSHD---- C:\Windows\system32\Winlog 2010-02-16 23:16:40 ----D---- C:\Program Files\Adobe 2010-02-14 00:51:15 ----D---- C:\Program Files\Windows Portable Devices 2010-02-14 00:42:30 ----A---- C:\Windows\system32\UIRibbonRes.dll 2010-02-14 00:42:30 ----A---- C:\Windows\system32\UIRibbon.dll 2010-02-14 00:42:30 ----A---- C:\Windows\system32\UIAnimation.dll 2010-02-14 00:42:11 ----A---- C:\Windows\system32\WMPhoto.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\XpsRasterService.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\d3d10warp.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\d2d1.dll 2010-02-14 00:42:10 ----A---- C:\Windows\system32\cdd.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\xpsservices.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\XpsPrint.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-02-14 00:42:09 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\OpcServices.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\FntCache.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\dxgi.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\dxdiagn.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\dxdiag.exe 2010-02-14 00:42:09 ----A---- C:\Windows\system32\DWrite.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\d3d11.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\d3d10level9.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\d3d10core.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\d3d10_1core.dll 2010-02-14 00:42:09 ----A---- C:\Windows\system32\d3d10_1.dll 2010-02-14 00:42:08 ----A---- C:\Windows\system32\d3d10.dll 2010-02-14 00:41:49 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2010-02-14 00:41:48 ----A---- C:\Windows\system32\wpdbusenum.dll 2010-02-14 00:41:48 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2010-02-14 00:41:44 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\WPDSp.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\wpdshext.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\WpdMtpUS.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\WpdMtp.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\WpdConns.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\wpd_ci.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-02-14 00:41:43 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-02-14 00:41:03 ----A---- C:\Windows\system32\UIAutomationCore.dll 2010-02-14 00:41:03 ----A---- C:\Windows\system32\oleaccrc.dll 2010-02-14 00:41:03 ----A---- C:\Windows\system32\oleacc.dll 2010-02-14 00:19:19 ----D---- C:\Users\Maze\AppData\Roaming\Intel 2010-02-12 22:44:16 ----D---- C:\Windows\system32\eu-ES 2010-02-12 22:44:16 ----D---- C:\Windows\system32\ca-ES 2010-02-12 22:44:12 ----D---- C:\Windows\system32\vi-VN 2010-02-12 12:45:01 ----D---- C:\Windows\system32\EventProviders 2010-02-12 12:44:11 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-02-12 12:44:09 ----A---- C:\Windows\system32\SLsvc.exe 2010-02-12 12:44:09 ----A---- C:\Windows\system32\SLCExt.dll 2010-02-12 12:44:08 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-02-12 12:44:08 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2010-02-12 12:44:05 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-02-12 12:44:03 ----A---- C:\Windows\system32\mssrch.dll 2010-02-12 12:44:02 ----A---- C:\Windows\system32\tquery.dll 2010-02-12 12:44:01 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-02-12 12:44:00 ----A---- C:\Windows\system32\scavenge.dll 2010-02-12 12:44:00 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-02-12 12:44:00 ----A---- C:\Windows\system32\RMActivate.exe 2010-02-12 12:43:59 ----A---- C:\Windows\system32\msi.dll 2010-02-12 12:43:59 ----A---- C:\Windows\system32\imapi2fs.dll 2010-02-12 12:43:58 ----A---- C:\Windows\system32\WscEapPr.dll 2010-02-12 12:43:58 ----A---- C:\Windows\system32\wcnwiz2.dll 2010-02-12 12:43:58 ----A---- C:\Windows\system32\sysmain.dll 2010-02-12 12:43:58 ----A---- C:\Windows\system32\secproc_isv.dll 2010-02-12 12:43:57 ----A---- C:\Windows\system32\icardagt.exe 2010-02-12 12:43:56 ----A---- C:\Windows\system32\EhStorShell.dll 2010-02-12 12:43:56 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-02-12 12:43:55 ----A---- C:\Windows\system32\spreview.exe 2010-02-12 12:43:55 ----A---- C:\Windows\system32\spinstall.exe 2010-02-12 12:43:55 ----A---- C:\Windows\system32\drmv2clt.dll 2010-02-12 12:43:54 ----A---- C:\Windows\system32\spwizui.dll 2010-02-12 12:43:54 ----A---- C:\Windows\system32\shell32.dll 2010-02-12 12:43:54 ----A---- C:\Windows\system32\secproc.dll 2010-02-12 12:43:54 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2010-02-12 12:43:53 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-02-12 12:43:53 ----A---- C:\Windows\system32\p2psvc.dll 2010-02-12 12:43:53 ----A---- C:\Windows\system32\mssvp.dll 2010-02-12 12:43:52 ----A---- C:\Windows\system32\mssphtb.dll 2010-02-12 12:43:52 ----A---- C:\Windows\system32\mssph.dll 2010-02-12 12:43:52 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2010-02-12 12:43:52 ----A---- C:\Windows\system32\mscoree.dll 2010-02-12 12:43:52 ----A---- C:\Windows\system32\imapi2.dll 2010-02-12 12:43:51 ----A---- C:\Windows\system32\sdohlp.dll 2010-02-12 12:43:51 ----A---- C:\Windows\system32\IMJP10K.DLL 2010-02-12 12:43:51 ----A---- C:\Windows\system32\esent.dll 2010-02-12 12:43:51 ----A---- C:\Windows\system32\DevicePairing.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\wevtsvc.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\sperror.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\SLC.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-02-12 12:43:50 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-02-12 12:43:50 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\msshsq.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\korwbrkr.dll 2010-02-12 12:43:50 ----A---- C:\Windows\system32\IasMigReader.exe 2010-02-12 12:43:49 ----A---- C:\Windows\system32\msjet40.dll 2010-02-12 12:43:48 ----A---- C:\Windows\system32\MPSSVC.dll 2010-02-12 12:43:47 ----A---- C:\Windows\system32\Query.dll 2010-02-12 12:43:47 ----A---- C:\Windows\system32\qmgr.dll 2010-02-12 12:43:47 ----A---- C:\Windows\system32\P2PGraph.dll 2010-02-12 12:43:47 ----A---- C:\Windows\system32\msexch40.dll 2010-02-12 12:43:47 ----A---- C:\Windows\system32\diagperf.dll 2010-02-12 12:43:46 ----A---- C:\Windows\system32\winload.exe 2010-02-12 12:43:46 ----A---- C:\Windows\system32\srchadmin.dll 2010-02-12 12:43:46 ----A---- C:\Windows\system32\ole32.dll 2010-02-12 12:43:46 ----A---- C:\Windows\system32\ntdll.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\uDWM.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\riched20.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\mmc.exe 2010-02-12 12:43:45 ----A---- C:\Windows\system32\mblctr.exe 2010-02-12 12:43:45 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\fdBth.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\EncDec.dll 2010-02-12 12:43:45 ----A---- C:\Windows\system32\dfsr.exe 2010-02-12 12:43:44 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-02-12 12:43:44 ----A---- C:\Windows\system32\RacEngn.dll 2010-02-12 12:43:44 ----A---- C:\Windows\system32\kernel32.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\spoolss.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-02-12 12:43:43 ----A---- C:\Windows\system32\schedsvc.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\milcore.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-02-12 12:43:43 ----A---- C:\Windows\system32\CertEnroll.dll 2010-02-12 12:43:42 ----A---- C:\Windows\system32\msvcp60.dll 2010-02-12 12:43:42 ----A---- C:\Windows\system32\msjtes40.dll 2010-02-12 12:43:42 ----A---- C:\Windows\system32\infocardapi.dll 2010-02-12 12:43:42 ----A---- C:\Windows\system32\gpedit.dll 2010-02-12 12:43:42 ----A---- C:\Windows\system32\fsquirt.exe 2010-02-12 12:43:42 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-02-12 12:43:41 ----A---- C:\Windows\system32\WinSAT.exe 2010-02-12 12:43:40 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-02-12 12:43:40 ----A---- C:\Windows\system32\mstext40.dll 2010-02-12 12:43:40 ----A---- C:\Windows\system32\Magnify.exe 2010-02-12 12:43:40 ----A---- C:\Windows\system32\es.dll 2010-02-12 12:43:40 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-02-12 12:43:40 ----A---- C:\Windows\system32\advapi32.dll 2010-02-12 12:43:39 ----A---- C:\Windows\system32\WebClnt.dll 2010-02-12 12:43:39 ----A---- C:\Windows\system32\slwmi.dll 2010-02-12 12:43:39 ----A---- C:\Windows\system32\msexcl40.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\vssapi.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\msxbde40.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\msfeeds.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\comsvcs.dll 2010-02-12 12:43:38 ----A---- C:\Windows\system32\authui.dll 2010-02-12 12:43:37 ----A---- C:\Windows\system32\vbscript.dll 2010-02-12 12:43:37 ----A---- C:\Windows\system32\propsys.dll 2010-02-12 12:43:37 ----A---- C:\Windows\system32\PresentationHost.exe 2010-02-12 12:43:37 ----A---- C:\Windows\system32\newdev.dll 2010-02-12 12:43:37 ----A---- C:\Windows\system32\NetProjW.dll 2010-02-12 12:43:37 ----A---- C:\Windows\system32\msrepl40.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\setupapi.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\rpcss.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\mspbde40.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\iedkcs32.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\iasrecst.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\gpsvc.dll 2010-02-12 12:43:36 ----A---- C:\Windows\system32\eudcedit.exe 2010-02-12 12:43:36 ----A---- C:\Windows\system32\crypt32.dll 2010-02-12 12:43:36 ----A---- C:\Windows\explorer.exe 2010-02-12 12:43:35 ----A---- C:\Windows\system32\shlwapi.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\msltus40.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\mfc42.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\davclnt.dll 2010-02-12 12:43:35 ----A---- C:\Windows\system32\d3d9.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\wevtapi.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\photowiz.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\nlhtml.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\msrd3x40.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\msdtctm.dll 2010-02-12 12:43:34 ----A---- C:\Windows\system32\browseui.dll 2010-02-12 12:43:33 ----A---- C:\Windows\system32\user32.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\win32spl.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\WcnNetsh.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\SLCommDlg.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\samsrv.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\oleaut32.dll 2010-02-12 12:43:32 ----A---- C:\Windows\system32\ci.dll 2010-02-12 12:43:31 ----A---- C:\Windows\system32\netshell.dll 2010-02-12 12:43:31 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-02-12 12:43:31 ----A---- C:\Windows\system32\compcln.exe 2010-02-12 12:43:31 ----A---- C:\Windows\system32\apds.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\xmlfilter.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\mswstr10.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\msvcrt.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\msctf.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\emdmgmt.dll 2010-02-12 12:43:30 ----A---- C:\Windows\system32\audiosrv.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\VSSVC.exe 2010-02-12 12:43:29 ----A---- C:\Windows\system32\sqlsrv32.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\SLUI.exe 2010-02-12 12:43:29 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-02-12 12:43:29 ----A---- C:\Windows\system32\msrd2x40.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\mfc42u.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\gdi32.dll 2010-02-12 12:43:29 ----A---- C:\Windows\system32\eapphost.dll 2010-02-12 12:43:28 ----A---- C:\Windows\system32\winresume.exe 2010-02-12 12:43:28 ----A---- C:\Windows\system32\shdocvw.dll 2010-02-12 12:43:28 ----A---- C:\Windows\system32\propdefs.dll 2010-02-12 12:43:28 ----A---- C:\Windows\system32\odbc32.dll 2010-02-12 12:43:27 ----A---- C:\Windows\system32\WsmSvc.dll 2010-02-12 12:43:27 ----A---- C:\Windows\system32\wevtutil.exe 2010-02-12 12:43:27 ----A---- C:\Windows\system32\mssitlb.dll 2010-02-12 12:43:27 ----A---- C:\Windows\system32\dbgeng.dll 2010-02-12 12:43:26 ----A---- C:\Windows\system32\vds.exe 2010-02-12 12:43:26 ----A---- C:\Windows\system32\usp10.dll 2010-02-12 12:43:26 ----A---- C:\Windows\system32\swprv.dll 2010-02-12 12:43:26 ----A---- C:\Windows\system32\mshtmled.dll 2010-02-12 12:43:26 ----A---- C:\Windows\system32\mmcndmgr.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\netlogon.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\msscb.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\msctfp.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\drvinst.exe 2010-02-12 12:43:25 ----A---- C:\Windows\system32\devmgr.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2010-02-12 12:43:25 ----A---- C:\Windows\system32\BFE.DLL 2010-02-12 12:43:25 ----A---- C:\Windows\system32\adsldpc.dll 2010-02-12 12:43:24 ----A---- C:\Windows\system32\WMVSDECD.DLL 2010-02-12 12:43:24 ----A---- C:\Windows\system32\Wldap32.dll 2010-02-12 12:43:24 ----A---- C:\Windows\system32\wcnwiz.dll 2010-02-12 12:43:24 ----A---- C:\Windows\system32\evr.dll 2010-02-12 12:43:23 ----A---- C:\Windows\system32\wercon.exe 2010-02-12 12:43:23 ----A---- C:\Windows\system32\services.exe 2010-02-12 12:43:23 ----A---- C:\Windows\system32\mimefilt.dll 2010-02-12 12:43:23 ----A---- C:\Windows\system32\iertutil.dll 2010-02-12 12:43:23 ----A---- C:\Windows\system32\comdlg32.dll 2010-02-12 12:43:23 ----A---- C:\Windows\system32\adtschema.dll 2010-02-12 12:43:22 ----A---- C:\Windows\system32\wcncsvc.dll 2010-02-12 12:43:22 ----A---- C:\Windows\system32\msdtcprx.dll 2010-02-12 12:43:22 ----A---- C:\Windows\system32\msdrm.dll 2010-02-12 12:43:22 ----A---- C:\Windows\system32\certcli.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\w32time.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\umpnpmgr.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\taskeng.exe 2010-02-12 12:43:21 ----A---- C:\Windows\system32\rtffilt.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\reg.exe 2010-02-12 12:43:21 ----A---- C:\Windows\system32\mswdat10.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\msjter40.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\ipsmsnap.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\dnsapi.dll 2010-02-12 12:43:21 ----A---- C:\Windows\system32\certutil.exe 2010-02-12 12:43:20 ----A---- C:\Windows\system32\TsWpfWrp.exe 2010-02-12 12:43:20 ----A---- C:\Windows\system32\rsaenh.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\msstrc.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\msshooks.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\msscntrs.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\msihnd.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\MMDevAPI.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-02-12 12:43:20 ----A---- C:\Windows\system32\bthserv.dll 2010-02-12 12:43:20 ----A---- C:\Windows\system32\bcrypt.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\netapi32.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\mtxclu.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\mscories.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\inetpp.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\inetcomm.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\hidserv.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\fundisc.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\dfshim.dll 2010-02-12 12:43:19 ----A---- C:\Windows\system32\cryptsvc.dll 2010-02-12 12:43:18 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-02-12 12:43:18 ----A---- C:\Windows\system32\termsrv.dll 2010-02-12 12:43:18 ----A---- C:\Windows\system32\profsvc.dll 2010-02-12 12:43:18 ----A---- C:\Windows\system32\imapi.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\wdc.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\spoolsv.exe 2010-02-12 12:43:17 ----A---- C:\Windows\system32\shsvcs.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\rasmans.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\pnidui.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\msiexec.exe 2010-02-12 12:43:17 ----A---- C:\Windows\system32\icardres.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\iassdo.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\chsbrkr.dll 2010-02-12 12:43:17 ----A---- C:\Windows\system32\autofmt.exe 2010-02-12 12:43:16 ----A---- C:\Windows\system32\wersvc.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\slmgr.vbs 2010-02-12 12:43:16 ----A---- C:\Windows\system32\scrrun.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\PSHED.DLL 2010-02-12 12:43:16 ----A---- C:\Windows\system32\pidgenx.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\pdh.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\CertEnrollUI.dll 2010-02-12 12:43:16 ----A---- C:\Windows\system32\azroles.dll 2010-02-12 12:43:15 ----A---- C:\Windows\system32\wmpmde.dll 2010-02-12 12:43:15 ----A---- C:\Windows\system32\winlogon.exe 2010-02-12 12:43:15 ----A---- C:\Windows\system32\SyncCenter.dll 2010-02-12 12:43:14 ----A---- C:\Windows\system32\SLUINotify.dll 2010-02-12 12:43:14 ----A---- C:\Windows\system32\ncrypt.dll 2010-02-12 12:43:14 ----A---- C:\Windows\system32\msjetoledb40.dll 2010-02-12 12:43:14 ----A---- C:\Windows\system32\comuid.dll 2010-02-12 12:43:14 ----A---- C:\Windows\system32\certmgr.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\wisptis.exe 2010-02-12 12:43:13 ----A---- C:\Windows\system32\untfs.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\taskcomp.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\spp.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\sethc.exe 2010-02-12 12:43:13 ----A---- C:\Windows\system32\scrobj.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\rtutils.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\printui.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\kd1394.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\iassam.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\iasnap.dll 2010-02-12 12:43:13 ----A---- C:\Windows\system32\dwm.exe 2010-02-12 12:43:13 ----A---- C:\Windows\system32\autochk.exe 2010-02-12 12:43:12 ----A---- C:\Windows\system32\wow32.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\winsrv.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\userenv.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\osk.exe 2010-02-12 12:43:12 ----A---- C:\Windows\system32\onex.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\mswsock.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\kdcom.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\cscript.exe 2010-02-12 12:43:12 ----A---- C:\Windows\system32\basecsp.dll 2010-02-12 12:43:12 ----A---- C:\Windows\system32\autoconv.exe 2010-02-12 12:43:12 ----A---- C:\Windows\system32\audiodg.exe 2010-02-12 12:43:11 ----A---- C:\Windows\system32\WinSCard.dll 2010-02-12 12:43:11 ----A---- C:\Windows\system32\winmm.dll 2010-02-12 12:43:11 ----A---- C:\Windows\system32\spcmsg.dll 2010-02-12 12:43:11 ----A---- C:\Windows\system32\RelMon.dll 2010-02-12 12:43:11 ----A---- C:\Windows\system32\rdpencom.dll 2010-02-12 12:43:11 ----A---- C:\Windows\system32\kdusb.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\wsepno.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\WerFaultSecure.exe 2010-02-12 12:43:10 ----A---- C:\Windows\system32\WerFault.exe 2010-02-12 12:43:10 ----A---- C:\Windows\system32\Utilman.exe 2010-02-12 12:43:10 ----A---- C:\Windows\system32\stobject.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\offfilt.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\msftedit.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\mfplat.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-02-12 12:43:10 ----A---- C:\Windows\system32\diskraid.exe 2010-02-12 12:43:10 ----A---- C:\Windows\system32\apphelp.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\wscript.exe 2010-02-12 12:43:09 ----A---- C:\Windows\system32\wiaservc.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\sysclass.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\SndVol.exe 2010-02-12 12:43:09 ----A---- C:\Windows\system32\prnntfy.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\odbccp32.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\msnetobj.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\mscms.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\mcmde.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\iasdatastore.dll 2010-02-12 12:43:09 ----A---- C:\Windows\system32\adsmsext.dll 2010-02-12 12:43:06 ----A---- C:\Windows\system32\ulib.dll 2010-02-12 12:43:06 ----A---- C:\Windows\system32\dsound.dll 2010-02-12 12:43:05 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2010-02-12 12:43:05 ----A---- C:\Windows\system32\cryptui.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\wscntfy.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\wlangpui.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\vdsdyn.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\rastapi.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\pnpsetup.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\ipsecsnp.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\iashlpr.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\gpapi.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\fdProxy.dll 2010-02-12 12:43:04 ----A---- C:\Windows\system32\diskpart.exe 2010-02-12 12:43:04 ----A---- C:\Windows\system32\brcpl.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\wscsvc.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\WMVENCOD.DLL 2010-02-12 12:43:03 ----A---- C:\Windows\system32\regsvc.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\rasapi32.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\ntprint.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\mscorier.dll 2010-02-12 12:43:03 ----A---- C:\Windows\system32\logman.exe 2010-02-12 12:43:02 ----A---- C:\Windows\system32\zipfldr.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\wusa.exe 2010-02-12 12:43:02 ----A---- C:\Windows\system32\wshext.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\wpccpl.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\webcheck.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\netcenter.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\iasrad.dll 2010-02-12 12:43:02 ----A---- C:\Windows\system32\findstr.exe 2010-02-12 12:43:01 ----A---- C:\Windows\system32\wsnmp32.dll 2010-02-12 12:43:01 ----A---- C:\Windows\system32\wer.dll 2010-02-12 12:43:01 ----A---- C:\Windows\system32\themecpl.dll 2010-02-12 12:43:01 ----A---- C:\Windows\system32\rasdlg.dll 2010-02-12 12:43:01 ----A---- C:\Windows\system32\iassvcs.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\uxsms.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\srvsvc.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\slcc.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\scansetting.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\ntmarta.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\msutb.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\mstlsapi.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\mssprxy.dll 2010-02-12 12:43:00 ----A---- C:\Windows\system32\iasads.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\sud.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\powrprof.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\powercpl.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\newdev.exe 2010-02-12 12:42:59 ----A---- C:\Windows\system32\networkmap.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\mstsc.exe 2010-02-12 12:42:59 ----A---- C:\Windows\system32\iasacct.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\dot3svc.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\connect.dll 2010-02-12 12:42:59 ----A---- C:\Windows\system32\authz.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\usercpl.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\themeui.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\systemcpl.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\samlib.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\qdvd.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\pcaui.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\mmci.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\autoplay.dll 2010-02-12 12:42:58 ----A---- C:\Windows\system32\accessibilitycpl.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\wpcao.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\wlanpref.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\vdsutil.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\tapisrv.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\scksp.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\scesrv.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\rpchttp.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\regapi.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\psisdecd.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\msinfo32.exe 2010-02-12 12:42:57 ----A---- C:\Windows\system32\mpr.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\ieaksie.dll 2010-02-12 12:42:57 ----A---- C:\Windows\system32\feclient.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\wscisvif.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\TSTheme.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\sdclt.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\scecli.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\rekeywiz.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\rasplap.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\rasgcw.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\qedit.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\pnpui.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\perfdisk.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\oleprn.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\ncryptui.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\imm32.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\iaspolcy.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\hdwwiz.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-02-12 12:42:56 ----A---- C:\Windows\system32\Faultrep.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\extmgr.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\dpapimig.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\dot3msm.dll 2010-02-12 12:42:56 ----A---- C:\Windows\system32\DeviceEject.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\certreq.exe 2010-02-12 12:42:56 ----A---- C:\Windows\system32\AudioSes.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\whealogr.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\tcpmon.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\srcore.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\spwinsat.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\SnippingTool.exe 2010-02-12 12:42:55 ----A---- C:\Windows\system32\SCardSvr.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\raschap.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-02-12 12:42:55 ----A---- C:\Windows\system32\MSVidCtl.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\fontext.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\fdWSD.dll 2010-02-12 12:42:55 ----A---- C:\Windows\system32\conime.exe 2010-02-12 12:42:55 ----A---- C:\Windows\system32\cmmon32.exe 2010-02-12 12:42:55 ----A---- C:\Windows\system32\cmdial32.dll 2010-02-12 12:42:54 ----A---- C:\Windows\system32\WMVXENCD.DLL 2010-02-12 12:42:54 ----A---- C:\Windows\system32\wlanui.dll 2010-02-12 12:42:54 ----A---- C:\Windows\system32\wiaaut.dll 2010-02-12 12:42:54 ----A---- C:\Windows\system32\shwebsvc.dll 2010-02-12 12:42:54 ----A---- C:\Windows\system32\rasppp.dll 2010-02-12 12:42:54 ----A---- C:\Windows\system32\PnPutil.exe 2010-02-12 12:42:54 ----A---- C:\Windows\system32\dsprop.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\wmdrmsdk.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\wlgpclnt.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\smss.exe 2010-02-12 12:42:53 ----A---- C:\Windows\system32\shsetup.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\rdpwsx.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\rasmontr.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\oobefldr.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\occache.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\netplwiz.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\mscandui.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\modemui.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\dimsroam.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\dataclen.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\credui.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\chtbrkr.dll 2010-02-12 12:42:53 ----A---- C:\Windows\system32\blackbox.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\WSDMon.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\wscapi.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\wpcsvc.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\wmpeffects.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\thawbrkr.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\softkbd.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\sendmail.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\olepro32.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\networkexplorer.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\mstime.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\msscp.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\msrating.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\msimtf.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\msctfui.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\logagent.exe 2010-02-12 12:42:52 ----A---- C:\Windows\system32\InkEd.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\ifmon.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\gpresult.exe 2010-02-12 12:42:52 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\dmsynth.dll 2010-02-12 12:42:52 ----A---- C:\Windows\system32\cipher.exe 2010-02-12 12:42:52 ----A---- C:\Windows\system32\certprop.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\wshbth.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\version.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\SLLUA.exe 2010-02-12 12:42:51 ----A---- C:\Windows\system32\puiapi.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\msjint40.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\msisip.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\mprapi.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\input.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\fdSSDP.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\fc.exe 2010-02-12 12:42:51 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\eapp3hst.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\dmusic.dll 2010-02-12 12:42:51 ----A---- C:\Windows\system32\cscapi.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\wsdchngr.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\Storprop.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\SMBHelperClass.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\rasdial.exe 2010-02-12 12:42:50 ----A---- C:\Windows\system32\rasdiag.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\l2nacp.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\ftp.exe 2010-02-12 12:42:50 ----A---- C:\Windows\system32\fdWCN.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\eappcfg.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\dot3cfg.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\cscdll.dll 2010-02-12 12:42:50 ----A---- C:\Windows\system32\bthudtask.exe 2010-02-12 12:42:50 ----A---- C:\Windows\system32\bthci.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\tscupgrd.exe 2010-02-12 12:42:49 ----A---- C:\Windows\system32\slcinst.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\ocsetup.exe 2010-02-12 12:42:49 ----A---- C:\Windows\system32\nslookup.exe 2010-02-12 12:42:49 ----A---- C:\Windows\system32\networkitemfactory.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\mmcico.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\ipconfig.exe 2010-02-12 12:42:49 ----A---- C:\Windows\system32\hbaapi.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\gpupdate.exe 2010-02-12 12:42:49 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\fdeploy.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\eappgnui.dll 2010-02-12 12:42:49 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\winrnr.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\vdmdbg.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\slwga.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\odbcconf.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\NcdProp.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\midimap.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\iscsilog.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\inetppui.dll 2010-02-12 12:42:48 ----A---- C:\Windows\system32\csrstub.exe 2010-02-12 12:42:48 ----A---- C:\Windows\system32\cbsra.exe 2010-02-12 12:42:48 ----A---- C:\Windows\system32\bitsigd.dll 2010-02-12 12:42:46 ----A---- C:\Windows\system32\msimsg.dll 2010-02-12 12:42:46 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-02-12 12:42:26 ----A---- C:\Windows\system32\SmiEngine.dll 2010-02-12 12:42:17 ----A---- C:\Windows\system32\wdscore.dll 2010-02-12 12:42:17 ----A---- C:\Windows\system32\PkgMgr.exe 2010-02-12 12:42:03 ----A---- C:\Windows\system32\drvstore.dll 2010-02-11 19:08:32 ----D---- C:\Users\Maze\AppData\Roaming\PowerCinema 2010-02-10 21:27:24 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-02-10 21:27:24 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-02-10 21:26:39 ----A---- C:\Windows\system32\quartz.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\tsbyuv.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\msyuv.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\msvidc32.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\msvfw32.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\msrle32.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\mciavi32.dll 2010-02-10 21:26:38 ----A---- C:\Windows\system32\iyuv_32.dll 2010-02-10 21:26:37 ----A---- C:\Windows\system32\avifil32.dll 2010-02-03 17:30:38 ----D---- C:\Program Files\iPod 2010-02-03 17:28:52 ----D---- C:\Program Files\QuickTime ======List of files/folders modified in the last 1 months====== 2010-02-24 20:06:30 ----D---- C:\Windows\Temp 2010-02-24 20:05:24 ----A---- C:\Windows\Filzip.ini 2010-02-24 20:02:54 ----D---- C:\Windows\system32\Tasks 2010-02-24 20:02:53 ----D---- C:\Windows\Tasks 2010-02-24 19:00:02 ----SHD---- C:\System Volume Information 2010-02-24 18:40:01 ----D---- C:\Windows\system32\catroot 2010-02-24 18:40:01 ----D---- C:\Windows\inf 2010-02-24 18:38:53 ----D---- C:\Windows\system32\drivers 2010-02-24 18:38:48 ----D---- C:\Windows 2010-02-24 18:37:51 ----RD---- C:\Program Files 2010-02-24 18:35:57 ----D---- C:\Windows\system32\catroot2 2010-02-24 18:35:53 ----D---- C:\Windows\winsxs 2010-02-24 18:35:32 ----D---- C:\Windows\System32 2010-02-24 18:35:32 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-02-23 21:12:28 ----D---- C:\Windows\FixRandomBrightness 2010-02-23 20:12:52 ----HD---- C:\ProgramData 2010-02-23 17:46:46 ----SD---- C:\ProgramData\Microsoft 2010-02-23 17:03:44 ----D---- C:\Program Files\Mozilla Firefox 2010-02-22 22:28:57 ----D---- C:\Program Files\Yahoo! 2010-02-22 22:28:56 ----D---- C:\Windows\Prefetch 2010-02-22 22:23:49 ----SHD---- C:\Windows\Installer 2010-02-22 22:23:41 ----D---- C:\Program Files\TuneUp Utilities 2010 2010-02-22 15:18:38 ----D---- C:\Users\Maze\AppData\Roaming\Skype 2010-02-22 14:19:45 ----D---- C:\Users\Maze\AppData\Roaming\skypePM 2010-02-21 00:47:11 ----D---- C:\Program Files\Common Files\Steam 2010-02-18 13:29:44 ----A---- C:\Windows\system32\TURegOpt.exe 2010-02-18 13:22:50 ----A---- C:\Windows\system32\authuitu.dll 2010-02-18 13:22:36 ----A---- C:\Windows\system32\uxtuneup.dll 2010-02-17 16:02:56 ----D---- C:\ProgramData\Adobe 2010-02-16 23:16:50 ----D---- C:\Program Files\Common Files\Adobe 2010-02-14 01:08:28 ----D---- C:\Windows\rescache 2010-02-14 01:00:30 ----D---- C:\Windows\Microsoft.NET 2010-02-14 01:00:24 ----RSD---- C:\Windows\assembly 2010-02-14 00:51:17 ----D---- C:\Windows\system32\de-DE 2010-02-14 00:51:15 ----D---- C:\Windows\system32\wbem 2010-02-14 00:51:13 ----D---- C:\Windows\system32\zh-TW 2010-02-14 00:51:13 ----D---- C:\Windows\system32\zh-HK 2010-02-14 00:51:13 ----D---- C:\Windows\system32\uk-UA 2010-02-14 00:51:13 ----D---- C:\Windows\system32\tr-TR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\th-TH 2010-02-14 00:51:13 ----D---- C:\Windows\system32\sv-SE 2010-02-14 00:51:13 ----D---- C:\Windows\system32\sr-Latn-CS 2010-02-14 00:51:13 ----D---- C:\Windows\system32\sl-SI 2010-02-14 00:51:13 ----D---- C:\Windows\system32\sk-SK 2010-02-14 00:51:13 ----D---- C:\Windows\system32\pt-PT 2010-02-14 00:51:13 ----D---- C:\Windows\system32\pt-BR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\pl-PL 2010-02-14 00:51:13 ----D---- C:\Windows\system32\nl-NL 2010-02-14 00:51:13 ----D---- C:\Windows\system32\lv-LV 2010-02-14 00:51:13 ----D---- C:\Windows\system32\lt-LT 2010-02-14 00:51:13 ----D---- C:\Windows\system32\ko-KR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\it-IT 2010-02-14 00:51:13 ----D---- C:\Windows\system32\hu-HU 2010-02-14 00:51:13 ----D---- C:\Windows\system32\hr-HR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\he-IL 2010-02-14 00:51:13 ----D---- C:\Windows\system32\fr-FR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\fi-FI 2010-02-14 00:51:13 ----D---- C:\Windows\system32\et-EE 2010-02-14 00:51:13 ----D---- C:\Windows\system32\es-ES 2010-02-14 00:51:13 ----D---- C:\Windows\system32\el-GR 2010-02-14 00:51:13 ----D---- C:\Windows\system32\bg-BG 2010-02-14 00:51:12 ----D---- C:\Windows\system32\zh-CN 2010-02-14 00:51:12 ----D---- C:\Windows\system32\ru-RU 2010-02-14 00:51:12 ----D---- C:\Windows\system32\ro-RO 2010-02-14 00:51:12 ----D---- C:\Windows\system32\nb-NO 2010-02-14 00:51:12 ----D---- C:\Windows\system32\ja-JP 2010-02-14 00:51:12 ----D---- C:\Windows\system32\en-US 2010-02-14 00:51:12 ----D---- C:\Windows\system32\da-DK 2010-02-14 00:51:12 ----D---- C:\Windows\system32\cs-CZ 2010-02-14 00:51:12 ----D---- C:\Windows\system32\ar-SA 2010-02-13 14:28:23 ----SHD---- C:\Boot 2010-02-12 22:46:08 ----D---- C:\Program Files\Windows Mail 2010-02-12 22:46:08 ----D---- C:\Program Files\Windows Calendar 2010-02-12 22:46:08 ----D---- C:\Program Files\Movie Maker 2010-02-12 22:46:06 ----D---- C:\Program Files\Windows Sidebar 2010-02-12 22:46:06 ----D---- C:\Program Files\Internet Explorer 2010-02-12 22:46:05 ----D---- C:\Program Files\Windows Media Player 2010-02-12 22:46:05 ----D---- C:\Program Files\Windows Journal 2010-02-12 22:46:05 ----D---- C:\Program Files\Windows Collaboration 2010-02-12 22:46:03 ----D---- C:\Program Files\Windows Photo Gallery 2010-02-12 22:46:03 ----D---- C:\Program Files\Common Files\System 2010-02-12 22:45:57 ----D---- C:\Windows\servicing 2010-02-12 22:45:57 ----D---- C:\Windows\ehome 2010-02-12 22:45:57 ----D---- C:\Program Files\Windows Defender 2010-02-12 22:45:37 ----D---- C:\Windows\IME 2010-02-12 22:45:36 ----D---- C:\Windows\system32\XPSViewer 2010-02-12 22:45:32 ----D---- C:\Windows\system32\oobe 2010-02-12 22:45:31 ----D---- C:\Windows\system32\migration 2010-02-12 22:45:27 ----D---- C:\Windows\system32\SLUI 2010-02-12 22:45:27 ----D---- C:\Windows\system32\setup 2010-02-12 22:45:27 ----D---- C:\Windows\system32\AdvancedInstallers 2010-02-12 22:45:26 ----D---- C:\Windows\system32\manifeststore 2010-02-12 22:45:19 ----D---- C:\Windows\system32\migwiz 2010-02-12 22:44:24 ----RSD---- C:\Windows\Fonts 2010-02-12 22:44:23 ----D---- C:\Windows\AppPatch 2010-02-12 22:44:12 ----D---- C:\Windows\system32\Boot 2010-02-12 22:43:19 ----D---- C:\Windows\system32\RTCOM 2010-02-12 22:41:22 ----D---- C:\ProgramData\NVIDIA 2010-02-11 19:08:44 ----D---- C:\ProgramData\CyberLink 2010-02-07 01:44:57 ----D---- C:\Program Files\DScaler5 2010-02-07 01:44:53 ----D---- C:\Program Files\AC3Filter 2010-02-07 01:44:26 ----D---- C:\Windows\system32\languages 2010-02-07 01:44:26 ----D---- C:\Windows\system32\custom matrices 2010-02-07 01:44:24 ----A---- C:\Windows\system32\unins000.exe 2010-02-07 01:38:40 ----D---- C:\Program Files\Zoom Player 2010-02-03 17:30:37 ----D---- C:\Program Files\Common Files\Apple 2010-02-02 23:28:40 ----RD---- C:\Program Files\Skype 2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe 2010-01-28 12:31:20 ----D---- C:\Windows\system32\config ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/02/11 19:09:08]; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-09-11 87536] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-04 279712] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-20 56816] R2 enodpl;enodpl; C:\Windows\System32\drivers\enodpl.sys [2003-03-02 7552] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-04 25888] R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368] R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944] R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464] R2 tandpl;tandpl; C:\Windows\System32\drivers\tandpl.sys [2003-04-18 4736] R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560] R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424] R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-05-19 47104] R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-06-28 43040] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-28 7537824] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-24 27632] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-04 196784] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-05-26 40752] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] S3 aylp2rl4;aylp2rl4; C:\Windows\system32\drivers\aylp2rl4.sys [] S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BthPort;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-08-27 25280] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2007-12-16 75776] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-04-16 75048] R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784] R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 815104] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840] R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456] R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-08-14 3520512] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-28 196608] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 466944] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024] R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-18 1047368] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-05-26 599344] R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-02-20 332720] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-22 435016] -----------------EOF----------------- lg |
|
24.02.2010, 21:09
| #6 | |
| | IE öffnet sich automatisch mit WerbungZitat:
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job C:\Users\Maze\AppData\Local\Temp\Lwd.exe C:\Windows\system32\drivers\aylp2rl4.sys hier VirusTotal - Kostenloser online Viren- und Malwarescanner hochladen, überprüfen und die gesamten Logs posten. (Kopiere die Pfade direkt bei VirusTotal ein > Klicke auf das Eingabe Fenster und kopiere den Pfad ein unter "Dateiname") > E:\Borderlands.exe Hast du eine Crack Datei runtergeladen? Ist E:\ bei dir eine eksterne Festplatte? > Rootkit Scan: http://www2.gmer.net/catchme.exe Download zum Desktop, Doppelklicken, auf "Scan" klicken, Scan abwarten und das Log posten. > Download dir SUPERAntiSpyware.com - AntiAdware. AntiSpyware. AntiMalware.. Führe ein Voll Scan durch. Trenne den Pc vom Netz solange der Scan ausgeführt wird. Poste das Log. > Alle Wechselmedien, USB Sticks etc. bei Scanns anschliessen und scannen lassen! lg. |
|
24.02.2010, 21:48
| #7 |
| | IE öffnet sich automatisch mit Werbung Nochmals vielen dank für die Hilfe. Ich habe mir heute abend ein neues Virenprogramm zugelegt, Kaspersky. Damit hab ich mal mein pc überprüfen lassen und es hat mir die zwei Dateien C:\Users\Maze\AppData\Local\Temp\Lwd.exe C:\Windows\system32\drivers\aylp2rl4.sys angezeigt und bereinigt. Deshalb finde ich diese auch nicht mehr bei virustotal, und wenn ich versuch die C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job Datei zu finden sagt er mir immer das ich nicht über die nötigen Rechte verfüge, obwohl ich der einzige Benutzer des PC´s und somit auch Admin bin... Die Datei http://www2.gmer.net/catchme.exe habe ich mir trotzdem mal runtergeladen und drüber laufen lassen. Hier der Log: catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-24 21:34:27 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001fe2f1a200] "001e45e1d283"=hex:1e,88,73,b1,44,8b,6e,14,f6,f6,cd,42,cf,f6,0b,c7 "001e456167b2"=hex:1f,b5,24,59,70,63,c0,b6,30,9f,1c,5d,92,a4,3e,4e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:f9,bd,9e,e2,a1,fb,54,36,bf,5d,d5,c3,cb,34,01,e3,9b,6a,1d,aa,15,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,7a,fd,ec,1c,a2,6a,b0,6a,46,4c,3c,b3,ca,66,55,00,bc,.. "khjeh"=hex:0e,69,58,7a,2d,ad,7e,48,e4,15,9a,3d,e8,d5,77,c3,dd,21,a3,a9,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:f2,6f,fb,25,2b,a2,ca,73,32,97,b9,0d,e6,f7,0b,fc,98,47,78,dd,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:f9,bd,9e,e2,a1,fb,54,36,bf,5d,d5,c3,cb,34,01,e3,9b,6a,1d,aa,15,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,7a,fd,ec,1c,a2,6a,b0,6a,46,4c,3c,b3,ca,66,55,00,bc,.. "khjeh"=hex:0e,69,58,7a,2d,ad,7e,48,e4,15,9a,3d,e8,d5,77,c3,dd,21,a3,a9,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:f2,6f,fb,25,2b,a2,ca,73,32,97,b9,0d,e6,f7,0b,fc,98,47,78,dd,6d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001fe2f1a200] "001e45e1d283"=hex:1e,88,73,b1,44,8b,6e,14,f6,f6,cd,42,cf,f6,0b,c7 "001e456167b2"=hex:1f,b5,24,59,70,63,c0,b6,30,9f,1c,5d,92,a4,3e,4e [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:f9,bd,9e,e2,a1,fb,54,36,bf,5d,d5,c3,cb,34,01,e3,9b,6a,1d,aa,15,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,7a,fd,ec,1c,a2,6a,b0,6a,46,4c,3c,b3,ca,66,55,00,bc,.. "khjeh"=hex:0e,69,58,7a,2d,ad,7e,48,e4,15,9a,3d,e8,d5,77,c3,dd,21,a3,a9,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:f2,6f,fb,25,2b,a2,ca,73,32,97,b9,0d,e6,f7,0b,fc,98,47,78,dd,6d,.. scanning hidden registry entries ... scanning hidden files ... C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS02702.log 131072 bytes C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS02703.log scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 2 die Datei E:\Borderlands.exe ist tatsächlich eine Crack-Datei, die habe ich von einem Kollegen bekommen, aber an dieser sollte es nicht liegen den obwohl sie eine Crack-Datei ist, ist sie vertrauenswürdig. Die habe ich auch schon länger. Eigentlich ist meine Externe Festplatte mit dem Pfad "Z" beschrieben, aber es kann gut sein das es im log der Pfad E ist, vorallem wenn es sich um das Programm E:\Borderlands.exe handelt. Die Datei SUPERAntiSpyware habe ich jetzt mal nicht runtergeladen wegen Kaspersky. Falls ich das aber trotzdem machen sollte, sagen sie es mir dann bitte? P.S. heute ist der Internet Explorer noch nicht einmal unaufgefordert mit Werbung aufgegangen, ist das ein gutes Zeichen? LG und vielen Dank |
|
24.02.2010, 22:54
| #8 | |||||
| | IE öffnet sich automatisch mit WerbungZitat:
Zitat:
 Cracks Downloads/ Dateis SIND NIE VERTRAUENSWÜRDIG! Ich rate dir dringend dein Download Verhalten zu überdenken und Crack Programme etc. sofort aus deinem System zu entfernen. Zitat:
Zitat:
> Führe catchme. exe noch mal aus. (Doppelklick die catchme.exe Datei.) Kopiere nun folgenden Befehl in das weisse Fenster/Feld: Zitat:
> Scanne mit HijackThis und fixe die unten angeführten Einträge (Kästchen vor den Einträgen ankreuzen und auf "fix checked" klicken) R3 - URLSearchHook: (no name) - - (no file) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\Users\Maze\AppData\Local\Temp\Lwd.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p Bitte deinstallieren: Softonic Deutsch TC Toolbar C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.1\Little_Fighter BHO vergrössern die Angriffsfläche deines Systems für Malware. > Update dein System mit Windows Update und alle Programme, die mit dem Internet in Kontakt sind. > Vermeide Infektionen in der Zukunft: https://www.bsi-fuer-buerger.de/cln_...henschutz.html lg. |
|
24.02.2010, 23:26
| #9 | |||||
| | IE öffnet sich automatisch mit WerbungZitat:
trojanisches Programm Packed.Win32.Krap.as angezeigt. Das andere kann ich leider nicht mehr finden-.- Zitat:
Zitat:
Processing "Files to delete:" read file error: C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job , Das System kann die angegebene Datei nicht finden. Zitat:
Zitat:
 Die Updates werde ich auch noch machen. Nochmals Vielen dank Lg |
|
| Themen zu IE öffnet sich automatisch mit Werbung |
| adobe, agere systems, antivir, antivir guard, avg, avira, bho, defender, desktop, firefox, hijack, hijackthis, internet, internet explorer, launch, local\temp, logfile, monitor, mozilla, problem, registry, rundll, sich automatisch, softonic, software, system, temp, vista, werbung, windows, öffnet sich automatisch |
Linear-Darstellung
