Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner Virtumonde

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.01.2009, 10:59   #16
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Combo Fix Log
Teil 2:

Zitat:
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-15 16:18 --------- d-----w c:\programme\Gemeinsame Dateien\Adobe
2008-12-31 01:43 --------- d--h--w c:\programme\InstallShield Installation Information
2008-12-31 01:42 --------- d-----w c:\dokumente und einstellungen\Philipp\Anwendungsdaten\Petroglyph
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 16:42 681,980 ----a-w c:\windows\unins000.exe
2008-12-10 16:07 --------- d-----w c:\programme\X Plugin Manager
2008-11-26 20:58 --------- d-----w c:\programme\Gemeinsame Dateien\InstallShield
2008-11-26 20:46 --------- d-----w c:\programme\Alcohol Soft
2008-11-26 17:45 --------- d-----w c:\programme\EA Games
2008-11-26 16:14 --------- d--h--r c:\dokumente und einstellungen\Philipp\Anwendungsdaten\SecuROM
2008-11-26 14:08 --------- d-----w c:\programme\GameData
2008-11-26 13:55 --------- d-----w c:\programme\LucasArts
2008-11-26 10:29 --------- d-----w c:\dokumente und einstellungen\Philipp\Anwendungsdaten\AdobeUM
2008-11-25 10:36 --------- d-----w c:\programme\EGOSOFT
2008-11-24 14:36 --------- d-----w c:\programme\avmwlanstick
2008-11-24 13:36 --------- d-----w c:\programme\microsoft frontpage
2008-11-24 13:35 --------- d-----w c:\programme\Online-Dienste
2008-11-24 13:34 --------- d-----w c:\programme\Gemeinsame Dateien\Dienste
1601-01-01 00:12 92,160 --sha-w c:\windows\system32\dezogewi.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-15_22.56.49.90 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-17 17:37:46 356,352 ----a-w c:\windows\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-10-14 09:34:42 8,704 ----a-w c:\windows\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 09:36:18 172,032 ----a-w c:\windows\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 09:36:16 21,504 ----a-w c:\windows\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 09:34:42 663,552 ----a-w c:\windows\$hf_mig$\KB873339\update\update.exe
+ 2004-10-28 01:29:12 729,600 ----a-w c:\windows\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
+ 2004-10-28 01:15:16 448,128 ----a-w c:\windows\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
+ 2004-10-28 01:14:56 174,592 ----a-w c:\windows\$hf_mig$\KB885835\SP2QFE\rdbss.sys
+ 2004-10-14 10:34:42 8,704 ----a-w c:\windows\$hf_mig$\KB885835\spmsg.dll
+ 2004-10-14 10:36:18 172,032 ----a-w c:\windows\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 10:36:16 21,504 ----a-w c:\windows\$hf_mig$\KB885835\update\spcustom.dll
+ 2004-10-14 10:34:42 663,552 ----a-w c:\windows\$hf_mig$\KB885835\update\update.exe
+ 2004-10-14 10:34:42 8,704 ----a-w c:\windows\$hf_mig$\KB885836\spmsg.dll
+ 2004-10-14 10:36:18 172,032 ----a-w c:\windows\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 10:36:16 21,504 ----a-w c:\windows\$hf_mig$\KB885836\update\spcustom.dll
+ 2004-10-14 10:34:42 663,552 ----a-w c:\windows\$hf_mig$\KB885836\update\update.exe
+ 2004-10-13 16:21:24 1,694,208 ----a-w c:\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-14 10:34:42 8,704 ----a-w c:\windows\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 10:36:18 172,032 ----a-w c:\windows\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 10:36:16 21,504 ----a-w c:\windows\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 10:34:42 663,552 ----a-w c:\windows\$hf_mig$\KB887472\update\update.exe
+ 2004-12-07 19:29:19 96,768 ----a-w c:\windows\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-11-30 13:46:28 8,704 ----a-w c:\windows\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 19:22:38 172,032 ----a-w c:\windows\$hf_mig$\KB888302\spuninst.exe
+ 2004-11-30 19:22:38 21,504 ----a-w c:\windows\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-11-30 13:46:30 663,552 ----a-w c:\windows\$hf_mig$\KB888302\update\update.exe
+ 2005-04-22 05:19:51 57,344 ----a-w c:\windows\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-05-17 00:44:45 20,480 ----a-w c:\windows\$hf_mig$\KB890046\SP2QFE\spru0407.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB890046\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-03-02 18:19:56 62,464 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:11:32 2,138,112 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 18:11:31 2,059,264 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 18:11:37 2,017,792 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 18:11:53 2,181,888 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 18:19:56 578,560 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:11:28 1,836,416 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 18:19:56 291,840 ----a-w c:\windows\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-02-24 18:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 18:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 18:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 18:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 18:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB890859\update\updspapi.dll
+ 2004-11-30 13:46:28 8,704 ----a-w c:\windows\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 19:22:38 172,032 ----a-w c:\windows\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 19:22:38 21,504 ----a-w c:\windows\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 13:46:30 663,552 ----a-w c:\windows\$hf_mig$\KB891781\update\update.exe
+ 2005-07-08 16:29:45 249,344 ----a-w c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB893756\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB893756\spuninst.exe
+ 2005-07-07 18:27:08 30,720 ----a-w c:\windows\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB893756\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB893756\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB893756\update\updspapi.dll
+ 2005-04-28 19:35:40 1,286,656 ----a-w c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
+ 2005-04-28 19:35:39 74,752 ----a-w c:\windows\$hf_mig$\KB894391\SP2QFE\olecli32.dll
+ 2005-04-28 19:35:39 37,376 ----a-w c:\windows\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
+ 2005-04-28 19:35:39 396,288 ----a-w c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB894391\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB894391\spuninst.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB894391\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB894391\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB894391\update\updspapi.dll
+ 2005-05-26 23:26:50 10,752 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:10:34 41,472 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:10:34 155,136 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:10:34 137,216 ----a-w c:\windows\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-06-11 00:17:13 57,856 ----a-w c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB896423\spuninst.exe
+ 2005-06-29 15:54:32 30,720 ----a-w c:\windows\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB896423\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-05-11 02:32:00 78,336 ----a-w c:\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB896428\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-06-15 17:49:11 297,984 ----a-w c:\windows\$hf_mig$\KB899587\SP2QFE\kerberos.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB899587\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB899587\spuninst.exe
+ 2005-06-29 15:54:32 30,720 ----a-w c:\windows\$hf_mig$\KB899587\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB899587\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB899587\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB899587\update\updspapi.dll
+ 2005-06-10 04:06:01 139,528 ----a-w c:\windows\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB899591\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB899591\spuninst.exe
+ 2005-06-29 15:54:32 30,720 ----a-w c:\windows\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB899591\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB899591\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB899591\update\updspapi.dll
+ 2006-02-15 00:30:07 142,464 ----a-w c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-09-01 01:46:10 19,968 ----a-w c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-23 03:24:05 8,493,568 ----a-w c:\windows\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-02 23:53:55 474,624 ----a-w c:\windows\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-27 00:47:42 24,064 ----a-w c:\windows\$hf_mig$\KB900725\SP2QFE\spru0407.dll
+ 2005-09-01 01:46:12 292,352 ----a-w c:\windows\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB900725\spuninst.exe
+ 2005-09-26 16:36:24 30,720 ----a-w c:\windows\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB900725\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-09-10 01:52:32 2,068,480 ----a-w c:\windows\$hf_mig$\KB901017\SP2QFE\cdosys.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB901017\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB901017\spuninst.exe
+ 2005-09-09 15:26:26 30,720 ----a-w c:\windows\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB901017\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB901017\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB901017\update\updspapi.dll
+ 2005-06-29 01:52:58 254,976 ----a-w c:\windows\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:52:58 73,728 ----a-w c:\windows\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB901214\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-07-26 04:28:59 225,792 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:28:59 625,152 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:28:59 110,080 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:29:00 498,688 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:29:01 60,416 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:29:01 195,072 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:29:02 97,792 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:29:04 1,267,200 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:29:04 540,160 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:29:04 243,200 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-25 23:42:35 8,704 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-26 04:29:05 425,472 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:29:10 945,152 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:29:10 161,280 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:29:10 66,560 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:29:11 91,136 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:29:16 1,286,144 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:29:17 74,752 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:29:17 37,376 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:29:19 398,336 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:29:19 101,376 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:29:19 11,776 ----a-w c:\windows\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB902400\spuninst.exe
+ 2005-07-25 18:21:18 30,720 ----a-w c:\windows\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB902400\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB902400\update\updspapi.dll
+ 2005-08-22 18:24:55 197,632 ----a-w c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-02-25 03:34:54 15,584 ----a-w c:\windows\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:34:54 213,216 ----a-w c:\windows\$hf_mig$\KB905414\spuninst.exe
+ 2005-08-19 23:50:31 30,720 ----a-w c:\windows\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-02-25 03:34:54 22,240 ----a-w c:\windows\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:34:54 727,776 ----a-w c:\windows\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:34:56 378,080 ----a-w c:\windows\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-08-23 03:40:41 124,416 ----a-w c:\windows\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-02-24 19:34:56 15,584 ----a-w c:\windows\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-24 19:34:56 213,216 ----a-w c:\windows\$hf_mig$\KB905749\spuninst.exe
+ 2005-08-22 17:01:30 30,720 ----a-w c:\windows\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-02-24 19:34:56 22,240 ----a-w c:\windows\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-24 19:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB905749\update\update.exe
+ 2005-02-24 19:34:58 378,080 ----a-w c:\windows\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-10-17 21:22:04 80,896 ----a-w c:\windows\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:22:04 117,760 ----a-w c:\windows\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB908519\update\updspapi.dll
+ 2006-03-17 04:47:22 8,495,616 ----a-w c:\windows\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-22 01:51:46 25,600 ----a-w c:\windows\$hf_mig$\KB908531\SP2QFE\spru0407.dll
+ 2006-03-17 01:05:35 28,672 ----a-w c:\windows\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB908531\update\updspapi.dll
+ 2006-06-22 10:36:56 180,736 ----a-w c:\windows\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-03-23 05:52:23 143,360 ----a-w c:\windows\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB911562\update\updspapi.dll
+ 2006-01-04 04:18:27 68,096 ----a-w c:\windows\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB911927\update\updspapi.dll
+ 2006-03-01 19:41:36 426,496 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:41:36 956,416 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:41:36 161,280 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:41:36 66,560 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:41:36 91,136 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:41:36 11,776 ----a-w c:\windows\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB913580\update\updspapi.dll
+ 2006-05-19 13:48:36 112,640 ----a-w c:\windows\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 13:48:37 147,456 ----a-w c:\windows\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 13:48:37 95,744 ----a-w c:\windows\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB914388\update\updspapi.dll
+ 2006-05-05 10:16:39 454,400 ----a-w c:\windows\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:22:52 174,592 ----a-w c:\windows\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB914389\update\updspapi.dll
+ 2006-03-17 01:08:10 262,656 ----a-w c:\windows\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2005-10-12 23:15:13 15,584 ----a-w c:\windows\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:15:13 217,312 ----a-w c:\windows\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:15:13 22,752 ----a-w c:\windows\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:15:15 725,728 ----a-w c:\windows\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:15:23 377,568 ----a-w c:\windows\$hf_mig$\KB916595\update\updspapi.dll
+ 2006-11-27 15:17:25 539,136 ----a-w c:\windows\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:17:25 433,664 ----a-w c:\windows\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB918118\update\updspapi.dll
+ 2006-06-01 19:39:47 163,840 ----a-w c:\windows\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
+ 2006-06-01 19:39:47 27,648 ----a-w c:\windows\$hf_mig$\KB918439\SP2QFE\jgpl400.dll

Alt 16.01.2009, 11:01   #17
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Combo Fix Log
Teil3:

Zitat:
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB918439\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB918439\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB918439\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB918439\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB918439\update\updspapi.dll
+ 2006-10-12 13:54:21 42,496 ----a-w c:\windows\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
+ 2006-10-12 13:54:21 57,344 ----a-w c:\windows\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
+ 2006-10-12 11:54:07 256,512 ----a-w c:\windows\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2006-10-16 11:19:09 270,336 ----a-w c:\windows\$hf_mig$\KB920213\SP2QFE\spru0407.dll
+ 2005-10-12 23:15:13 15,584 ----a-w c:\windows\$hf_mig$\KB920213\spmsg.dll
+ 2005-10-12 23:15:13 217,312 ----a-w c:\windows\$hf_mig$\KB920213\spuninst.exe
+ 2005-10-12 23:15:13 22,752 ----a-w c:\windows\$hf_mig$\KB920213\update\spcustom.dll
+ 2005-10-12 23:15:15 725,728 ----a-w c:\windows\$hf_mig$\KB920213\update\update.exe
+ 2005-10-12 23:15:23 377,568 ----a-w c:\windows\$hf_mig$\KB920213\update\updspapi.dll
+ 2006-07-21 08:28:16 72,704 ----a-w c:\windows\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2005-10-12 23:15:13 15,584 ----a-w c:\windows\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:15:13 217,312 ----a-w c:\windows\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:15:13 22,752 ----a-w c:\windows\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:15:15 725,728 ----a-w c:\windows\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:15:23 377,568 ----a-w c:\windows\$hf_mig$\KB920670\update\updspapi.dll
+ 2006-06-26 17:46:11 147,456 ----a-w c:\windows\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:46:11 7,680 ----a-w c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB920683\update\updspapi.dll
+ 2006-06-22 05:22:09 69,120 ----a-w c:\windows\$hf_mig$\KB920685\SP2QFE\ciodm.dll
+ 2006-06-22 05:22:10 1,441,792 ----a-w c:\windows\$hf_mig$\KB920685\SP2QFE\query.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB920685\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB920685\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB920685\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB920685\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB920685\update\updspapi.dll
+ 2006-06-14 08:50:19 172,416 ----a-w c:\windows\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:19 6,272 ----a-w c:\windows\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 09:17:04 82,944 ----a-w c:\windows\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB920872\update\updspapi.dll
+ 2006-10-13 12:41:39 64,000 ----a-w c:\windows\$hf_mig$\KB923980\SP2QFE\nwapi32.dll
+ 2006-10-13 12:41:39 146,432 ----a-w c:\windows\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
+ 2006-10-13 10:39:12 163,456 ----a-w c:\windows\$hf_mig$\KB923980\SP2QFE\nwrdr.sys
+ 2006-10-13 12:41:39 65,536 ----a-w c:\windows\$hf_mig$\KB923980\SP2QFE\nwwks.dll
+ 2005-10-12 23:15:13 15,584 ----a-w c:\windows\$hf_mig$\KB923980\spmsg.dll
+ 2005-10-12 23:15:13 217,312 ----a-w c:\windows\$hf_mig$\KB923980\spuninst.exe
+ 2005-10-12 23:15:13 22,752 ----a-w c:\windows\$hf_mig$\KB923980\update\spcustom.dll
+ 2005-10-12 23:15:15 725,728 ----a-w c:\windows\$hf_mig$\KB923980\update\update.exe
+ 2005-10-12 23:15:23 377,568 ----a-w c:\windows\$hf_mig$\KB923980\update\updspapi.dll
+ 2006-08-17 12:41:25 734,208 ----a-w c:\windows\$hf_mig$\KB924270\SP2QFE\lsasrv.dll
+ 2006-08-17 12:41:25 337,408 ----a-w c:\windows\$hf_mig$\KB924270\SP2QFE\netapi32.dll
+ 2006-08-17 12:41:25 132,096 ----a-w c:\windows\$hf_mig$\KB924270\SP2QFE\wkssvc.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB924270\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB924270\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB924270\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB924270\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB924270\update\updspapi.dll
+ 2007-03-08 15:48:39 282,112 ----a-w c:\windows\$hf_mig$\KB925902\SP2QFE\gdi32.dll
+ 2007-03-08 15:48:39 40,960 ----a-w c:\windows\$hf_mig$\KB925902\SP2QFE\mf3216.dll
+ 2007-03-08 15:48:39 579,584 ----a-w c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
+ 2007-03-08 15:45:09 1,844,096 ----a-w c:\windows\$hf_mig$\KB925902\SP2QFE\win32k.sys
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB925902\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB925902\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB925902\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB925902\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB925902\update\updspapi.dll
+ 2006-10-20 01:39:55 715,776 ----a-w c:\windows\$hf_mig$\KB926255\SP2QFE\sxs.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB926255\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB926255\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB926255\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB926255\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB926255\update\updspapi.dll
+ 2006-10-16 17:16:32 126,976 ----a-w c:\windows\$hf_mig$\KB926436\SP2QFE\oledlg.dll
+ 2005-10-12 23:15:13 15,584 ----a-w c:\windows\$hf_mig$\KB926436\spmsg.dll
+ 2005-10-12 23:15:13 217,312 ----a-w c:\windows\$hf_mig$\KB926436\spuninst.exe
+ 2005-10-12 23:15:13 22,752 ----a-w c:\windows\$hf_mig$\KB926436\update\spcustom.dll
+ 2005-10-12 23:15:15 725,728 ----a-w c:\windows\$hf_mig$\KB926436\update\update.exe
+ 2005-10-12 23:15:23 377,568 ----a-w c:\windows\$hf_mig$\KB926436\update\updspapi.dll
+ 2006-12-26 13:20:47 536,576 ----a-w c:\windows\$hf_mig$\KB927779\SP2QFE\msado15.dll
+ 2006-12-26 13:20:47 180,224 ----a-w c:\windows\$hf_mig$\KB927779\SP2QFE\msadomd.dll
+ 2006-12-26 13:20:47 200,704 ----a-w c:\windows\$hf_mig$\KB927779\SP2QFE\msadox.dll
+ 2006-12-26 13:20:47 102,400 ----a-w c:\windows\$hf_mig$\KB927779\SP2QFE\msjro.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB927779\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB927779\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB927779\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB927779\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB927779\update\updspapi.dll
+ 2006-12-19 18:48:06 334,336 ----a-w c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB927802\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB927802\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB927802\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB927802\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB927802\update\updspapi.dll
+ 2006-12-19 21:48:12 8,499,712 ----a-w c:\windows\$hf_mig$\KB928255\SP2QFE\shell32.dll
+ 2006-12-19 21:48:12 135,680 ----a-w c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
+ 2006-12-19 16:29:58 270,336 ----a-w c:\windows\$hf_mig$\KB928255\SP2QFE\spru0407.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB928255\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB928255\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB928255\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB928255\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB928255\update\updspapi.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB928843\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB928843\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB928843\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB928843\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB928843\update\updspapi.dll
+ 2007-05-16 15:26:27 86,528 ----a-w c:\windows\$hf_mig$\KB929123\SP2QFE\directdb.dll
+ 2007-05-16 15:26:27 683,520 ----a-w c:\windows\$hf_mig$\KB929123\SP2QFE\inetcomm.dll
+ 2007-05-16 15:26:31 1,314,816 ----a-w c:\windows\$hf_mig$\KB929123\SP2QFE\msoe.dll
+ 2007-05-16 15:26:33 510,976 ----a-w c:\windows\$hf_mig$\KB929123\SP2QFE\wab32.dll
+ 2007-05-16 15:26:33 85,504 ----a-w c:\windows\$hf_mig$\KB929123\SP2QFE\wabimp.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB929123\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB929123\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB929123\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB929123\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB929123\update\updspapi.dll
+ 2007-03-17 13:45:59 293,376 ----a-w c:\windows\$hf_mig$\KB930178\SP2QFE\winsrv.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB930178\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB930178\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB930178\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB930178\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB930178\update\updspapi.dll
+ 2007-02-09 11:23:36 574,976 ----a-w c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB930916\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB930916\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB930916\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB930916\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB930916\update\updspapi.dll
+ 2007-02-05 20:19:54 185,856 ----a-w c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-03-09 14:00:40 57,344 ----a-w c:\windows\$hf_mig$\KB932168\SP2QFE\agentdpv.dll
+ 2007-03-09 11:51:21 270,336 ----a-w c:\windows\$hf_mig$\KB932168\SP2QFE\spru0407.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB932168\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB932168\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB932168\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB932168\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB932168\update\updspapi.dll
+ 2008-02-26 11:49:00 297,984 ----a-w c:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-04-16 16:09:38 1,059,840 ----a-w c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB935839\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB935839\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB935839\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB935839\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB935839\update\updspapi.dll
+ 2007-04-25 20:32:18 144,896 ----a-w c:\windows\$hf_mig$\KB935840\SP2QFE\schannel.dll
+ 2006-01-19 19:29:14 15,584 ----a-w c:\windows\$hf_mig$\KB935840\spmsg.dll
+ 2006-01-19 19:29:14 217,312 ----a-w c:\windows\$hf_mig$\KB935840\spuninst.exe
+ 2006-01-19 19:29:14 22,752 ----a-w c:\windows\$hf_mig$\KB935840\update\spcustom.dll
+ 2006-01-19 19:29:14 725,728 ----a-w c:\windows\$hf_mig$\KB935840\update\update.exe
+ 2006-01-19 19:29:15 377,568 ----a-w c:\windows\$hf_mig$\KB935840\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:08:15 138,240 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:08:15 47,104 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:08:15 16,896 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:08:15 660,992 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:08:15 177,152 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:08:15 95,744 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:08:15 48,640 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:08:15 533,504 ----a-w c:\windows\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-06-13 13:10:08 1,036,288 ----a-w c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2005-10-12 23:11:08 15,584 ----a-w c:\windows\$hf_mig$\KB938828\spmsg.dll
+ 2005-10-12 23:11:08 217,312 ----a-w c:\windows\$hf_mig$\KB938828\spuninst.exe
+ 2005-10-12 23:11:04 22,752 ----a-w c:\windows\$hf_mig$\KB938828\update\spcustom.dll
+ 2005-10-12 23:11:11 725,728 ----a-w c:\windows\$hf_mig$\KB938828\update\update.exe
+ 2005-10-12 23:11:17 377,568 ----a-w c:\windows\$hf_mig$\KB938828\update\updspapi.dll
+ 2007-12-04 18:29:30 551,936 ----a-w c:\windows\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:49:17 734,720 ----a-w c:\windows\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-11-13 08:47:44 20,480 ----a-w c:\windows\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:20:09 147,968 ----a-w c:\windows\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:10 45,568 ----a-w c:\windows\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w c:\windows\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:30 187,168 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:31 621,344 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-06-30 09:39:58 128,256 ----a-w c:\windows\Downloaded Program Files\as2stubie.dll
+ 2006-02-15 00:22:26 142,464 ------w c:\windows\Driver Cache\i386\aec.sys
+ 2006-03-17 00:33:10 262,784 ------w c:\windows\Driver Cache\i386\http.sys
+ 2006-06-14 08:47:45 172,416 ------w c:\windows\Driver Cache\i386\kmixer.sys
+ 2006-06-14 08:47:46 6,400 ------w c:\windows\Driver Cache\i386\splitter.sys
+ 2006-06-14 09:00:45 82,944 ------w c:\windows\Driver Cache\i386\wdmaud.sys
- 2004-08-03 23:57:54 1,035,264 ----a-w c:\windows\explorer.exe
+ 2007-06-13 13:21:45 1,036,288 ----a-w c:\windows\explorer.exe
- 2004-08-03 23:57:58 10,752 ----a-w c:\windows\hh.exe
+ 2005-05-26 23:22:01 10,752 ----a-w c:\windows\hh.exe
__________________


Alt 16.01.2009, 11:03   #18
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Combo Fix Log
Teil4:

Zitat:
+ 2007-03-06 01:14:17 217,312 -c----w c:\windows\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w c:\windows\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:54:10 765,952 -c----w c:\windows\ie7updates\KB938127-IE7\vgx.dll
+ 2007-03-06 01:14:13 217,312 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:22 377,568 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-07-12 23:30:56 765,952 -c----w c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2007-08-13 17:39:00 123,904 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2007-08-13 17:35:46 346,624 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2007-08-13 17:35:38 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2007-08-13 17:54:10 27,136 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:10 475,648 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2007-08-13 17:54:10 1,162,240 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2007-08-13 17:54:10 818,688 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:14:13 217,312 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:22 377,568 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2004-08-03 23:57:16 41,984 ----a-w c:\windows\msagent\agentdp2.dll
+ 2006-10-12 14:02:58 42,496 ----a-w c:\windows\msagent\agentdp2.dll
- 2004-08-03 23:57:16 58,880 ----a-w c:\windows\msagent\agentdpv.dll
+ 2007-03-09 13:48:08 57,344 ----a-w c:\windows\msagent\agentdpv.dll
- 2004-08-03 23:57:42 256,512 ----a-w c:\windows\msagent\agentsvr.exe
+ 2006-10-12 11:09:53 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-08-03 23:57:16 100,352 ----a-w c:\windows\system32\6to4svc.dll
+ 2006-08-16 11:58:06 100,352 ----a-w c:\windows\system32\6to4svc.dll
- 2007-08-13 17:39:00 123,904 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:04:07 124,928 ----a-w c:\windows\system32\advpack.dll
- 2004-08-03 23:57:16 56,832 ----a-w c:\windows\system32\authz.dll
+ 2005-03-02 18:09:46 56,832 ----a-w c:\windows\system32\authz.dll
- 2004-08-03 23:57:16 229,888 ----a-w c:\windows\system32\catsrv.dll
+ 2005-07-26 04:39:43 225,792 ----a-w c:\windows\system32\catsrv.dll
- 2004-08-03 23:57:16 628,224 ----a-w c:\windows\system32\catsrvut.dll
+ 2005-07-26 04:39:43 625,152 ----a-w c:\windows\system32\catsrvut.dll
- 2004-08-03 23:57:16 2,067,968 ----a-w c:\windows\system32\cdosys.dll
+ 2005-09-10 01:54:27 2,067,968 ----a-w c:\windows\system32\cdosys.dll
- 2004-08-03 23:57:18 69,120 ----a-w c:\windows\system32\ciodm.dll
+ 2006-06-22 05:06:23 69,120 ----a-w c:\windows\system32\ciodm.dll
- 2004-08-03 23:57:18 110,080 ----a-w c:\windows\system32\clbcatex.dll
+ 2005-07-26 04:39:43 110,080 ----a-w c:\windows\system32\clbcatex.dll
- 2004-08-03 23:57:18 501,248 ----a-w c:\windows\system32\clbcatq.dll
+ 2005-07-26 04:39:44 498,688 ----a-w c:\windows\system32\clbcatq.dll
- 2004-08-03 23:57:18 62,464 ----a-w c:\windows\system32\colbact.dll
+ 2005-07-26 04:39:44 60,416 ----a-w c:\windows\system32\colbact.dll
- 2004-08-03 23:57:18 195,584 ----a-w c:\windows\system32\Com\comadmin.dll
+ 2005-07-26 04:39:44 195,072 ----a-w c:\windows\system32\Com\comadmin.dll
- 2004-08-03 23:57:18 611,328 ----a-w c:\windows\system32\comctl32.dll
+ 2006-08-25 15:46:47 617,472 ----a-w c:\windows\system32\comctl32.dll
- 2001-08-18 12:00:00 82,432 ----a-w c:\windows\system32\comrepl.dll
+ 2005-07-26 04:39:44 97,792 ----a-w c:\windows\system32\comrepl.dll
- 2004-08-03 23:57:18 1,251,840 ----a-w c:\windows\system32\comsvcs.dll
+ 2005-07-26 04:39:45 1,267,200 ----a-w c:\windows\system32\comsvcs.dll
- 2004-08-03 23:54:44 540,160 ----a-w c:\windows\system32\comuid.dll
+ 2005-07-26 04:39:46 540,160 ----a-w c:\windows\system32\comuid.dll
- 2004-08-03 23:57:18 111,616 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2006-05-19 13:09:50 112,128 ----a-w c:\windows\system32\dhcpcsvc.dll
+ 2006-08-16 11:58:06 100,352 -c----w c:\windows\system32\dllcache\6to4svc.dll
- 2007-08-13 17:39:00 123,904 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:04:07 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2006-10-12 14:02:58 42,496 -c----w c:\windows\system32\dllcache\agentdp2.dll
+ 2007-03-09 13:48:08 57,344 -c--a-w c:\windows\system32\dllcache\agentdpv.dll
+ 2006-10-12 11:09:53 256,512 -c----w c:\windows\system32\dllcache\agentsvr.exe
+ 2006-06-22 05:06:23 69,120 -c----w c:\windows\system32\dllcache\ciodm.dll
+ 2006-08-25 15:46:47 617,472 -c----w c:\windows\system32\dllcache\comctl32.dll
- 2001-08-18 12:00:00 82,432 -c--a-w c:\windows\system32\dllcache\comrepl.dll
+ 2005-07-26 04:39:44 97,792 -c--a-w c:\windows\system32\dllcache\comrepl.dll
+ 2008-03-25 04:50:25 554,008 -c----w c:\windows\system32\dllcache\dao360.dll
+ 2006-05-19 13:09:50 112,128 -c----w c:\windows\system32\dllcache\dhcpcsvc.dll
+ 2007-05-16 15:11:38 86,528 -c----w c:\windows\system32\dllcache\directdb.dll
+ 2008-06-20 17:39:48 148,992 -c----w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-02-20 05:33:54 45,568 -c----w c:\windows\system32\dllcache\dnsrslvr.dll
+ 2006-08-24 12:17:12 500,278 -c----w c:\windows\system32\dllcache\dxmasf.dll
- 2007-08-13 17:35:46 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2007-08-13 17:35:38 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2007-06-13 13:21:45 1,036,288 -c----w c:\windows\system32\dllcache\explorer.exe
- 2007-08-13 17:54:10 131,584 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:04:08 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2006-08-21 12:26:05 16,896 -c----w c:\windows\system32\dllcache\fltlib.dll
+ 2006-08-21 09:14:58 23,040 -c----w c:\windows\system32\dllcache\fltmc.exe
+ 2006-08-21 09:14:58 128,896 -c----w c:\windows\system32\dllcache\fltmgr.sys
- 2001-08-18 12:00:00 79,360 -c--a-w c:\windows\system32\dllcache\fontsub.dll
+ 2005-10-17 21:20:02 80,896 -c--a-w c:\windows\system32\dllcache\fontsub.dll
- 2001-08-18 12:00:00 81,978 -c--a-w c:\windows\system32\dllcache\hlink.dll
+ 2006-07-21 08:29:00 72,704 -c--a-w c:\windows\system32\dllcache\hlink.dll
- 2007-08-13 17:39:06 54,784 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:10:46 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 17:39:26 152,064 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-13 17:39:54 229,376 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 16:56:54 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2007-08-13 17:39:50 382,976 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-13 17:39:10 43,008 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:04:12 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 17:43:56 622,080 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2006-05-19 13:09:50 95,744 -c----w c:\windows\system32\dllcache\iphlpapi.dll
- 2001-08-18 12:00:00 144,896 -c--a-w c:\windows\system32\dllcache\jgdw400.dll
+ 2006-06-01 18:47:07 163,840 -c--a-w c:\windows\system32\dllcache\jgdw400.dll
- 2001-08-18 12:00:00 42,496 -c--a-w c:\windows\system32\dllcache\jgpl400.dll
+ 2006-06-01 18:47:07 27,648 -c--a-w c:\windows\system32\dllcache\jgpl400.dll
- 2007-08-13 17:54:10 27,136 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:04:13 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2007-04-16 15:53:05 1,058,304 -c----w c:\windows\system32\dllcache\kernel32.dll
+ 2006-06-14 08:47:45 172,416 -c----w c:\windows\system32\dllcache\kmixer.sys
+ 2007-11-07 09:27:10 729,600 -c----w c:\windows\system32\dllcache\lsasrv.dll
+ 2007-03-08 15:36:30 40,960 -c----w c:\windows\system32\dllcache\mf3216.dll
- 2001-08-18 12:00:00 924,432 -c--a-w c:\windows\system32\dllcache\mfc40u.dll
+ 2006-11-01 19:17:41 927,504 -c--a-w c:\windows\system32\dllcache\mfc40u.dll
+ 2006-10-14 08:13:25 981,760 -c----w c:\windows\system32\dllcache\mfc42u.dll
+ 2007-07-06 10:05:47 72,960 -c----w c:\windows\system32\dllcache\mqac.sys
+ 2007-07-06 12:49:58 138,240 -c----w c:\windows\system32\dllcache\mqad.dll
+ 2007-07-06 12:49:58 47,104 -c----w c:\windows\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:49:58 16,896 -c----w c:\windows\system32\dllcache\mqise.dll
+ 2007-07-06 12:49:58 660,992 -c----w c:\windows\system32\dllcache\mqqm.dll
+ 2007-07-06 12:49:58 177,152 -c----w c:\windows\system32\dllcache\mqrt.dll
+ 2007-07-06 12:49:58 95,744 -c----w c:\windows\system32\dllcache\mqsec.dll
+ 2007-07-06 12:49:58 48,640 -c----w c:\windows\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:49:58 533,504 -c----w c:\windows\system32\dllcache\mqutil.dll
+ 2007-12-18 09:51:35 179,584 -c----w c:\windows\system32\dllcache\mrxdav.sys
+ 2006-12-26 13:09:09 536,576 -c----w c:\windows\system32\dllcache\msado15.dll
+ 2006-12-26 13:09:09 180,224 -c----w c:\windows\system32\dllcache\msadomd.dll
+ 2006-12-26 13:09:09 200,704 -c----w c:\windows\system32\dllcache\msadox.dll
+ 2008-02-26 11:59:49 294,912 -c----w c:\windows\system32\dllcache\msctf.dll
+ 2008-03-25 04:50:28 518,944 -c----w c:\windows\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:30 326,432 -c----w c:\windows\system32\dllcache\msexcl40.dll
+ 2006-11-27 14:54:15 539,136 -c----w c:\windows\system32\dllcache\msftedit.dll
- 2007-08-13 17:54:10 475,648 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:04:17 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-03-25 04:50:34 1,516,568 -c----w c:\windows\system32\dllcache\msjet40.dll
- 2004-03-01 18:52:15 358,976 -c--a-w c:\windows\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w c:\windows\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:51:12 187,168 -c----w c:\windows\system32\dllcache\msjint40.dll
+ 2006-12-26 13:09:09 102,400 -c----w c:\windows\system32\dllcache\msjro.dll
+ 2008-03-25 04:50:42 60,192 -c----w c:\windows\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 248,608 -c----w c:\windows\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:44 219,936 -c----w c:\windows\system32\dllcache\msltus40.dll
+ 2007-05-16 15:11:55 1,314,816 -c----w c:\windows\system32\dllcache\msoe.dll
+ 2008-03-25 04:50:45 355,104 -c----w c:\windows\system32\dllcache\mspbde40.dll
- 2007-08-13 17:44:26 192,000 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:04:17 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-03-25 04:50:47 432,928 -c----w c:\windows\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 -c----w c:\windows\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 -c----w c:\windows\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:55 264,992 -c----w c:\windows\system32\dllcache\mstext40.dll
- 2007-08-13 17:54:10 670,720 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:04:18 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-03-25 04:50:57 838,432 -c----w c:\windows\system32\dllcache\mswdat10.dll
+ 2008-06-20 17:39:48 247,296 -c----w c:\windows\system32\dllcache\mswsock.dll
+ 2008-03-25 04:51:12 621,344 -c----w c:\windows\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 355,104 -c----w c:\windows\system32\dllcache\msxbde40.dll
+ 2007-02-09 11:10:35 574,464 -c----w c:\windows\system32\dllcache\ntfs.sys
- 2001-08-18 12:00:00 58,880 -c--a-w c:\windows\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:35:14 64,000 -c--a-w c:\windows\system32\dllcache\nwapi32.dll
+ 2006-10-13 12:35:14 146,432 -c----w c:\windows\system32\dllcache\nwprovau.dll
+ 2006-10-13 10:23:15 163,584 -c----w c:\windows\system32\dllcache\nwrdr.sys
+ 2006-10-13 12:35:14 65,536 -c----w c:\windows\system32\dllcache\nwwks.dll
- 2007-08-13 17:44:06 101,376 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:04:18 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2007-12-04 18:40:03 550,912 -c----w c:\windows\system32\dllcache\oleaut32.dll
- 2001-08-18 12:00:00 68,608 -c--a-w c:\windows\system32\dllcache\olecli32.dll
+ 2005-07-26 04:39:50 74,752 -c--a-w c:\windows\system32\dllcache\olecli32.dll
- 2001-08-18 12:00:00 34,304 -c--a-w c:\windows\system32\dllcache\olecnv32.dll
+ 2005-07-26 04:39:50 37,888 -c--a-w c:\windows\system32\dllcache\olecnv32.dll
- 2001-08-18 12:00:00 121,856 -c--a-w c:\windows\system32\dllcache\oledlg.dll
+ 2006-10-16 16:15:58 126,976 -c--a-w c:\windows\system32\dllcache\oledlg.dll
- 2007-08-13 17:36:12 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:04:18 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2006-06-22 05:06:24 1,441,792 -c----w c:\windows\system32\dllcache\query.dll
+ 2006-06-26 17:40:34 8,192 -c----w c:\windows\system32\dllcache\rasadhlp.dll
+ 2006-06-22 10:47:23 181,248 -c----w c:\windows\system32\dllcache\rasmans.dll
+ 2006-05-05 09:47:57 174,592 -c----w c:\windows\system32\dllcache\rdbss.sys
+ 2006-11-27 14:54:15 433,152 -c----w c:\windows\system32\dllcache\riched20.dll
+ 2007-04-25 14:22:27 144,896 -c----w c:\windows\system32\dllcache\schannel.dll
+ 2007-10-25 16:55:09 8,495,616 -c----w c:\windows\system32\dllcache\shell32.dll
+ 2006-12-19 21:49:41 135,168 -c----w c:\windows\system32\dllcache\shsvcs.dll
+ 2006-06-14 08:47:46 6,400 -c----w c:\windows\system32\dllcache\splitter.sys
- 2008-08-28 10:04:17 333,056 -c----w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c----w c:\windows\system32\dllcache\srv.sys
+ 2006-10-20 01:38:26 715,776 -c----w c:\windows\system32\dllcache\sxs.dll
+ 2008-06-20 10:45:13 360,320 -c----w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 09:52:06 225,920 -c----w c:\windows\system32\dllcache\tcpip6.sys
+ 2007-02-05 20:18:44 185,856 -c----w c:\windows\system32\dllcache\upnphost.dll
- 2007-08-13 17:44:30 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:04:18 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2007-08-13 17:54:10 1,162,240 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:04:19 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2007-03-08 15:36:30 579,072 -c----w c:\windows\system32\dllcache\user32.dll
- 2007-08-13 17:54:10 765,952 -c----w c:\windows\system32\dllcache\VGX.dll
+ 2008-05-27 17:23:58 765,952 -c----w c:\windows\system32\dllcache\vgx.dll
+ 2007-05-16 15:12:01 510,976 -c----w c:\windows\system32\dllcache\wab32.dll
+ 2007-05-16 15:12:02 85,504 -c----w c:\windows\system32\dllcache\wabimp.dll
+ 2006-06-14 09:00:45 82,944 -c----w c:\windows\system32\dllcache\wdmaud.sys
- 2007-08-13 17:54:10 231,424 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:04:19 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2006-12-19 18:17:03 334,336 -c----w c:\windows\system32\dllcache\wiaservc.dll
- 2007-08-13 17:54:10 818,688 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:04:20 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2007-03-17 13:44:25 293,376 -c----w c:\windows\system32\dllcache\winsrv.dll
+ 2006-08-17 12:28:44 132,096 -c----w c:\windows\system32\dllcache\wkssvc.dll
- 2004-08-03 23:57:18 148,480 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:39:48 148,992 ----a-w c:\windows\system32\dnsapi.dll
- 2004-08-03 23:57:18 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
+ 2008-02-20 05:33:54 45,568 ----a-w c:\windows\system32\dnsrslvr.dll
- 2004-08-03 21:39:38 142,464 ----a-w c:\windows\system32\drivers\aec.sys
+ 2006-02-15 00:22:26 142,464 ----a-w c:\windows\system32\drivers\aec.sys
- 2004-08-03 22:01:20 124,800 ------w c:\windows\system32\drivers\fltmgr.sys
+ 2006-08-21 09:14:58 128,896 ------w c:\windows\system32\drivers\fltmgr.sys
- 2004-08-03 22:00:14 263,040 ------w c:\windows\system32\drivers\http.sys
+ 2006-03-17 00:33:10 262,784 ------w c:\windows\system32\drivers\http.sys
- 2004-08-03 22:04:52 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys
+ 2004-09-29 22:28:37 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys
- 2004-08-03 22:07:50 171,776 ----a-w c:\windows\system32\drivers\kmixer.sys
+ 2006-06-14 08:47:45 172,416 ----a-w c:\windows\system32\drivers\kmixer.sys
- 2004-08-03 21:58:22 72,960 ----a-w c:\windows\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w c:\windows\system32\drivers\mqac.sys
- 2004-08-03 22:00:58 181,248 ----a-w c:\windows\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ----a-w c:\windows\system32\drivers\mrxdav.sys
- 2004-08-03 22:15:10 574,592 ----a-w c:\windows\system32\drivers\ntfs.sys
+ 2007-02-09 11:10:35 574,464 ----a-w c:\windows\system32\drivers\ntfs.sys
- 2004-08-03 22:02:24 163,584 ----a-w c:\windows\system32\drivers\nwrdr.sys
+ 2006-10-13 10:23:15 163,584 ----a-w c:\windows\system32\drivers\nwrdr.sys
- 2004-08-03 22:20:08 176,512 ----a-w c:\windows\system32\drivers\rdbss.sys
+ 2006-05-05 09:47:57 174,592 ----a-w c:\windows\system32\drivers\rdbss.sys
- 2004-08-03 23:58:38 139,400 ----a-w c:\windows\system32\drivers\rdpwd.sys
+ 2005-06-10 04:10:27 139,528 ----a-w c:\windows\system32\drivers\rdpwd.sys
- 2004-07-17 10:36:38 27,440 ----a-w c:\windows\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ----a-w c:\windows\system32\drivers\secdrv.sys
- 2004-08-03 22:07:48 6,400 ----a-w c:\windows\system32\drivers\splitter.sys
+ 2006-06-14 08:47:46 6,400 ----a-w c:\windows\system32\drivers\splitter.sys
- 2004-08-03 22:14:42 359,040 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2004-08-03 22:07:46 223,616 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2004-08-03 22:15:06 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys
+ 2006-06-14 09:00:45 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys
- 2004-08-03 23:57:18 499,741 ----a-w c:\windows\system32\dxmasf.dll
+ 2006-08-24 12:17:12 500,278 ----a-w c:\windows\system32\dxmasf.dll
- 2007-08-13 17:35:46 346,624 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2007-08-13 17:35:38 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2004-08-03 23:57:20 1,094,144 ----a-w c:\windows\system32\esent.dll
+ 2005-10-20 22:25:05 1,094,144 ----a-w c:\windows\system32\esent.dll
- 2007-08-13 17:54:10 131,584 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:08 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2004-08-03 23:57:20 16,896 ------w c:\windows\system32\fltlib.dll
+ 2006-08-21 12:26:05 16,896 ----a-w c:\windows\system32\fltlib.dll
- 2004-08-03 23:57:54 22,528 ------w c:\windows\system32\fltmc.exe
+ 2006-08-21 09:14:58 23,040 ----a-w c:\windows\system32\fltmc.exe
- 2001-08-18 12:00:00 79,360 ----a-w c:\windows\system32\fontsub.dll
+ 2005-10-17 21:20:02 80,896 ----a-w c:\windows\system32\fontsub.dll
- 2004-08-03 23:57:22 38,912 ----a-w c:\windows\system32\hhsetup.dll
+ 2005-05-27 02:04:47 41,472 ----a-w c:\windows\system32\hhsetup.dll
- 2001-08-18 12:00:00 81,978 ----a-w c:\windows\system32\hlink.dll
+ 2006-07-21 08:29:00 72,704 ----a-w c:\windows\system32\hlink.dll
- 2004-08-03 23:57:22 354,304 ----a-w c:\windows\system32\hypertrm.dll
+ 2004-11-17 17:42:24 356,352 ----a-w c:\windows\system32\hypertrm.dll
- 2007-08-13 17:36:26 61,952 ------w c:\windows\system32\icardie.dll
+ 2008-10-16 20:04:08 63,488 ----a-w c:\windows\system32\icardie.dll
- 2004-08-03 23:57:22 253,952 ----a-w c:\windows\system32\icm32.dll
+ 2005-06-29 01:49:39 254,976 ----a-w c:\windows\system32\icm32.dll
- 2007-08-13 17:39:06 54,784 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:10:46 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2007-08-13 17:39:26 152,064 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2007-08-13 17:39:54 229,376 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2007-08-13 16:56:54 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2007-02-12 15:10:12 2,451,312 ------w c:\windows\system32\ieapfltr.dat
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat
- 2007-07-11 11:27:48 383,488 ------w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:04:09 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2007-08-13 17:39:50 382,976 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2007-08-13 17:54:10 6,049,280 ------w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:04:12 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2007-08-13 17:39:10 43,008 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:12 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2007-08-13 17:34:04 266,752 ------w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:04:12 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2007-08-13 17:39:10 13,312 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2004-08-03 23:57:22 95,744 ----a-w c:\windows\system32\iphlpapi.dll
+ 2006-05-19 13:09:50 95,744 ----a-w c:\windows\system32\iphlpapi.dll
- 2004-08-03 23:57:24 143,872 ----a-w c:\windows\system32\itircl.dll
+ 2005-05-27 02:04:47 155,136 ----a-w c:\windows\system32\itircl.dll
- 2001-08-18 12:00:00 144,896 ----a-w c:\windows\system32\jgdw400.dll
+ 2006-06-01 18:47:07 163,840 ----a-w c:\windows\system32\jgdw400.dll
- 2001-08-18 12:00:00 42,496 ----a-w c:\windows\system32\jgpl400.dll
+ 2006-06-01 18:47:07 27,648 ----a-w c:\windows\system32\jgpl400.dll
- 2007-08-13 17:54:10 27,136 ----a-w c:\windows\system32\jsproxy.dll
__________________

Alt 16.01.2009, 11:04   #19
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Combo Fix Log
Teil5:

Zitat:
+ 2008-10-16 20:04:13 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2004-08-03 23:57:24 294,400 ----a-w c:\windows\system32\kerberos.dll
+ 2005-06-15 17:49:56 295,936 ----a-w c:\windows\system32\kerberos.dll
- 2004-08-03 23:57:24 1,057,280 ----a-w c:\windows\system32\kernel32.dll
+ 2007-04-16 15:53:05 1,058,304 ----a-w c:\windows\system32\kernel32.dll
- 2004-08-03 23:57:24 18,944 ----a-w c:\windows\system32\linkinfo.dll
+ 2005-09-01 01:44:41 19,968 ----a-w c:\windows\system32\linkinfo.dll
- 2004-08-03 23:57:24 729,600 ----a-w c:\windows\system32\lsasrv.dll
+ 2007-11-07 09:27:10 729,600 ----a-w c:\windows\system32\lsasrv.dll
- 2004-08-03 23:57:24 39,936 ----a-w c:\windows\system32\mf3216.dll
+ 2007-03-08 15:36:30 40,960 ----a-w c:\windows\system32\mf3216.dll
- 2001-08-18 12:00:00 924,432 ----a-w c:\windows\system32\mfc40u.dll
+ 2006-11-01 19:17:41 927,504 ----a-w c:\windows\system32\mfc40u.dll
- 2004-08-03 23:57:24 1,024,000 ----a-w c:\windows\system32\mfc42u.dll
+ 2006-10-14 08:13:25 981,760 ----a-w c:\windows\system32\mfc42u.dll
- 2004-08-03 23:57:26 138,240 ----a-w c:\windows\system32\mqad.dll
+ 2007-07-06 12:49:58 138,240 ----a-w c:\windows\system32\mqad.dll
- 2004-08-03 23:57:26 47,104 ----a-w c:\windows\system32\mqdscli.dll
+ 2007-07-06 12:49:58 47,104 ----a-w c:\windows\system32\mqdscli.dll
- 2004-08-03 23:57:26 16,896 ----a-w c:\windows\system32\mqise.dll
+ 2007-07-06 12:49:58 16,896 ----a-w c:\windows\system32\mqise.dll
- 2004-08-03 23:57:26 660,992 ----a-w c:\windows\system32\mqqm.dll
+ 2007-07-06 12:49:58 660,992 ----a-w c:\windows\system32\mqqm.dll
- 2004-08-03 23:57:26 177,152 ----a-w c:\windows\system32\mqrt.dll
+ 2007-07-06 12:49:58 177,152 ----a-w c:\windows\system32\mqrt.dll
- 2004-08-03 23:57:26 95,744 ----a-w c:\windows\system32\mqsec.dll
+ 2007-07-06 12:49:58 95,744 ----a-w c:\windows\system32\mqsec.dll
- 2004-08-03 23:57:26 48,640 ----a-w c:\windows\system32\mqupgrd.dll
+ 2007-07-06 12:49:58 48,640 ----a-w c:\windows\system32\mqupgrd.dll
- 2004-08-03 23:57:26 533,504 ----a-w c:\windows\system32\mqutil.dll
+ 2007-07-06 12:49:58 533,504 ----a-w c:\windows\system32\mqutil.dll
- 2004-08-03 23:57:26 294,400 ----a-w c:\windows\system32\msctf.dll
+ 2008-02-26 11:59:49 294,912 ----a-w c:\windows\system32\msctf.dll
- 2004-08-03 23:57:28 425,472 ----a-w c:\windows\system32\msdtcprx.dll
+ 2006-03-01 19:43:33 426,496 ----a-w c:\windows\system32\msdtcprx.dll
- 2004-08-03 23:57:28 949,248 ----a-w c:\windows\system32\msdtctm.dll
+ 2006-03-01 19:43:33 956,416 ----a-w c:\windows\system32\msdtctm.dll
- 2004-08-03 23:57:28 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
+ 2006-03-01 19:43:33 161,280 ----a-w c:\windows\system32\msdtcuiu.dll
- 2004-08-03 23:57:28 512,029 ----a-w c:\windows\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w c:\windows\system32\msexch40.dll
- 2004-08-03 23:57:28 319,517 ----a-w c:\windows\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w c:\windows\system32\msexcl40.dll
- 2007-08-13 17:54:10 458,752 ------w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:04:14 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2007-08-13 17:54:10 50,688 ------w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:04:14 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2004-08-03 23:57:28 537,088 ------w c:\windows\system32\msftedit.dll
+ 2006-11-27 14:54:15 539,136 ------w c:\windows\system32\msftedit.dll
- 2007-08-13 17:54:12 3,578,368 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:36:44 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2007-08-13 17:54:10 475,648 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:04:17 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2005-05-04 13:45:32 2,890,240 ----a-w c:\windows\system32\msi.dll
+ 2007-04-18 16:13:24 2,854,400 ----a-w c:\windows\system32\msi.dll
- 2004-08-03 23:57:28 1,507,356 ----a-w c:\windows\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w c:\windows\system32\msjet40.dll
- 2004-03-01 18:52:15 358,976 ----a-w c:\windows\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w c:\windows\system32\msjetoledb40.dll
- 2004-08-03 23:57:28 180,255 ----a-w c:\windows\system32\msjint40.dll
+ 2008-03-25 04:51:12 187,168 ----a-w c:\windows\system32\msjint40.dll
- 2004-08-03 23:57:28 53,279 ----a-w c:\windows\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w c:\windows\system32\msjter40.dll
- 2004-08-03 23:57:28 241,693 ----a-w c:\windows\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w c:\windows\system32\msjtes40.dll
- 2004-08-03 23:57:28 213,023 ----a-w c:\windows\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w c:\windows\system32\msltus40.dll
- 2004-08-03 23:57:30 348,189 ----a-w c:\windows\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w c:\windows\system32\mspbde40.dll
- 2007-08-13 17:44:26 192,000 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:04:17 193,024 ----a-w c:\windows\system32\msrating.dll
- 2004-08-03 23:57:30 421,919 ----a-w c:\windows\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w c:\windows\system32\msrd2x40.dll
- 2004-08-03 23:57:30 315,423 ----a-w c:\windows\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w c:\windows\system32\msrd3x40.dll
- 2004-08-03 23:57:30 552,989 ----a-w c:\windows\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w c:\windows\system32\msrepl40.dll
- 2004-08-03 23:57:30 258,077 ----a-w c:\windows\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w c:\windows\system32\mstext40.dll
- 2007-08-13 17:54:10 670,720 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:04:18 671,232 ----a-w c:\windows\system32\mstime.dll
- 2004-08-03 23:57:30 831,519 ----a-w c:\windows\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w c:\windows\system32\mswdat10.dll
- 2004-08-03 23:57:30 247,296 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:39:48 247,296 ----a-w c:\windows\system32\mswsock.dll
- 2004-08-03 23:57:30 614,429 ----a-w c:\windows\system32\mswstr10.dll
+ 2008-03-25 04:51:12 621,344 ----a-w c:\windows\system32\mswstr10.dll
- 2004-08-03 23:57:30 348,189 ----a-w c:\windows\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w c:\windows\system32\msxbde40.dll
- 2004-08-03 23:57:30 66,560 ----a-w c:\windows\system32\mtxclu.dll
+ 2006-03-01 19:43:33 66,560 ----a-w c:\windows\system32\mtxclu.dll
- 2004-08-03 23:57:30 90,112 ----a-w c:\windows\system32\mtxoci.dll
+ 2006-03-01 19:43:33 91,136 ----a-w c:\windows\system32\mtxoci.dll
- 2004-08-03 23:57:32 198,144 ----a-w c:\windows\system32\netman.dll
+ 2005-08-22 18:31:48 197,632 ----a-w c:\windows\system32\netman.dll
- 2001-08-18 12:00:00 58,880 ----a-w c:\windows\system32\nwapi32.dll
+ 2006-10-13 12:35:14 64,000 ----a-w c:\windows\system32\nwapi32.dll
- 2004-08-03 23:57:32 148,480 ----a-w c:\windows\system32\nwprovau.dll
+ 2006-10-13 12:35:14 146,432 ----a-w c:\windows\system32\nwprovau.dll
- 2004-08-03 23:57:32 64,000 ----a-w c:\windows\system32\nwwks.dll
+ 2006-10-13 12:35:14 65,536 ----a-w c:\windows\system32\nwwks.dll
- 2007-08-13 17:44:06 101,376 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:04:18 102,912 ----a-w c:\windows\system32\occache.dll
- 2004-08-03 23:57:32 1,281,536 ----a-w c:\windows\system32\ole32.dll
+ 2005-07-26 04:39:49 1,285,120 ----a-w c:\windows\system32\ole32.dll
- 2004-08-03 23:57:32 553,472 ----a-w c:\windows\system32\oleaut32.dll
+ 2007-12-04 18:40:03 550,912 ----a-w c:\windows\system32\oleaut32.dll
- 2001-08-18 12:00:00 68,608 ----a-w c:\windows\system32\olecli32.dll
+ 2005-07-26 04:39:50 74,752 ----a-w c:\windows\system32\olecli32.dll
- 2001-08-18 12:00:00 34,304 ----a-w c:\windows\system32\olecnv32.dll
+ 2005-07-26 04:39:50 37,888 ----a-w c:\windows\system32\olecnv32.dll
- 2001-08-18 12:00:00 121,856 ----a-w c:\windows\system32\oledlg.dll
+ 2006-10-16 16:15:58 126,976 ----a-w c:\windows\system32\oledlg.dll
- 2009-01-07 16:30:50 48,156 ----a-w c:\windows\system32\perfc007.dat
+ 2009-01-15 23:22:49 48,156 ----a-w c:\windows\system32\perfc007.dat
- 2009-01-07 16:30:50 39,992 ----a-w c:\windows\system32\perfc009.dat
+ 2009-01-15 23:22:49 39,992 ----a-w c:\windows\system32\perfc009.dat
- 2009-01-07 16:30:50 316,594 ----a-w c:\windows\system32\perfh007.dat
+ 2009-01-15 23:22:49 316,594 ----a-w c:\windows\system32\perfh007.dat
- 2009-01-07 16:30:50 311,604 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-15 23:22:49 311,604 ----a-w c:\windows\system32\perfh009.dat
- 2007-08-13 17:36:12 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:04:18 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2004-08-03 23:57:34 1,441,792 ----a-w c:\windows\system32\query.dll
+ 2006-06-22 05:06:24 1,441,792 ----a-w c:\windows\system32\query.dll
- 2004-08-03 23:57:34 8,192 ----a-w c:\windows\system32\rasadhlp.dll
+ 2006-06-26 17:40:34 8,192 ----a-w c:\windows\system32\rasadhlp.dll
- 2004-08-03 23:57:34 174,080 ----a-w c:\windows\system32\rasmans.dll
+ 2006-06-22 10:47:23 181,248 ----a-w c:\windows\system32\rasmans.dll
- 2004-08-03 23:57:34 431,616 ----a-w c:\windows\system32\riched20.dll
+ 2006-11-27 14:54:15 433,152 ----a-w c:\windows\system32\riched20.dll
- 2004-08-03 23:57:34 581,120 ----a-w c:\windows\system32\rpcrt4.dll
+ 2007-07-09 13:11:35 584,192 ----a-w c:\windows\system32\rpcrt4.dll
- 2004-08-03 23:57:34 395,776 ----a-w c:\windows\system32\rpcss.dll
+ 2005-07-26 04:39:50 397,824 ----a-w c:\windows\system32\rpcss.dll
- 2004-08-03 23:57:34 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2007-04-25 14:22:27 144,896 ----a-w c:\windows\system32\schannel.dll
- 2004-08-03 23:57:34 8,424,960 ----a-w c:\windows\system32\shell32.dll
+ 2007-10-25 16:55:09 8,495,616 ----a-w c:\windows\system32\shell32.dll
- 2004-08-03 23:57:36 135,168 ----a-w c:\windows\system32\shsvcs.dll
+ 2006-12-19 21:49:41 135,168 ----a-w c:\windows\system32\shsvcs.dll
- 2007-11-30 11:18:34 18,808 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:14 18,808 ------w c:\windows\system32\spmsg.dll
- 2004-08-03 23:58:16 57,856 ----a-w c:\windows\system32\spoolsv.exe
+ 2005-06-10 23:53:32 57,856 ----a-w c:\windows\system32\spoolsv.exe
- 2004-08-03 23:57:36 96,768 ----a-w c:\windows\system32\srvsvc.dll
+ 2004-12-07 19:33:24 96,768 ----a-w c:\windows\system32\srvsvc.dll
- 2004-08-03 23:57:36 210,432 ----a-w c:\windows\system32\t2embed.dll
+ 2005-10-17 21:20:02 118,272 ----a-w c:\windows\system32\t2embed.dll
- 2004-08-03 23:57:36 246,272 ----a-w c:\windows\system32\tapisrv.dll
+ 2005-07-08 16:28:23 249,344 ----a-w c:\windows\system32\tapisrv.dll
- 2004-08-03 23:58:16 77,824 ----a-w c:\windows\system32\telnet.exe
+ 2005-05-11 02:30:02 78,336 ----a-w c:\windows\system32\telnet.exe
- 2004-08-03 23:57:38 101,376 ----a-w c:\windows\system32\txflog.dll
+ 2005-07-26 04:39:50 101,376 ----a-w c:\windows\system32\txflog.dll
- 2004-08-03 23:57:38 119,296 ----a-w c:\windows\system32\umpnpmgr.dll
+ 2005-08-23 03:39:57 124,416 ----a-w c:\windows\system32\umpnpmgr.dll
- 2004-08-03 23:57:38 185,856 ----a-w c:\windows\system32\upnphost.dll
+ 2007-02-05 20:18:44 185,856 ----a-w c:\windows\system32\upnphost.dll
- 2007-08-13 17:44:30 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:04:18 105,984 ----a-w c:\windows\system32\url.dll
- 2007-08-13 17:54:10 1,162,240 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:04:19 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2004-08-03 23:57:38 578,560 ----a-w c:\windows\system32\user32.dll
+ 2007-03-08 15:36:30 579,072 ----a-w c:\windows\system32\user32.dll
+ 2006-03-17 00:38:01 28,672 ------w c:\windows\system32\verclsid.exe
- 2007-08-13 17:54:10 231,424 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:04:19 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2004-08-03 23:57:38 67,584 ----a-w c:\windows\system32\webclnt.dll
+ 2006-01-04 03:35:01 68,096 ----a-w c:\windows\system32\webclnt.dll
- 2004-08-03 23:57:38 333,824 ----a-w c:\windows\system32\wiaservc.dll
+ 2006-12-19 18:17:03 334,336 ----a-w c:\windows\system32\wiaservc.dll
- 2007-08-13 17:54:10 818,688 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:04:20 826,368 ----a-w c:\windows\system32\wininet.dll
- 2004-08-03 23:57:38 291,328 ----a-w c:\windows\system32\winsrv.dll
+ 2007-03-17 13:44:25 293,376 ----a-w c:\windows\system32\winsrv.dll
- 2004-08-03 23:57:38 132,096 ----a-w c:\windows\system32\wkssvc.dll
+ 2006-08-17 12:28:44 132,096 ----a-w c:\windows\system32\wkssvc.dll
- 2004-08-03 23:57:40 4,874,240 ------w c:\windows\system32\wmp.dll
+ 2007-04-30 01:22:16 4,734,976 ------w c:\windows\system32\wmp.dll
- 2004-08-03 23:57:42 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2006-03-01 19:43:33 11,776 ----a-w c:\windows\system32\xolehlp.dll
+ 2009-01-16 08:25:49 16,384 ----atw c:\windows\temp\Perflib_Perfdata_1e0.dat
+ 2007-01-19 12:50:53 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2007-01-19 12:50:53 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2007-01-19 12:50:53 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2007-01-19 12:50:53 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-08-25 15:46:44 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
.

Alt 16.01.2009, 11:06   #20
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Und der letzte

Teil6:

Zitat:
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"msnmsgr"="c:\programme\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"SUPERAntiSpyware"="c:\programme\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-22 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2008-12-25 136600]
"avgnt"="c:\programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"C-Media Mixer"="Mixer.exe" [2003-03-20 c:\windows\mixer.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-04 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programme\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\programme\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"kivabeyipo"=Rundll32.exe "c:\windows\system32\doguzeri.dll",s
"AVMWlanClient"=c:\programme\avmwlanstick\wlangui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Programme\\Avira\\AntiVir PersonalEdition Classic\\sched.exe"=
"c:\\Programme\\avmwlanstick\\WLanNetService.exe"=
"c:\\Programme\\Java\\jre6\\bin\\jqs.exe"=
"c:\\Programme\\Avira\\AntiVir PersonalEdition Classic\\avguard.exe"=

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2008-12-30 22336]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-01-15 28544]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2008-12-30 45376]
R1 SASDIFSV;SASDIFSV;c:\programme\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\programme\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [2008-11-24 55808]
R3 SASENUM;SASENUM;c:\programme\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
R4 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [2008-11-24 44928]
R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-01-11 603904]
S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2008-11-24 4352]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [2008-11-24 265088]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2009-01-16 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/

c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.de/scan_de/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 09:26:12
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(956)
c:\programme\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\programme\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\programme\avmwlanstick\WLanNetService.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\ati2evxx.exe
c:\programme\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-01-16 9:28:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-01-16 08:28:56
ComboFix2.txt 2009-01-15 21:57:26

Vor Suchlauf: 9 Verzeichnis(se), 13.822.324.736 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 13,906,558,976 Bytes frei

1273 --- E O F --- 2009-01-15 23:17:37
Ok und soweit alles wieder ok ?=)
Läuft wieder astrein der rechner also keine weiteren beschwerden

Gruß phil


Alt 16.01.2009, 16:52   #21
john.doe
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



Gib es zu:
Du bist heute morgen aufgewacht, hattest schlechte Laune und hast gedacht: Jetzt vermiese ich jemanden den Tag, dann geht es mir besser. Wie mache ich das? Ich mache jahrelang keine Updates, aber wenn jemand mein Log lesen muß, dann hole ich alles nach und blähe das Log bis zum "geht nicht mehr" auf.

Zitat:
Läuft wieder astrein der rechner also keine weiteren beschwerden
Dann bist du entlassen.

ciao, andreas

Alt 16.01.2009, 17:04   #22
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



was ?
OH hab gestern updates gemacht deswegen wurd das in dem log zuviel ???

Tut mir leid *fg wusst ich net

Aber echt ein hammer großes danke schön an dich =)

Wünsch dir noch nen feinen Tag.

Lg phil

Alt 22.01.2009, 18:32   #23
master1988
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



hallo ich nochmal.
Mein vieren programm hatte mal wieder was gemeldet aber bekomme es nicht gelöscht.

Habe nochmal Active Scan laufen lassen hier mal der log.

Zitat:
;***************************************************************************************************************************************************** ******************************
ANALYSIS: 2009-01-22 18:28:42
PROTECTIONS: 1
MALWARE: 8
SUSPECTS: 0
;***************************************************************************************************************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================== ==============================
Avira AntiVir PersonalEdition 8.0.1.30 Yes Yes
;===================================================================================================================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================== ==============================
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@ad.yieldmanager[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@weborama[3].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Cookies\philipp@adtech[3].txt
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{0E48DEAB-5A84-4488-8C45-0B44380C1486}\RP74\A0010352.EXE
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{0E48DEAB-5A84-4488-8C45-0B44380C1486}\RP77\A0010918.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{0E48DEAB-5A84-4488-8C45-0B44380C1486}\RP77\A0010904.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{0E48DEAB-5A84-4488-8C45-0B44380C1486}\RP74\A0010334.sys
04658173 Generic Trojan Virus/Trojan No 0 Yes No C:\Dokumente und Einstellungen\Philipp\Desktop\ComboFix.exe
;===================================================================================================================================================== ==============================
SUSPECTS
Sent Location
;===================================================================================================================================================== ==============================
;===================================================================================================================================================== ==============================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================== ==============================
184379 MEDIUM MS08-001
182048 HIGH MS07-069
182043 HIGH MS07-064
176382 HIGH MS07-057
170907 HIGH MS07-046
170906 HIGH MS07-045
170904 HIGH MS07-043
164913 HIGH MS07-033
160623 HIGH MS07-027
157262 HIGH MS07-022
150253 HIGH MS07-016
133387 MEDIUM MS06-065
133386 MEDIUM MS06-064
133385 MEDIUM MS06-063
129976 MEDIUM MS06-052
123420 HIGH MS06-035
120825 MEDIUM MS06-032
108743 MEDIUM MS06-007
93394 HIGH MS05-050
;===================================================================================================================================================== ==============================
Bekomme ich die noch irgemdwie runter ?

gruß phil

Alt 23.01.2009, 19:49   #24
john.doe
 
Trojaner Virtumonde - Standard

Trojaner Virtumonde



1.) Start => Ausführen => combofix /u (aufs Leerzeichen achten!) => OK
2.) Systemwiederherstellung abschalten => Neustart => Systemwiederherstellung anschalten und neuen Wiederherstellungspunkt setzen.

ciao, andreas

Antwort

Themen zu Trojaner Virtumonde
adobe, antivir, antivirus, avg, avira, bho, browser, content.ie5, defender, einstellungen, explorer, hijackthis, hkus\s-1-5-18, internet, internet explorer, neu, plug-in, problem, programme, registrierungsschlüssel, security, software, spyware, stick, system, system neu, trojaner, tuneup.defrag, virtumonde, windows, windows xp



Ähnliche Themen: Trojaner Virtumonde


  1. virtumonde.dll Trojaner oder Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 09.10.2009 (9)
  2. Hilfe: Trojaner (Virtumonde)
    Log-Analyse und Auswertung - 15.01.2009 (9)
  3. Trojaner Virtumonde
    Plagegeister aller Art und deren Bekämpfung - 12.01.2009 (10)
  4. Virtumonde/Virtumonde.prx nicht entfernbar !!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2009 (29)
  5. Smitfraud C, virtumonde, virtumonde generic
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (11)
  6. Virtumonde, Virtumonde.generic und Smitfraud-C. lassen sich nicht entfernen
    Log-Analyse und Auswertung - 22.12.2008 (1)
  7. Infiziert mit Virtumonde generic,Virtumonde ,Smitfraud-C und virtumonde.prx
    Plagegeister aller Art und deren Bekämpfung - 17.12.2008 (0)
  8. Spybot meldet Smitfraud-C. Virtumonde & Virtumonde.generic Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 15.12.2008 (1)
  9. Virtumonde Trojaner--entfernen?
    Log-Analyse und Auswertung - 05.12.2008 (0)
  10. Smitfraud-C. & Virtumonde & Virtumonde.generic
    Log-Analyse und Auswertung - 01.12.2008 (7)
  11. Trojaner Virtumonde was ist das?
    Plagegeister aller Art und deren Bekämpfung - 04.11.2008 (0)
  12. Trojaner Virtumonde.prx
    Plagegeister aller Art und deren Bekämpfung - 11.10.2008 (12)
  13. Trojaner / Virtumonde? Hilfe!
    Mülltonne - 05.10.2008 (0)
  14. Trojaner TR/Virtumonde.24576
    Plagegeister aller Art und deren Bekämpfung - 19.06.2008 (19)
  15. MSN Trojaner TR/Virtumonde.24576
    Log-Analyse und Auswertung - 18.06.2008 (0)
  16. Trojaner eingefangen! Virtumonde?
    Log-Analyse und Auswertung - 30.09.2007 (0)
  17. Verschiedene Trojaner um vundo und virtumonde
    Plagegeister aller Art und deren Bekämpfung - 09.07.2007 (5)

Zum Thema Trojaner Virtumonde - Combo Fix Log Teil 2: Zitat: (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-15 16:18 --------- d-----w c:\programme\Gemeinsame Dateien\Adobe 2008-12-31 01:43 --------- d--h--w c:\programme\InstallShield Installation Information 2008-12-31 01:42 --------- d-----w c:\dokumente und - Trojaner Virtumonde...
Archiv
Du betrachtest: Trojaner Virtumonde auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.