Hilfe! Welcher Virus! Dll Dateien fehlen! Webe-fenster öffnen sich!
 

Hallo Freunde,

habe folgendes Problem: und zwar immer wenn ich meinen Laptop hochfahre kommen direkt 3 fehlermeldungen.

1.C:User\JENSKNOSS\Appdata\local\temp\geBQkijj.dll FEHLER BEIM LADEN
2.C:User\JENSKNOSS\Appdata\local\temp\hgGvtUNg.dll FEHLER BEIM LADEN
3.C:Windows\System32\oPiihgHW.dll FEHLER BEIM LADEN


Was kann ich nur tun? Ausserdem gehen immer irgendwelche werbefenster auf wenn ich im Inet surfe! Ich kann schon nachts nicht mehr schlafen.

Hier der LOgFILE:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:18, on 08.06.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Fighters\Spywarefighter\SpywarefighterUser.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Sunbelt Software\CounterSpy\CounterSpy.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\oPiihgHw.dll,#1
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RssReader] "C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" /Autostart
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\JENSKN~1\AppData\Local\Temp\hgGvtUNg.dll,#1
O4 - HKCU\..\Run: [nvd32_r] rundll32.exe "C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll" s
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\JENSKN~1\AppData\Local\Temp\geBQkijj.dll,c
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

--
End of file - 7919 bytes




VEIELN DANK AN EUCH IM VORAUS!

Kann keiner helfen? Bitte Bitte

Hier der LOG:

Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.3 - Deutsch
Agere Systems HDA Modem
Apple Mobile Device Support
Apple Software Update
Atheros WLAN Client
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Bonjour
Business Contact Manager für Outlook 2007
Business Contact Manager für Outlook 2007
Casting-Agentur
CDBurnerXP
Cucusoft Ultimate DVD + Video Converter Suite 7.19.7.12
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Pro 6.8.0 VFW
DivX Web Player
E.M. DVD Copy 2.51
Easy Battery Manager
Easy Display Manager
Easy Network Manager 4.0
Easy SpeedUp Manager
Favorit
Fraps (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ICQ6.5
imagine digital freedom - Samsung
Intel PROSet Wireless
Intel® Matrix Storage Manager
iTunes
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Small Business Connectivity Components
Microsoft SOAP Toolkit 2.0 SP2
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Move Networks Media Player for Internet Explorer
NVIDIA Drivers
OpenOffice.org 3.0
PlayCamera
PokerStars.net
QuickTime
Realtek High Definition Audio Driver
Samsung Magic Doctor
Samsung Recovery Solution III
Samsung Update Plus
Samsung Update Plus
Spelling Dictionaries Support For Adobe Reader 8
SPYWAREfighter
SPYWAREfighter
Synaptics Pointing Device Driver
Total Video Converter 3.21 090220
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
User Guide
VC80CRTRedist - 8.0.50727.762
Vimicro UVC Camera
VobSub v2.23 (Remove Only)
WIDCOMM Bluetooth Software 6.0.1.6300
Windows Mobile Device Center Driver Update
Windows Mobile®-Gerätehandbuch
Windows Mobile-Gerätecenter
WinRAR
XviD MPEG4 Video Codec (remove only)

Hey Leute,

ich kenne mich wirklich nicht gut mit der Problematik aus und wäre für jeden Tip dankbar!

Gruß

Jens

Hallo und :hallo:

1.) Deinstalliere:

• Ad-Aware
• Ad-Aware
• Apple Software Update
• Bonjour
• Favorit
• SPYWAREfighter
• SPYWAREfighter

2.) Mausklick rechts auf HJT => Ausführen als Administrator => Do a system scan only => Markiere:
=> Fix checked => Neustart

3.) Klicke auf "Für alle Neuen" in meiner Signatur, lies alles aufmerksam und arbeite die komplette Liste unter Punkt 2 ab.

ciao, andreas

Dieses "Favorit" lässt sich nicht deinstallieren....warum? Was ist das für eine Anwendung?

Das nennt sich Navipromo und zaubert bunte Werbefenster herbei. :D

Wenn er freiwillig nicht geht, dann eben mit Gewalt:

Bitte lade Dir Navilog1 von IL-MAFIOSO herunter.

• Doppelklicke auf navilog1.exe
• Sollte das Programm nach Abschluß der Installation nicht automatisch gestartet werden, führe es bitte per Doppelklick auf das Navilog1-Shortcut auf deinem Desktop aus.
• Wähle E für Englisch im Sprachenmenü
• Wähle 1 im nächsten Menü um "Suche" auszuwählen. Bestätige mit Enter.
• Die Dauer des Scans kann variieren, bitte abwarten. Wenn du aufgefordert wirst, eine Taste zu drücken, tue dies bitte.
• Ein neues Dokument sollte erstellt und geöffnet werden: fixnavi.txt.
• Bitte füge den Inhalt dieser Datei in deine nächste Antwort ein.

Der Bericht wird außerdem im Hauptverzeichnis (z.B.: "C:\") erstellt.

Hinweis:
Navilog1.exe wir von einigen Antivirenprogrammen als bösartig erkannt. Dies ist ein Fehlalarm. Die Nachricht bitte ignorieren.

ciao, andreas

Wenn ich das Programm installiert habe und öffne......gebe ich E für Englisch ein, aber danach zeigt das Programm Zugriff verweigert....warum? Dann stürzt es ab und Windows bringt mir die Meldung GetPaths.exe reagiert nicht mehr

Vista ist toll. :D

Mausklick rechts auf Navilog => Ausführen als Administrator.

ciao, andreas

das dauert ja ewig bis der durchgelaufen ist .......
Kommt auch ein Geräusch oder irgendwas wenn er was gefunden hat?

Wenn er fertig ist, dann kommt ein Log und nur das brauche ich. :)

ciao, andreas

OK IST DURCH! Hier der LOG!

Search Navipromo version 3.7.7 began on 10.06.2009 at 21:50:59,60

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Program Files\navilog1

Updated on 12.05.2009 at 18h00 by IL-MAFIOSO

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz )
BIOS : Phoenix SecureCore(tm) NB Version 10SV.MP00.20090109.WZW
USER : Jens Knossalla ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:60 Go (Free:9 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:205 Go)
E:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
F:\ (USB) - FAT32 - Total:3806 Mo (Free:3 Go)


Search done in normal mode


*** Search folders in "C:\Windows" ***


*** Search folders in "C:\Program Files" ***


*** Search folders in "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Search folders in "c:\progra~2\micros~1\windows\startm~1" ***


*** Search folders in "C:\ProgramData" ***


*** Search folders in "c:\users\jenskn~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Search folders in "C:\Users\Jens Knossalla\AppData\Local\virtualstore\Program Files" ***



*** Search folders in "C:\Users\Jens Knossalla\AppData\Local" ***




*** Search folders in "C:\Users\Jens Knossalla\AppData\Roaming" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\Windows\system32" *

* Scan in "C:\Users\Jens Knossalla\AppData\Local\Microsoft" *

* Scan in "C:\Users\Jens Knossalla\AppData\Local\virtualstore\windows\system32" *

* Scan in "C:\Users\Jens Knossalla\AppData\Local" *



*** Search files ***



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\Windows\system32" :


* In "C:\Users\Jens Knossalla\AppData\Local\Microsoft" :


* In "C:\Users\Jens Knossalla\AppData\Local\virtualstore\windows\system32" :


* In "C:\Users\Jens Knossalla\AppData\Local" :


3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 10.06.2009 at 22:07:29,51 ***

Navilog1 wieder deinstallieren, da ist nichts, nur noch der Eintrag in der Softwareliste.

Starte HJT => Open the Misc Tools section => Open Uninstall manager => Markiere Favorit => Delete this entry

ciao, andreas

lässt sich auch mit dem programm nicht löschen....was nun?

Drecks Vista. :koch:

Mausklick rechts auf HJT => Ausführen als Administrator => Open the Misc Tools section => Open Uninstall manager => Markiere Favorit => Delete this entry

ciao, andreas

Habe ich jetzt keinen Virus und gar nichts mehr?

Ich habe dir eine Liste mit 3 Punkten gegeben. Du bist noch beim ersten Punkt. Also weiter mit Punkt 2 (Fixen), dann Punkt 3 (der wiederum aus 4 Unterpunkten besteht). Wenn alle Logs hier sind, dann geht es weiter. :)

ciao, andreas

Welche Liste??? Ich hab doch alle Punkte durch oder?
Was muss ich jetzt machen?

Klicke mir mal ganz vorsichtig. :)

Ich möchte hier das Log von Malwarebytes sehen und danach ein neues HJT-Log.

ciao, andreas

Hier ist schonmal der Malware log! Es kamen einige Meldungen über trojanische pferde....Scheisse oder?



Malwarebytes' Anti-Malware 1.37
Datenbank Version: 2259
Windows 6.0.6001 Service Pack 1

10.06.2009 23:17:32
mbam-log-2009-06-10 (23-17-23).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 76148
Laufzeit: 4 minute(s), 2 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll (Trojan.Agent) -> No action taken.

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvd32_r (Trojan.Agent) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\jens knossalla\AppData\Local\Temp\qonfwoqv.exe (Trojan.Dropper) -> No action taken.
C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll (Trojan.Agent) -> No action taken.

Und hier der andere LOG, habe ich drüber laufen lassen......was meinst du?



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:19:04, on 10.06.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RssReader] "C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" /Autostart
O4 - HKCU\..\Run: [nvd32_r] rundll32.exe "C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll" s
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9e8f5f2be466d) (gupdate1c9e8f5f2be466d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

--
End of file - 6524 bytes

Ich würde sagen, du liest nochmal die Anleitung zu Malwarebytes, machst dann einen vollständigen Scan (so wie es in der Anleitung steht) und entfernst zum Schluß alle Funde (so wie es in der Anleitung steht).

Dann deinstallierst du Counterspy, führst das Fixen durch und postest ein neues HJT-Log.

ciao, andreas

was ist denn das fixen?

Hast du längere Zeit in der Schule gefehlt?
ciao, andreas

So hier bitteschön! Der neue LOGFILE!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:29, on 11.06.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RssReader] "C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" /Autostart
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9e8f5f2be466d) (gupdate1c9e8f5f2be466d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

--
End of file - 6124 bytes

Wo bleibt das Log von Malwarebytes mit dem vollständigen Scan?

Lade dir einen vernünftigen Browser wie den Firefox oder Opera. Kein verantwortungsvoller Mensch surft mit dem MSIE.

1.) Deaktiviere die Systemwiederherstellung, im Verlauf der Infektion wurden auch Malwaredateien in Wiederherstellungspunkten mitgesichert - die sind alle nun unbrauchbar, da ein Zurücksetzen des System durch einen Wiederherstellungspunkt das System wahrscheinlich wieder infizieren würde.

2.) http://www.trojaner-board.de/72647-b...ktivieren.html

3.) Mausklick rechts auf HJT => Ausführen als Administrator => Do a system scan only => Markiere (falls noch vorhanden):
=> Fix checked => Neustart

4.) Aktiviere die Benutzerkontensteuerung.

5.) Aktiviere die Systemwiederherstellung.

6.) Mausklick rechts auf HJT => Ausführen als Administrator => Do a system scan and save a logfile => Log posten.

ciao, andreas

Hier das Malware LOG


Malwarebytes' Anti-Malware 1.37
Datenbank Version: 2259
Windows 6.0.6001 Service Pack 1

11.06.2009 13:46:09
mbam-log-2009-06-11 (13-46-09).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 204497
Laufzeit: 1 hour(s), 58 minute(s), 31 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll (Trojan.Agent) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvd32_r (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Jens Knossalla\AppData\Roaming\unobi.dll (Trojan.Agent) -> Delete on reboot.

So habs geschafft !

Hier der lOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:28:23, on 11.06.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RssReader] "C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" /Autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9e8f5f2be466d) (gupdate1c9e8f5f2be466d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

--
End of file - 6749 bytes

Hab ich eigentlich schon einmal über Vista abgelästert?

Wie geht es dem Rechner? Noch irgendwelche Auffälligkeiten oder Meldungen beim Booten?

ciao, andreas

Ist im Prinzip alles wieder Super! Keine Fehlermeldungen und keine Werbefenster. Aber wie kann ich dafür sorgen das das auch so bleibt? Kann ich jetzt die ganzen Programme die die Logs erstellt haben wieder löschen? Was soll ich denn für eine Virensoftware benutzen....Ich will sowas auf jeden Fall nie wieder! Was ist der beste Schutz?

Durch das Befolgen einiger fundamentaler Regeln. Klicke auf die letzten beiden Links in meiner Signatur. Dort stehen sie, das wird auch gerne brain.exe genannt. Wer diese Regeln missachtet kann sicher sein, dass er sich Schädlinge "einfängt".

Hier steht es auch: http://www.trojaner-board.de/437659-post12.html
Ja. :daumenhoc
Hier wird üblicherweise die Kombination Avira/Malwarebytes angeraten. Du solltest dir nur bewusst sein, dass es kein Programm gibt, dass dich vor dir selber schützt. Wenn du Fehler machst, nützen dir alle "Sicherheitsprogramme" dieser Welt nichts. Sie unterstützen dich nur bei deinen Bemühungen. Die Verantwortung trägst du allein.

Du bist entlassen. :)

ciao, andreas

Soll ich dann das Malwarebytes ab und u mal, alle paar wochen surchlaufen lassen? Weil das ja kein Hintergrundprogramm ist oder?

Genau. Malwarebytes ist ein erwachsenes Programm, d.h. du musst dich um das updaten und scannen selbst kümmern. :)
Genau, ein on-demand-scanner, der nur läuft, wenn du es möchtest oder es für notwendig hältst.

ciao, andreas

Hey super!
Vielen lieben Dank! Du warst echt ein super Berater!
Mach weiter so! Du hilfst vielen Leuten mit deinem Dienst weiter!

Einfach spitze

Gruß
Jens

Aber mein Antivi hat noch einen Virus gefunden und zwar:

ADSPY/AdSpy.Gen

Was tun?

Die Namen von Avira sind völlig nichtssagend. Was wir brauchen ist der genaue Dateiname und der Pfad. Poste am besten das Log von Avira, dann haben wir alles notwendige.

ciao, andreas

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Donnerstag, 11. Juni 2009 19:52

Es wird nach 1463231 Virenstämmen gesucht.

Lizenznehmer : Avira AntiVir Personal - FREE Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : JENSKNOSSALL-PC

Versionsinformationen:
BUILD.DAT : 9.0.0.403 17961 Bytes 03.06.2009 17:00:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10.06.2009 15:19:24
AVSCAN.DLL : 9.0.3.0 49409 Bytes 13.02.2009 11:04:10
LUKE.DLL : 9.0.3.2 209665 Bytes 20.02.2009 10:35:44
LUKERES.DLL : 9.0.2.0 13569 Bytes 26.01.2009 09:41:59
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11.02.2009 19:33:26
ANTIVIR2.VDF : 7.1.4.38 2692096 Bytes 29.05.2009 00:00:00
ANTIVIR3.VDF : 7.1.4.84 332800 Bytes 11.06.2009 15:22:50
Engineversion : 8.2.0.187
AEVDF.DLL : 8.1.1.1 106868 Bytes 04.06.2009 00:00:08
AESCRIPT.DLL : 8.1.2.6 409978 Bytes 11.06.2009 15:22:54
AESCN.DLL : 8.1.2.3 127347 Bytes 04.06.2009 00:00:07
AERDL.DLL : 8.1.1.3 438645 Bytes 29.10.2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 04.06.2009 00:00:06
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26.02.2009 19:01:56
AEHEUR.DLL : 8.1.0.131 1786232 Bytes 11.06.2009 15:22:53
AEHELP.DLL : 8.1.3.6 205174 Bytes 11.06.2009 15:22:50
AEGEN.DLL : 8.1.1.45 348532 Bytes 10.06.2009 15:19:24
AEEMU.DLL : 8.1.0.9 393588 Bytes 09.10.2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 04.06.2009 00:00:01
AEBB.DLL : 8.1.0.3 53618 Bytes 09.10.2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 07:47:56
AVPREF.DLL : 9.0.0.1 43777 Bytes 03.12.2008 10:39:55
AVREP.DLL : 8.0.0.3 155905 Bytes 20.01.2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 07.11.2008 14:25:04
AVARKT.DLL : 9.0.0.3 292609 Bytes 24.03.2009 14:05:37
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.01.2009 09:37:04
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.01.2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.02.2009 07:21:28
NETNT.DLL : 9.0.0.0 11521 Bytes 07.11.2008 14:41:21
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10.06.2009 15:19:24
RCTEXT.DLL : 9.0.37.0 87809 Bytes 17.04.2009 09:13:12

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Donnerstag, 11. Juni 2009 19:52

Der Suchlauf nach versteckten Objekten wird begonnen.
Es wurden '108736' Objekte überprüft, '0' versteckte Objekte wurden gefunden.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'ICQ.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'bittorrent.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ieuser.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinMail.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RSSReader.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmdc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSASCui.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'explorer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySpeedUpManager.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasyBatteryMgr3.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmhkcore.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MagicDoctorKbdHk.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mscorsvw.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NMSAccessU.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlservr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'audiodg.exe' - '0' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '1' Modul(e) wurden durchsucht
Es wurden '70' Prozesse mit '70' Modulen durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '46' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\hiberfil.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
[HINWEIS] Bei dieser Datei handelt es sich um eine Windows Systemdatei.
[HINWEIS] Es ist in Ordnung, dass diese Datei für die Suche nicht geöffnet werden kann.
C:\pagefile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
[HINWEIS] Bei dieser Datei handelt es sich um eine Windows Systemdatei.
[HINWEIS] Es ist in Ordnung, dass diese Datei für die Suche nicht geöffnet werden kann.
C:\$Recycle.Bin\S-1-5-21-231028011-720208147-1658006778-1003\$R6MT52Q.exe
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/AdSpy.Gen
Beginne mit der Suche in 'D:\'

Beginne mit der Desinfektion:
C:\$Recycle.Bin\S-1-5-21-231028011-720208147-1658006778-1003\$R6MT52Q.exe
[FUND] Enthält Erkennungsmuster der Ad- oder Spyware ADSPY/AdSpy.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a674da6.qua' verschoben!


Ende des Suchlaufs: Donnerstag, 11. Juni 2009 20:30
Benötigte Zeit: 38:29 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

20199 Verzeichnisse wurden überprüft
336071 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
2 Dateien konnten nicht durchsucht werden
336068 Dateien ohne Befall
5969 Archive wurden durchsucht
2 Warnungen
3 Hinweise
108736 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

1.) http://www.trojaner-board.de/51464-a...-ccleaner.html

2.) Deaktiviere die Systemwiederherstellung, im Verlauf der Infektion wurden auch Malwaredateien in Wiederherstellungspunkten mitgesichert - die sind alle nun unbrauchbar, da ein Zurücksetzen des System durch einen Wiederherstellungspunkt das System wahrscheinlich wieder infizieren würde.
Nach Neustart kann sie wieder aktiviert werden.

ciao, andreas

Ohjeeee ich bins mal wieder, habe wieder ein Problem und würde mich freuen wenn du mir mal wieder helfen könntest ;-)
Und zwar habe ich wieder malware etc....volles programm....ausserdem wenn ich in google was suche, dann öffnet sich immer ein neues fenster, ganz komisch so war es noch nie....bitte bitte lieber herr doe =)

Ich wollte eigentlich nur einen codec für divx runterladen und dann so ne scheisse.

Jetzt mekre ich gerade das ich hijack nicht ausführen kann, es öffnet sich nicht....was jetzt? Das ist doch bestimmt durch den Virus geblockt oder?

Hilfe!

Ausserdem öffnet google manche seiten gar nicht (wie zb. Trojaner board, da hat er einfach immer ebay aufgemacht) das ist doch sicher der virus oder? Auf das Anti Malware kann ich auch nicht zugreifen.....bitte um Hilfe

Hast du den Link noch? Ich bin immer auf der Suche nach den Quellen.

1.) Solltest du noch irgendetwas mit dem Computer verbinden, wie Memorysticks, Speicherkarten, Digitalkameras, Handy, externe Laufwerke, ... dann stecke vor dem Scan alles an.

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir das Tool hier herunter auf den Desktop -> KLICK

Das Programm jedoch noch nicht starten sondern zuerst folgendes tun:

• Schliesse alle Anwendungen und Programme, vor allem deine Antiviren-Software und andere Hintergrundwächter, sowie deinen Internetbrowser.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

• Starte nun die combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen und lass dein System durchsuchen.
  
  Sollte sich ComboFix nicht starten lassen, dann benenne es um in cofi.exe und versuche es nocheinmal.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte abkopieren und in deinen Beitrag einfügen. Das log findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Hinweis: Combofix verhindert die Autostart Funktion aller CD / DVD und USB - Laufwerken um so eine Verbeitung einzudämmen. Wenn es hierdurch zu Problemen kommt, diese im Thread posten.

2.) Systemdetails mit RSIT prüfen

• Lade Random's System Information Tool (RSIT) von random/random herunter,
• speichere es auf Deinem Desktop.
• Starte mit Doppelklick die RSIT.exe.
• Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
• Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
• Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
• Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt hier in den Thread.

ciao, andreas

((((((((((((((((((((((( Dateien erstellt von 2009-05-28 bis 2009-06-29 ))))))))))))))))))))))))))))))
.

2009-06-29 16:06 . 2009-06-29 16:06 -------- d-----w- c:\users\Jens Knossalla\AppData\Local\temp
2009-06-28 01:43 . 2009-06-28 01:43 -------- d-----w- c:\program files\HDQuality
2009-06-26 17:43 . 2009-06-26 17:44 -------- d-----w- c:\program files\Cheatbook 03.2009
2009-06-25 20:36 . 2009-06-27 13:50 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\RobinsonCrusoe
2009-06-25 20:36 . 2009-06-25 20:36 -------- d-----w- c:\program files\GamesBar
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Oberon Media
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Gamenext
2009-06-18 11:01 . 2009-06-18 11:01 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\dvdcss
2009-06-12 23:03 . 2009-06-12 23:03 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-11 18:48 . 2009-06-11 18:48 -------- d-----w- c:\program files\CCleaner
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\ca-ES
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\eu-ES
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\vi-VN
2009-06-11 17:17 . 2009-06-11 17:17 -------- d-----w- c:\windows\system32\EventProviders
2009-06-11 17:15 . 2009-04-11 06:28 1077248 ----a-w- c:\windows\system32\vssapi.dll
2009-06-11 17:14 . 2009-04-11 06:28 33280 ----a-w- c:\windows\system32\wscapi.dll
2009-06-11 16:51 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-11 16:51 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-11 16:50 . 2009-06-11 16:50 -------- d-----w- c:\program files\iPod
2009-06-11 16:50 . 2009-06-11 16:51 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-11 16:50 . 2009-06-11 16:51 -------- d-----w- c:\program files\iTunes
2009-06-11 16:49 . 2009-06-11 16:49 -------- d-----w- c:\program files\Bonjour
2009-06-11 16:48 . 2009-06-11 16:49 -------- d-----w- c:\program files\QuickTime
2009-06-11 16:47 . 2009-06-11 16:47 -------- d-----w- c:\program files\Apple Software Update
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\Malwarebytes
2009-06-10 21:11 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\programdata\Malwarebytes
2009-06-10 21:11 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-10 19:44 . 2009-06-10 20:33 -------- d-----w- c:\program files\Navilog1
2009-06-10 16:27 . 2009-04-23 12:15 828416 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 16:27 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-10 15:44 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 15:43 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-10 15:35 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-09 11:31 . 2009-06-20 10:18 -------- d-----w- c:\program files\Google
2009-06-09 11:31 . 2009-06-09 11:32 -------- d-----w- c:\users\Jens Knossalla\AppData\Local\Google
2009-06-09 11:20 . 2009-06-09 11:20 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\AVS4YOU
2009-06-09 11:20 . 2009-06-09 11:20 -------- d-----w- c:\programdata\AVS4YOU
2009-06-09 11:19 . 2009-06-09 11:22 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-09 11:19 . 2009-01-28 18:49 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-06-09 11:19 . 2009-06-09 11:22 -------- d-----w- c:\program files\AVS4YOU
2009-06-09 11:19 . 2009-01-28 18:49 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-06-08 16:47 . 2009-06-08 16:47 -------- d-----w- c:\program files\Trend Micro
2009-06-08 16:14 . 2009-06-09 15:27 104 ----a-w- c:\windows\system32\SBRC.dat
2009-06-08 16:09 . 2009-06-08 16:09 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\Sunbelt Software
2009-06-05 11:57 . 2009-06-05 11:57 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-04 15:31 . 2009-06-04 15:29 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-06-04 15:16 . 2009-06-09 15:29 -------- d-----w- c:\program files\Lavasoft
2009-06-04 15:16 . 2009-06-09 15:29 -------- d-----w- c:\programdata\Lavasoft
2009-06-03 23:46 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-03 23:46 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-03 23:46 . 2009-06-03 23:46 -------- d-----w- c:\programdata\Avira
2009-06-03 23:46 . 2009-06-03 23:46 -------- d-----w- c:\program files\Avira
2009-06-02 23:15 . 2009-06-09 15:44 -------- d-----w- c:\program files\Fighters
2009-06-02 23:15 . 2009-06-02 23:15 -------- d-----w- c:\programdata\Fighters
2009-06-01 21:44 . 2008-11-05 09:39 92326 ----a-w- c:\windows\system32\HKCU_GNU.reg
2009-06-01 21:44 . 2008-06-17 08:57 6700 ----a-w- c:\windows\system32\HKLM_GNU.reg
2009-06-01 21:44 . 2006-07-17 19:42 14909 ----a-w- c:\windows\system32\A_reg.reg
2009-06-01 21:44 . 2008-02-03 19:26 364544 ----a-w- c:\windows\system32\cdg.dll
2009-06-01 21:44 . 2006-09-27 15:46 348160 ----a-w- c:\windows\system32\cdga.dll
2009-06-01 19:31 . 2009-06-29 15:57 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\BitTorrent
2009-06-01 19:30 . 2009-06-01 19:30 -------- d-----w- c:\program files\DNA
2009-06-01 19:30 . 2009-06-01 19:30 -------- d-----w- c:\program files\BitTorrent
2009-06-01 10:51 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-31 19:53 . 2009-06-08 15:18 97 ----a-w- c:\users\Jens Knossalla\AppData\Local\caocs.bat
2009-05-31 19:49 . 2004-10-12 12:42 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2009-05-31 19:49 . 2004-10-05 14:16 395776 ----a-w- c:\windows\system32\libmplayer.dll
2009-05-31 19:49 . 2004-10-03 23:50 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2009-05-31 19:49 . 2004-09-10 11:50 34820 ----a-w- c:\windows\system32\ffdshow.reg
2009-05-31 15:23 . 2009-05-31 15:23 -------- d-----w- c:\program files\E.M. DVD Copy
2009-05-31 15:00 . 2009-05-31 15:00 -------- d-----w- c:\program files\XviD
2009-05-31 15:00 . 2009-05-31 15:00 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-31 14:59 . 2009-05-31 14:59 -------- d-----w- c:\program files\Gabest
2009-05-31 14:49 . 2009-05-31 14:56 -------- d-----w- C:\EasyDivX
2009-05-31 14:26 . 2009-06-09 11:39 -------- d-----w- C:\ConverterOutput
2009-05-31 14:26 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.DLL
2009-05-31 14:26 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.DLL
2009-05-31 14:26 . 2008-06-15 19:13 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-31 14:26 . 2008-06-15 08:01 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-05-31 14:26 . 2008-06-15 08:01 258352 ----a-w- c:\windows\system32\unicows.dll
2009-05-31 14:26 . 2009-06-01 20:00 -------- d-----w- c:\program files\Cucusoft
2009-05-31 13:46 . 2009-05-31 13:46 -------- d-----w- C:\Fraps

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-29 16:06 . 2008-09-11 15:12 675412 ----a-w- c:\windows\system32\perfh007.dat
2009-06-29 16:06 . 2008-09-11 15:12 146368 ----a-w- c:\windows\system32\perfc007.dat
2009-06-29 15:57 . 2008-09-12 19:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-29 15:36 . 2009-01-17 05:03 65270 ----a-w- c:\programdata\nvModes.dat
2009-06-20 20:34 . 2009-04-23 16:45 1 ----a-w- c:\users\Jens Knossalla\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-12 23:03 . 2009-02-23 03:24 -------- d-----w- c:\program files\DivX
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-11 17:28 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-11 17:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-11 17:27 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-11 17:24 . 2008-09-12 04:37 -------- d-----w- c:\programdata\NVIDIA
2009-06-11 16:50 . 2009-02-23 02:12 -------- d-----w- c:\program files\Common Files\Apple
2009-06-08 15:48 . 2008-09-12 03:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-03 23:32 . 2008-09-12 04:31 -------- d-----w- c:\programdata\McAfee
2009-05-31 14:25 . 2009-02-23 15:01 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\Download Manager
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-30 15:51 . 2009-04-30 15:51 43646 ----a-r- c:\users\Jens Knossalla\AppData\Roaming\Microsoft\Installer\{071F3745-E389-4345-86DF-E80B55446FCE}\ARPPRODUCTICON.exe
2009-04-24 06:26 . 2009-02-18 19:17 102416 ----a-w- c:\users\Jens Knossalla\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-11 06:33 . 2009-06-11 17:16 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-06-11 17:15 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-06-11 17:15 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-06-11 17:16 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-06-11 17:15 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-06-11 17:15 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-06-11 17:16 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-06-11 17:14 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-06-11 17:14 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-06-11 17:14 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-06-11 17:16 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-11 05:03 . 2009-06-11 17:16 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-06-11 17:14 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-06-11 17:14 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-06-11 17:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-06-11 17:15 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-06-11 17:14 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-06-11 17:14 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-06-11 17:14 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-06-11 17:14 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2009-04-11 04:46 . 2009-06-11 17:14 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-06-11 17:15 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:46 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\rndismpx.sys
2009-04-11 04:45 . 2009-06-11 17:15 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-06-11 17:15 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-06-11 17:15 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-06-11 17:15 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-06-11 17:15 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-06-11 17:14 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-06-11 17:14 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-06-11 17:15 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-06-11 17:15 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-06-11 17:15 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-06-11 17:15 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-06-11 17:15 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-06-11 17:14 31616 ----a-w- c:\windows\system32\drivers\winusb.sys
2009-04-11 04:42 . 2009-06-11 17:15 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-06-11 17:14 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42 . 2009-06-11 17:14 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42 . 2009-06-11 17:14 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42 . 2009-06-11 17:16 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39 . 2009-06-11 17:14 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39 . 2009-06-11 17:14 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39 . 2009-06-11 17:14 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38 . 2009-06-11 17:15 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:27 . 2009-06-11 17:14 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23 . 2009-06-11 17:15 626176 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23 . 2009-06-11 17:14 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:23 . 2009-06-11 17:14 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-04-11 04:22 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
2009-04-11 04:15 . 2009-06-11 17:15 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-11 04:15 . 2009-06-11 17:15 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-04-11 04:15 . 2009-06-11 17:15 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-04-11 04:14 . 2009-06-11 17:15 114688 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-04-11 04:14 . 2009-06-11 17:15 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14 . 2009-06-11 17:15 225280 ----a-w- c:\windows\system32\drivers\rdbss.sys
2009-04-11 04:14 . 2009-06-11 17:15 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14 . 2009-06-11 17:15 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14 . 2009-06-11 17:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-04-11 04:14 . 2009-06-11 17:15 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2009-04-11 04:13 . 2009-06-11 17:14 226816 ----a-w- c:\windows\system32\drivers\udfs.sys
2009-04-11 04:13 . 2009-06-11 17:15 136704 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-04-11 04:13 . 2009-06-11 17:15 142848 ----a-w- c:\windows\system32\drivers\fastfat.sys
2009-04-11 04:12 . 2009-06-11 17:15 617984 ----a-w- c:\windows\system32\adtschema.dll
2009-04-11 02:52 . 2009-06-11 17:16 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2009-04-11 01:59 . 2009-06-11 17:15 107612 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2009-04-06 16:28 . 2009-04-06 16:28 0 ----a-w- c:\windows\Infob.dat
2009-04-06 16:28 . 2009-04-06 16:28 0 ----a-w- c:\windows\Infoa.dat
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RssReader"="c:\users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" [2008-10-02 3067904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-26 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-26 92704]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-17 6111232]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):b2,87,c1,da,ba,ea,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1B3F7F1F-72EE-4494-909F-F2976B322585}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{1FE40BD4-3E0D-4C97-8EFF-C24843E67CA4}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"TCP Query User{6E99D086-B2EE-45FA-B0AC-2CE18263EBAC}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{CC63415C-BB53-4357-955D-7B8F7707ADB2}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{F739587D-0F32-46D9-AB5C-B2FDF0CDCE35}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{F2A27DC2-F981-4502-94CA-A99F49592302}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"{057607ED-57A7-48C0-9002-D6DD388129F7}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{C36EACD9-A3CD-4B78-A3DA-C863AF3E4A52}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{087269CB-C29E-4584-9831-38D886F26584}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{54DD7B8D-9512-4516-BAD3-041659CA99AF}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{709D28E9-790D-45E1-82F1-003E93A32C1C}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{79524875-3480-489C-B0B4-C617A3117EC9}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\System32\drivers\iaNvStor.sys [12.09.2008 05:54 226328]
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [04.06.2009 17:31 64160]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [04.06.2009 01:46 108289]
R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\System32\drivers\KMDFMEMIO.sys [12.09.2008 06:01 13312]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [14.04.2006 03:07 28933976]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [11.09.2008 17:02 44576]
R3 VMC302;Vimicro Camera Service VMC302;c:\windows\System32\drivers\vmc302.sys [12.09.2008 05:56 242048]
S2 gupdate1c9e8f5f2be466d;Google Update Service (gupdate1c9e8f5f2be466d);c:\program files\Google\Update\GoogleUpdate.exe [09.06.2009 13:32 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners

2009-06-29 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-09 11:31]

2009-06-29 c:\windows\Tasks\SupBackGroundTask.job
- c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe [2008-10-27 13:38]

2009-06-28 c:\windows\Tasks\User_Feed_Synchronization-{F88C0E6D-106F-4422-B887-51CDA5E691B2}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game10.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-29 18:06
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2009-06-29 18:07
ComboFix-quarantined-files.txt 2009-06-29 16:07

Vor Suchlauf: 9.266.700.288 Bytes frei
Nach Suchlauf: 9.331.056.640 Bytes frei

355 --- E O F --- 2009-06-25 14:34

So hier der Log File....weil es nicht ganz gepassst hat über zwei Threads verteilt...

Mein Hintergrund von Windows ist jetzt wieder standar, ist das normal? Hat sich sonst noch was verändert?




ComboFix 09-06-28.06 - Jens Knossalla 29.06.2009 18:00.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.2297 [GMT 2:00]
ausgeführt von:: c:\users\Jens Knossalla\Desktop\cofi.exe.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\msetup
c:\windows\msetup\BASW-00503A63\data1.cab
c:\windows\msetup\BASW-00503A63\data1.hdr
c:\windows\msetup\BASW-00503A63\data2.cab
c:\windows\msetup\BASW-00503A63\engine32.cab
c:\windows\msetup\BASW-00503A63\layout.bin
c:\windows\msetup\BASW-00503A63\PlayCamera\CameraOn.wav
c:\windows\msetup\BASW-00503A63\PlayCamera\Click.wav
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_chs_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_cht_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_deu_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_eng_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_esp_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_fra_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_ita_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_kor_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_ptg_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_rus_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\Help\PlayCamera_ukr_s.chm
c:\windows\msetup\BASW-00503A63\PlayCamera\HookDllPS2.dll
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\Back_Big.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\Back_Small.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbCancel.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbHelp.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbOk.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbOpen.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbPreviewOff.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbPreviewOn.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbRecordOff.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbRecordOn.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\gbSnap.bmp
c:\windows\msetup\BASW-00503A63\PlayCamera\Images\PlayCamera.ico
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_chs.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_cht.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_deu.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_eng.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_esp.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_fra.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_ita.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_kor.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_ptg.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_rus.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\Language\PlayCamera_ukr.txt
c:\windows\msetup\BASW-00503A63\PlayCamera\PlayCamera.exe
c:\windows\msetup\BASW-00503A63\PlayCamera\SSHook.dll
c:\windows\msetup\BASW-00503A63\PlayCamera\Uninst.ico
c:\windows\msetup\BASW-00503A63\setup.exe
c:\windows\msetup\BASW-00503A63\setup.ibt
c:\windows\msetup\BASW-00503A63\setup.ini
c:\windows\msetup\BASW-00503A63\setup.iss
c:\windows\msetup\BASW-00503A63\SWDesc.txt
c:\windows\msetup\BASW-01038A05\ChgWLANSettings.exe
c:\windows\msetup\MSetup.exe
c:\windows\msetup\MSetupLog.log
c:\windows\system32\drivers\MSIVXrbobgetuwnpphbuietwtwbjmionxvcsu.sys
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXujxowkchuvbftqcyaeeaqidvcnftffjn.dll
c:\windows\system32\MSIVXxpglocvfnkgmrtpjtuqvmiivtmxipprs.dll
c:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSIVXserv.sys

2009-06-11 19:14:55 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\nslookup.exe
2009-06-11 19:14:55 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\mfps.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-11 19:14:55 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-11 19:14:55 ----A---- C:\Windows\system32\bthci.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\aaclient.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-11 19:14:54 ----A---- C:\Windows\system32\mmcico.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-11 19:14:54 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-11 19:14:54 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-11 19:14:54 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-11 19:14:53 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-11 19:14:53 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-11 19:14:53 ----A---- C:\Windows\system32\csrstub.exe
2009-06-11 19:14:53 ----A---- C:\Windows\system32\cbsra.exe
2009-06-11 19:14:53 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-11 19:14:53 ----A---- C:\Windows\system32\atmlib.dll
2009-06-11 19:14:52 ----A---- C:\Windows\system32\winrnr.dll
2009-06-11 19:14:52 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-11 19:14:52 ----A---- C:\Windows\system32\slwga.dll
2009-06-11 19:14:52 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-11 19:14:52 ----A---- C:\Windows\system32\inetppui.dll
2009-06-11 19:14:51 ----A---- C:\Windows\system32\midimap.dll
2009-06-11 19:14:51 ----A---- C:\Windows\system32\atmfd.dll
2009-06-11 19:14:50 ----A---- C:\Windows\system32\spwmp.dll
2009-06-11 19:14:49 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-11 19:14:49 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-11 19:14:48 ----A---- C:\Windows\system32\msimsg.dll
2009-06-11 19:14:48 ----A---- C:\Windows\system32\mferror.dll
2009-06-11 19:14:48 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-11 19:14:28 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-11 19:14:24 ----A---- C:\Windows\system32\wdscore.dll
2009-06-11 19:14:24 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-11 19:14:14 ----A---- C:\Windows\system32\drvstore.dll
2009-06-11 18:51:01 ----A---- C:\Windows\system32\GEARAspi.dll
2009-06-11 18:50:46 ----D---- C:\Program Files\iPod
2009-06-11 18:50:44 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-11 18:50:44 ----D---- C:\Program Files\iTunes
2009-06-11 18:49:20 ----D---- C:\Program Files\Bonjour
2009-06-11 18:48:40 ----D---- C:\Program Files\QuickTime
2009-06-11 18:47:04 ----D---- C:\Program Files\Apple Software Update
2009-06-10 23:11:38 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\Malwarebytes
2009-06-10 23:11:33 ----D---- C:\ProgramData\Malwarebytes
2009-06-10 23:11:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-10 21:50:59 ----A---- C:\fixnavi.txt
2009-06-10 21:44:02 ----D---- C:\Program Files\Navilog1
2009-06-10 18:27:44 ----A---- C:\Windows\system32\mshtml.dll
2009-06-10 18:27:42 ----A---- C:\Windows\system32\wininet.dll
2009-06-10 18:27:42 ----A---- C:\Windows\system32\urlmon.dll
2009-06-10 18:27:40 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-10 18:27:40 ----A---- C:\Windows\system32\ieencode.dll
2009-06-10 17:43:37 ----A---- C:\Windows\system32\localspl.dll
2009-06-10 17:35:43 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-09 13:31:53 ----D---- C:\Program Files\Google
2009-06-09 13:20:51 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\AVS4YOU
2009-06-09 13:20:48 ----D---- C:\ProgramData\AVS4YOU
2009-06-09 13:19:49 ----D---- C:\Program Files\Common Files\AVSMedia
2009-06-09 13:19:34 ----A---- C:\Windows\system32\mfc70.dll
2009-06-09 13:19:33 ----D---- C:\Program Files\AVS4YOU
2009-06-09 13:19:33 ----A---- C:\Windows\system32\msxml3a.dll
2009-06-08 18:47:10 ----D---- C:\Program Files\Trend Micro
2009-06-08 18:09:47 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\Sunbelt Software
2009-06-08 17:48:26 ----D---- C:\Program Files\Adobe
2009-06-04 17:16:14 ----D---- C:\ProgramData\Lavasoft
2009-06-04 17:16:14 ----D---- C:\Program Files\Lavasoft
2009-06-04 01:46:23 ----D---- C:\ProgramData\Avira
2009-06-04 01:46:23 ----D---- C:\Program Files\Avira
2009-06-03 01:15:17 ----D---- C:\ProgramData\Fighters
2009-06-03 01:15:17 ----D---- C:\Program Files\Fighters
2009-06-03 01:14:00 ----A---- C:\Users\Jens Knossalla\AppData\Roaming\install.txt
2009-06-01 23:44:26 ----A---- C:\Windows\system32\cdga.dll
2009-06-01 23:44:26 ----A---- C:\Windows\system32\cdg.dll
2009-06-01 22:00:11 ----A---- C:\avi_log.txt
2009-06-01 21:31:04 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\BitTorrent
2009-06-01 21:30:30 ----D---- C:\Program Files\DNA
2009-06-01 21:30:27 ----D---- C:\Program Files\BitTorrent
2009-06-01 12:51:00 ----A---- C:\Windows\system32\netfxperf.dll
2009-05-31 21:49:30 ----A---- C:\Windows\system32\TomsMoComp_ff.dll
2009-05-31 21:49:30 ----A---- C:\Windows\system32\libmplayer.dll
2009-05-31 21:49:30 ----A---- C:\Windows\system32\libmpeg2_ff.dll
2009-05-31 21:46:10 ----A---- C:\Cucu_Video_log.txt
2009-05-31 17:23:11 ----D---- C:\Program Files\E.M. DVD Copy
2009-05-31 17:07:06 ----A---- C:\Users\Jens Knossalla\AppData\Roaming\AutoGK.ini
2009-05-31 17:00:31 ----D---- C:\Program Files\XviD
2009-05-31 17:00:14 ----D---- C:\Program Files\AviSynth 2.5
2009-05-31 16:59:46 ----D---- C:\Program Files\Gabest
2009-05-31 16:49:45 ----D---- C:\EasyDivX
2009-05-31 16:26:28 ----D---- C:\ConverterOutput
2009-05-31 16:26:15 ----A---- C:\Windows\system32\MSVCP71.DLL
2009-05-31 16:26:15 ----A---- C:\Windows\system32\MFC71.DLL
2009-05-31 16:26:13 ----A---- C:\Windows\system32\unicows.dll
2009-05-31 16:26:13 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-05-31 16:26:13 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2009-05-31 16:26:13 ----A---- C:\Windows\system32\ff_vfw.dll
2009-05-31 16:26:06 ----D---- C:\Program Files\Cucusoft
2009-05-31 15:46:27 ----D---- C:\Fraps

======List of files/folders modified in the last 1 months======

2009-06-29 18:20:40 ----D---- C:\Windows
2009-06-29 18:07:50 ----D---- C:\Windows\system32\de-DE
2009-06-29 18:07:50 ----D---- C:\Windows\System32
2009-06-29 18:07:21 ----D---- C:\Windows\Tasks
2009-06-29 18:06:34 ----A---- C:\Windows\system.ini
2009-06-29 18:06:30 ----D---- C:\Windows\inf
2009-06-29 18:06:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-29 18:06:01 ----D---- C:\Windows\system32\drivers
2009-06-29 18:04:53 ----D---- C:\Windows\AppPatch
2009-06-29 18:04:52 ----D---- C:\Program Files\Common Files
2009-06-29 17:55:42 ----SHD---- C:\System Volume Information
2009-06-29 17:55:04 ----D---- C:\Windows\Prefetch
2009-06-29 07:39:00 ----D---- C:\Windows\system32\Tasks
2009-06-28 03:43:30 ----RD---- C:\Program Files
2009-06-26 20:29:23 ----D---- C:\Windows\system32\WDI
2009-06-26 19:44:33 ----A---- C:\Windows\win.ini
2009-06-25 22:36:40 ----HD---- C:\ProgramData
2009-06-25 21:50:30 ----SD---- C:\Windows\Downloaded Program Files
2009-06-25 07:26:16 ----D---- C:\Windows\Microsoft.NET
2009-06-24 23:25:33 ----SHD---- C:\Windows\Installer
2009-06-19 07:11:51 ----D---- C:\Windows\system32\catroot2
2009-06-15 21:38:59 ----RSD---- C:\Windows\assembly
2009-06-15 20:51:05 ----D---- C:\Windows\ehome
2009-06-15 20:45:59 ----D---- C:\Windows\winsxs
2009-06-14 21:01:08 ----D---- C:\Windows\system32\catroot
2009-06-13 01:03:57 ----D---- C:\Program Files\DivX
2009-06-11 20:59:26 ----SD---- C:\Users\Jens Knossalla\AppData\Roaming\Microsoft
2009-06-11 20:51:57 ----D---- C:\Windows\Debug
2009-06-11 19:47:21 ----D---- C:\Windows\rescache
2009-06-11 19:34:03 ----SHD---- C:\Boot
2009-06-11 19:28:06 ----D---- C:\Program Files\Windows Mail
2009-06-11 19:28:06 ----D---- C:\Program Files\Windows Calendar
2009-06-11 19:28:05 ----D---- C:\Program Files\Windows Sidebar
2009-06-11 19:28:05 ----D---- C:\Program Files\Windows Media Player
2009-06-11 19:28:05 ----D---- C:\Program Files\Windows Collaboration
2009-06-11 19:28:05 ----D---- C:\Program Files\Movie Maker
2009-06-11 19:28:05 ----D---- C:\Program Files\Internet Explorer
2009-06-11 19:28:04 ----D---- C:\Program Files\Windows Journal
2009-06-11 19:28:03 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-11 19:28:03 ----D---- C:\Program Files\Common Files\System
2009-06-11 19:27:59 ----D---- C:\Windows\servicing
2009-06-11 19:27:59 ----D---- C:\Program Files\Windows Defender
2009-06-11 19:27:46 ----D---- C:\Windows\system32\XPSViewer
2009-06-11 19:27:46 ----D---- C:\Windows\system32\sk-SK
2009-06-11 19:27:46 ----D---- C:\Windows\system32\lv-LV
2009-06-11 19:27:46 ----D---- C:\Windows\system32\ko-KR
2009-06-11 19:27:46 ----D---- C:\Windows\system32\hr-HR
2009-06-11 19:27:46 ----D---- C:\Windows\system32\et-EE
2009-06-11 19:27:46 ----D---- C:\Windows\system32\en-US
2009-06-11 19:27:46 ----D---- C:\Windows\system32\da-DK
2009-06-11 19:27:46 ----D---- C:\Windows\IME
2009-06-11 19:27:42 ----D---- C:\Windows\system32\oobe
2009-06-11 19:27:42 ----D---- C:\Windows\system32\migration
2009-06-11 19:27:42 ----D---- C:\Windows\system32\it-IT
2009-06-11 19:27:42 ----D---- C:\Windows\system32\el-GR
2009-06-11 19:27:40 ----D---- C:\Windows\system32\sv-SE
2009-06-11 19:27:40 ----D---- C:\Windows\system32\setup
2009-06-11 19:27:40 ----D---- C:\Windows\system32\ru-RU
2009-06-11 19:27:40 ----D---- C:\Windows\system32\he-IL
2009-06-11 19:27:40 ----D---- C:\Windows\system32\fr-FR
2009-06-11 19:27:40 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-11 19:27:39 ----D---- C:\Windows\system32\zh-CN
2009-06-11 19:27:39 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-11 19:27:39 ----D---- C:\Windows\system32\SLUI
2009-06-11 19:27:39 ----D---- C:\Windows\system32\pt-PT
2009-06-11 19:27:39 ----D---- C:\Windows\system32\manifeststore
2009-06-11 19:27:39 ----D---- C:\Windows\system32\hu-HU
2009-06-11 19:27:39 ----D---- C:\Windows\system32\fi-FI
2009-06-11 19:27:39 ----D---- C:\Windows\system32\cs-CZ
2009-06-11 19:27:38 ----D---- C:\Windows\system32\zh-TW
2009-06-11 19:27:38 ----D---- C:\Windows\system32\uk-UA
2009-06-11 19:27:38 ----D---- C:\Windows\system32\sl-SI
2009-06-11 19:27:38 ----D---- C:\Windows\system32\ro-RO
2009-06-11 19:27:38 ----D---- C:\Windows\system32\pl-PL
2009-06-11 19:27:38 ----D---- C:\Windows\system32\ja-JP
2009-06-11 19:27:38 ----D---- C:\Windows\system32\es-ES
2009-06-11 19:27:38 ----D---- C:\Windows\system32\bg-BG
2009-06-11 19:27:37 ----D---- C:\Windows\system32\tr-TR
2009-06-11 19:27:37 ----D---- C:\Windows\system32\th-TH
2009-06-11 19:27:36 ----D---- C:\Windows\system32\wbem
2009-06-11 19:27:36 ----D---- C:\Windows\system32\nb-NO
2009-06-11 19:27:35 ----D---- C:\Windows\system32\pt-BR
2009-06-11 19:27:35 ----D---- C:\Windows\system32\nl-NL
2009-06-11 19:27:35 ----D---- C:\Windows\system32\migwiz
2009-06-11 19:27:35 ----D---- C:\Windows\system32\lt-LT
2009-06-11 19:27:35 ----D---- C:\Windows\system32\ar-SA
2009-06-11 19:27:14 ----RSD---- C:\Windows\Fonts
2009-06-11 19:27:08 ----D---- C:\Windows\system32\Boot
2009-06-11 19:24:50 ----D---- C:\ProgramData\NVIDIA
2009-06-11 18:51:00 ----DC---- C:\Windows\system32\DRVSTORE
2009-06-11 18:50:45 ----D---- C:\Program Files\Common Files\Apple
2009-06-11 18:15:32 ----HD---- C:\Windows\system32\GroupPolicy
2009-06-08 17:48:40 ----D---- C:\Program Files\Common Files\Adobe
2009-06-08 17:48:35 ----D---- C:\ProgramData\Adobe
2009-06-04 01:45:20 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-04 01:32:58 ----D---- C:\ProgramData\McAfee
2009-06-01 18:51:12 ----A---- C:\Windows\system32\mrt.exe
2009-05-31 16:25:13 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\Download Manager

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2008-09-12 13312]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712]
R3 catchme;catchme; \??\C:\Users\JENSKN~1\AppData\Local\Temp\catchme.sys []
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-05 44576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-26 7548000]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-06-05 242048]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688]
S3 SBAPIFS;SBAPIFS; \??\C:\Windows\system32\drivers\sbapifs.sys []
S3 usb_rndisx;USB-RNDIS-Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WINUSB;WinUsb-Treiber; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-26 196608]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate1c9e8f5f2be466d;Google Update Service (gupdate1c9e8f5f2be466d); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-09 133104]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-13 45272]
S4 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

2009-06-11 19:15:42 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-11 19:15:42 ----A---- C:\Windows\system32\evr.dll
2009-06-11 19:15:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-11 19:15:41 ----A---- C:\Windows\system32\wercon.exe
2009-06-11 19:15:41 ----A---- C:\Windows\system32\services.exe
2009-06-11 19:15:41 ----A---- C:\Windows\system32\iertutil.dll
2009-06-11 19:15:41 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-11 19:15:41 ----A---- C:\Windows\system32\adtschema.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\taskeng.exe
2009-06-11 19:15:40 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\reg.exe
2009-06-11 19:15:40 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\msjter40.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\msdrm.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-11 19:15:40 ----A---- C:\Windows\system32\certcli.dll
2009-06-11 19:15:39 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-11 19:15:39 ----A---- C:\Windows\system32\w32time.dll
2009-06-11 19:15:39 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-11 19:15:39 ----A---- C:\Windows\system32\certutil.exe
2009-06-11 19:15:38 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-11 19:15:38 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\msstrc.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\msshooks.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\msihnd.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\bthserv.dll
2009-06-11 19:15:38 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\netapi32.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\mscories.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\inetpp.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\hidserv.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\fundisc.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\dfshim.dll
2009-06-11 19:15:37 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-11 19:15:36 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-11 19:15:36 ----A---- C:\Windows\system32\termsrv.dll
2009-06-11 19:15:36 ----A---- C:\Windows\system32\profsvc.dll
2009-06-11 19:15:36 ----A---- C:\Windows\system32\imapi.dll
2009-06-11 19:15:36 ----A---- C:\Windows\system32\gameux.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\wdc.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\rasmans.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\pnidui.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\msiexec.exe
2009-06-11 19:15:35 ----A---- C:\Windows\system32\iassdo.dll
2009-06-11 19:15:35 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\wersvc.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-11 19:15:34 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-11 19:15:34 ----A---- C:\Windows\system32\scrrun.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-11 19:15:34 ----A---- C:\Windows\system32\pdh.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\icardres.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\azroles.dll
2009-06-11 19:15:34 ----A---- C:\Windows\system32\autofmt.exe
2009-06-11 19:15:33 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-11 19:15:33 ----A---- C:\Windows\system32\winlogon.exe
2009-06-11 19:15:33 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-11 19:15:33 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-11 19:15:33 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\sethc.exe
2009-06-11 19:15:31 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\kd1394.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\comuid.dll
2009-06-11 19:15:31 ----A---- C:\Windows\system32\certmgr.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\wisptis.exe
2009-06-11 19:15:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\untfs.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\spp.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\scrobj.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\rtutils.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\iassam.dll
2009-06-11 19:15:30 ----A---- C:\Windows\system32\dwm.exe
2009-06-11 19:15:30 ----A---- C:\Windows\system32\autochk.exe
2009-06-11 19:15:29 ----A---- C:\Windows\system32\winsrv.dll
2009-06-11 19:15:29 ----A---- C:\Windows\system32\printui.dll
2009-06-11 19:15:29 ----A---- C:\Windows\system32\iasnap.dll
2009-06-11 19:15:29 ----A---- C:\Windows\system32\autoconv.exe
2009-06-11 19:15:28 ----A---- C:\Windows\system32\wow32.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\userenv.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\osk.exe
2009-06-11 19:15:28 ----A---- C:\Windows\system32\onex.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\mswsock.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\kdcom.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\cscript.exe
2009-06-11 19:15:28 ----A---- C:\Windows\system32\basecsp.dll
2009-06-11 19:15:28 ----A---- C:\Windows\system32\audiodg.exe
2009-06-11 19:15:27 ----A---- C:\Windows\system32\winmm.dll
2009-06-11 19:15:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-11 19:15:27 ----A---- C:\Windows\system32\RelMon.dll
2009-06-11 19:15:27 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-11 19:15:27 ----A---- C:\Windows\system32\kdusb.dll
2009-06-11 19:15:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-11 19:15:26 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-11 19:15:26 ----A---- C:\Windows\system32\offfilt.dll
2009-06-11 19:15:26 ----A---- C:\Windows\system32\msftedit.dll
2009-06-11 19:15:26 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\wsepno.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\WerFault.exe
2009-06-11 19:15:25 ----A---- C:\Windows\system32\Utilman.exe
2009-06-11 19:15:25 ----A---- C:\Windows\system32\stobject.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\mfplat.dll
2009-06-11 19:15:25 ----A---- C:\Windows\system32\diskraid.exe
2009-06-11 19:15:25 ----A---- C:\Windows\system32\apphelp.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\wscript.exe
2009-06-11 19:15:24 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\sysclass.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\SndVol.exe
2009-06-11 19:15:24 ----A---- C:\Windows\system32\secur32.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\mscms.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\mcmde.dll
2009-06-11 19:15:24 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-11 19:15:23 ----A---- C:\Windows\system32\ulib.dll
2009-06-11 19:15:23 ----A---- C:\Windows\system32\rastapi.dll
2009-06-11 19:15:23 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-11 19:15:23 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-11 19:15:23 ----A---- C:\Windows\system32\dsound.dll
2009-06-11 19:15:23 ----A---- C:\Windows\system32\cryptui.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\rastls.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\gpapi.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-11 19:15:22 ----A---- C:\Windows\system32\diskpart.exe
2009-06-11 19:15:22 ----A---- C:\Windows\system32\brcpl.dll
2009-06-11 19:15:21 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-11 19:15:21 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-11 19:15:21 ----A---- C:\Windows\system32\ntprint.dll
2009-06-11 19:15:21 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-11 19:15:21 ----A---- C:\Windows\system32\logman.exe
2009-06-11 19:15:21 ----A---- C:\Windows\system32\iepeers.dll
2009-06-11 19:15:20 ----A---- C:\Windows\system32\wusa.exe
2009-06-11 19:15:20 ----A---- C:\Windows\system32\regsvc.dll
2009-06-11 19:15:20 ----A---- C:\Windows\system32\mscorier.dll
2009-06-11 19:15:20 ----A---- C:\Windows\system32\iasrad.dll
2009-06-11 19:15:20 ----A---- C:\Windows\system32\findstr.exe
2009-06-11 19:15:19 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-11 19:15:19 ----A---- C:\Windows\system32\wshext.dll
2009-06-11 19:15:19 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-11 19:15:19 ----A---- C:\Windows\system32\webcheck.dll
2009-06-11 19:15:19 ----A---- C:\Windows\system32\netcenter.dll
2009-06-11 19:15:18 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-11 19:15:18 ----A---- C:\Windows\system32\wer.dll
2009-06-11 19:15:18 ----A---- C:\Windows\system32\themecpl.dll
2009-06-11 19:15:18 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-11 19:15:18 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-11 19:15:17 ----A---- C:\Windows\system32\uxsms.dll
2009-06-11 19:15:17 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-11 19:15:17 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\slcc.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\scansetting.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\powrprof.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\powercpl.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\networkmap.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\msutb.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\mstsc.exe
2009-06-11 19:15:16 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\iasads.dll
2009-06-11 19:15:16 ----A---- C:\Windows\system32\iasacct.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\sud.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\newdev.exe
2009-06-11 19:15:15 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\connect.dll
2009-06-11 19:15:15 ----A---- C:\Windows\system32\authz.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\usercpl.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\themeui.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\samlib.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\pcaui.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\mmci.dll
2009-06-11 19:15:14 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-11 19:15:13 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-11 19:15:13 ----A---- C:\Windows\system32\qdvd.dll
2009-06-11 19:15:13 ----A---- C:\Windows\system32\autoplay.dll
2009-06-11 19:15:12 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-11 19:15:12 ----A---- C:\Windows\system32\regapi.dll
2009-06-11 19:15:12 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-11 19:15:12 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-11 19:15:11 ----A---- C:\Windows\system32\wpcao.dll
2009-06-11 19:15:11 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-11 19:15:11 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\scksp.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\scesrv.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\oleprn.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\mpr.dll
2009-06-11 19:15:10 ----A---- C:\Windows\system32\feclient.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\sdclt.exe
2009-06-11 19:15:09 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-11 19:15:09 ----A---- C:\Windows\system32\imm32.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-11 19:15:09 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-11 19:15:09 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\qedit.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\pnpui.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-11 19:15:08 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-11 19:15:08 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-11 19:15:08 ----A---- C:\Windows\system32\certreq.exe
2009-06-11 19:15:07 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-11 19:15:07 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-11 19:15:07 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-11 19:15:07 ----A---- C:\Windows\system32\scecli.dll
2009-06-11 19:15:07 ----A---- C:\Windows\system32\rasplap.dll
2009-06-11 19:15:07 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-11 19:15:07 ----A---- C:\Windows\system32\extmgr.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\whealogr.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\srcore.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-11 19:15:06 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-11 19:15:06 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-11 19:15:05 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-11 19:15:05 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-11 19:15:05 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-11 19:15:05 ----A---- C:\Windows\system32\raschap.dll
2009-06-11 19:15:05 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-06-11 19:15:05 ----A---- C:\Windows\system32\fontext.dll
2009-06-11 19:15:05 ----A---- C:\Windows\system32\conime.exe
2009-06-11 19:15:05 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-11 19:15:04 ----A---- C:\Windows\system32\wlanui.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\rasppp.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-11 19:15:04 ----A---- C:\Windows\system32\dsprop.dll
2009-06-11 19:15:04 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-11 19:15:03 ----A---- C:\Windows\system32\shsetup.dll
2009-06-11 19:15:03 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-11 19:15:03 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-11 19:15:03 ----A---- C:\Windows\system32\occache.dll
2009-06-11 19:15:03 ----A---- C:\Windows\system32\modemui.dll
2009-06-11 19:15:02 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-11 19:15:02 ----A---- C:\Windows\system32\mscandui.dll
2009-06-11 19:15:02 ----A---- C:\Windows\system32\dataclen.dll
2009-06-11 19:15:02 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\smss.exe
2009-06-11 19:15:01 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\credui.dll
2009-06-11 19:15:01 ----A---- C:\Windows\system32\blackbox.dll
2009-06-11 19:15:00 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-11 19:15:00 ----A---- C:\Windows\system32\mstime.dll
2009-06-11 19:15:00 ----A---- C:\Windows\system32\certprop.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\wscapi.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\sendmail.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\msscp.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\msrating.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\msimtf.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\logagent.exe
2009-06-11 19:14:59 ----A---- C:\Windows\system32\InkEd.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\ifmon.dll
2009-06-11 19:14:59 ----A---- C:\Windows\system32\gpresult.exe
2009-06-11 19:14:59 ----A---- C:\Windows\system32\cipher.exe
2009-06-11 19:14:58 ----A---- C:\Windows\system32\softkbd.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\olepro32.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\msctfui.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-11 19:14:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\wshbth.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\version.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-11 19:14:57 ----A---- C:\Windows\system32\puiapi.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\msisip.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\mprapi.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\input.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\fc.exe
2009-06-11 19:14:57 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-11 19:14:57 ----A---- C:\Windows\system32\cdd.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-11 19:14:56 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\msjint40.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\ftp.exe
2009-06-11 19:14:56 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\dmusic.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\cscdll.dll
2009-06-11 19:14:56 ----A---- C:\Windows\system32\cscapi.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-11 19:14:55 ----A---- C:\Windows\system32\Storprop.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\slcinst.dll
2009-06-11 19:14:55 ----A---- C:\Windows\system32\rasdial.exe
2009-06-11 19:14:55 ----A---- C:\Windows\system32\rasdiag.dll

2009-06-11 19:16:20 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-11 19:16:20 ----A---- C:\Windows\system32\mscoree.dll
2009-06-11 19:16:19 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-11 19:16:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-11 19:16:19 ----A---- C:\Windows\system32\imapi2.dll
2009-06-11 19:16:18 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-11 19:16:18 ----A---- C:\Windows\system32\esent.dll
2009-06-11 19:16:18 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\sperror.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\SLC.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-11 19:16:17 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-11 19:16:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-11 19:16:17 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-11 19:16:16 ----A---- C:\Windows\system32\wmp.dll
2009-06-11 19:16:16 ----A---- C:\Windows\system32\msshsq.dll
2009-06-11 19:16:15 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-11 19:16:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-11 19:16:14 ----A---- C:\Windows\system32\msxml6.dll
2009-06-11 19:16:14 ----A---- C:\Windows\system32\msjet40.dll
2009-06-11 19:16:14 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-11 19:16:13 ----A---- C:\Windows\system32\Query.dll
2009-06-11 19:16:13 ----A---- C:\Windows\system32\qmgr.dll
2009-06-11 19:16:13 ----A---- C:\Windows\system32\msexch40.dll
2009-06-11 19:16:12 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-11 19:16:12 ----A---- C:\Windows\system32\ole32.dll
2009-06-11 19:16:12 ----A---- C:\Windows\system32\ntdll.dll
2009-06-11 19:16:12 ----A---- C:\Windows\system32\diagperf.dll
2009-06-11 19:16:11 ----A---- C:\Windows\system32\winload.exe
2009-06-11 19:16:11 ----A---- C:\Windows\system32\uDWM.dll
2009-06-11 19:16:11 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-11 19:16:11 ----A---- C:\Windows\system32\msxml3.dll
2009-06-11 19:16:11 ----A---- C:\Windows\system32\mmc.exe
2009-06-11 19:16:11 ----A---- C:\Windows\system32\mblctr.exe
2009-06-11 19:16:11 ----A---- C:\Windows\system32\EncDec.dll
2009-06-11 19:16:10 ----A---- C:\Windows\system32\riched20.dll
2009-06-11 19:16:10 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-11 19:16:10 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-11 19:16:10 ----A---- C:\Windows\system32\fdBth.dll
2009-06-11 19:16:10 ----A---- C:\Windows\system32\dfsr.exe
2009-06-11 19:16:09 ----A---- C:\Windows\system32\kernel32.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\spoolss.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-11 19:16:08 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-11 19:16:08 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\milcore.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\jscript.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-11 19:16:08 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-11 19:16:06 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-11 19:16:06 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-11 19:16:05 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-11 19:16:05 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-11 19:16:05 ----A---- C:\Windows\system32\gpedit.dll
2009-06-11 19:16:03 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-11 19:16:02 ----A---- C:\Windows\system32\es.dll
2009-06-11 19:16:01 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-11 19:16:01 ----A---- C:\Windows\system32\mstext40.dll
2009-06-11 19:16:01 ----A---- C:\Windows\system32\Magnify.exe
2009-06-11 19:16:01 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-11 19:16:01 ----A---- C:\Windows\system32\advapi32.dll
2009-06-11 19:16:00 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-11 19:16:00 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-11 19:16:00 ----A---- C:\Windows\system32\slwmi.dll
2009-06-11 19:16:00 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-11 19:16:00 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-11 19:15:59 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-11 19:15:59 ----A---- C:\Windows\system32\vssapi.dll
2009-06-11 19:15:59 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-11 19:15:59 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-11 19:15:59 ----A---- C:\Windows\system32\authui.dll
2009-06-11 19:15:58 ----A---- C:\Windows\system32\vbscript.dll
2009-06-11 19:15:58 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-11 19:15:58 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-11 19:15:58 ----A---- C:\Windows\system32\mstscax.dll
2009-06-11 19:15:58 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\propsys.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\newdev.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-11 19:15:57 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-11 19:15:57 ----A---- C:\Windows\system32\crypt32.dll
2009-06-11 19:15:57 ----A---- C:\Windows\explorer.exe
2009-06-11 19:15:56 ----A---- C:\Windows\system32\setupapi.dll
2009-06-11 19:15:56 ----A---- C:\Windows\system32\rpcss.dll
2009-06-11 19:15:56 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-11 19:15:56 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-11 19:15:56 ----A---- C:\Windows\system32\d3d9.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\msltus40.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\mfc42.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\davclnt.dll
2009-06-11 19:15:55 ----A---- C:\Windows\system32\browseui.dll
2009-06-11 19:15:54 ----A---- C:\Windows\system32\photowiz.dll
2009-06-11 19:15:54 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-11 19:15:53 ----A---- C:\Windows\system32\user32.dll
2009-06-11 19:15:53 ----A---- C:\Windows\system32\samsrv.dll
2009-06-11 19:15:53 ----A---- C:\Windows\system32\quartz.dll
2009-06-11 19:15:53 ----A---- C:\Windows\system32\ci.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\win32spl.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-11 19:15:52 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-11 19:15:52 ----A---- C:\Windows\system32\kerberos.dll
2009-06-11 19:15:51 ----A---- C:\Windows\system32\winhttp.dll
2009-06-11 19:15:51 ----A---- C:\Windows\system32\netshell.dll
2009-06-11 19:15:51 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-11 19:15:51 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-11 19:15:51 ----A---- C:\Windows\system32\compcln.exe
2009-06-11 19:15:51 ----A---- C:\Windows\system32\apds.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-11 19:15:50 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\msctf.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\gdi32.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-11 19:15:50 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-11 19:15:49 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-11 19:15:49 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-11 19:15:49 ----A---- C:\Windows\system32\SLUI.exe
2009-06-11 19:15:49 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-11 19:15:49 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-11 19:15:49 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-11 19:15:49 ----A---- C:\Windows\system32\eapphost.dll
2009-06-11 19:15:46 ----A---- C:\Windows\system32\winresume.exe
2009-06-11 19:15:46 ----A---- C:\Windows\system32\propdefs.dll
2009-06-11 19:15:46 ----A---- C:\Windows\system32\odbc32.dll
2009-06-11 19:15:45 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-11 19:15:45 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-11 19:15:45 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-11 19:15:45 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-11 19:15:44 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-11 19:15:44 ----A---- C:\Windows\system32\usp10.dll
2009-06-11 19:15:44 ----A---- C:\Windows\system32\swprv.dll
2009-06-11 19:15:44 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\vds.exe
2009-06-11 19:15:43 ----A---- C:\Windows\system32\netlogon.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\msscb.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\mshtmled.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\msctfp.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\ieapfltr.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\drvinst.exe
2009-06-11 19:15:43 ----A---- C:\Windows\system32\devmgr.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-11 19:15:43 ----A---- C:\Windows\system32\BFE.DLL
2009-06-11 19:15:43 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-11 19:15:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-11 19:15:42 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-11 19:15:42 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-11 19:15:42 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-11 19:15:42 ----A---- C:\Windows\system32\schannel.dll

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jens Knossalla at 2009-06-29 18:27:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 9 GB (15%) free of 62 GB
Total RAM: 3066 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:12, on 29.06.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jens Knossalla\Desktop\RSIT.exe
C:\Program Files\trend micro\Jens Knossalla.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RssReader] "C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" /Autostart
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.78,85.255.112.12
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9e8f5f2be466d) (gupdate1c9e8f5f2be466d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

--
End of file - 5814 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\SupBackGroundTask.job
C:\Windows\tasks\User_Feed_Synchronization-{F88C0E6D-106F-4422-B887-51CDA5E691B2}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll [2009-06-09 2097152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-26 13548064]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-07-26 92704]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"RssReader"=C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe [2008-10-02 3067904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-06-29 18:27:06 ----D---- C:\rsit
2009-06-29 18:07:49 ----SHD---- C:\$RECYCLE.BIN
2009-06-29 18:07:49 ----D---- C:\Windows\temp
2009-06-29 18:07:47 ----A---- C:\ComboFix.txt
2009-06-29 17:55:11 ----A---- C:\Windows\zip.exe
2009-06-29 17:55:11 ----A---- C:\Windows\SWXCACLS.exe
2009-06-29 17:55:11 ----A---- C:\Windows\SWSC.exe
2009-06-29 17:55:11 ----A---- C:\Windows\SWREG.exe
2009-06-29 17:55:11 ----A---- C:\Windows\sed.exe
2009-06-29 17:55:11 ----A---- C:\Windows\PEV.exe
2009-06-29 17:55:11 ----A---- C:\Windows\NIRCMD.exe
2009-06-29 17:55:11 ----A---- C:\Windows\grep.exe
2009-06-29 17:55:04 ----SD---- C:\cofi.exe
2009-06-29 17:55:04 ----D---- C:\Windows\ERDNT
2009-06-29 17:54:46 ----D---- C:\Qoobox
2009-06-28 03:43:30 ----D---- C:\Program Files\HDQuality
2009-06-26 19:43:35 ----D---- C:\Program Files\Cheatbook 03.2009
2009-06-25 22:36:45 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\RobinsonCrusoe
2009-06-25 22:36:40 ----AD---- C:\ProgramData\TEMP
2009-06-25 22:36:21 ----D---- C:\Program Files\GamesBar
2009-06-25 22:35:37 ----D---- C:\Program Files\Oberon Media
2009-06-25 22:35:37 ----D---- C:\Program Files\Common Files\Oberon Media
2009-06-25 22:35:36 ----D---- C:\Program Files\Gamenext
2009-06-18 13:01:29 ----D---- C:\Users\Jens Knossalla\AppData\Roaming\dvdcss
2009-06-13 01:03:32 ----D---- C:\Program Files\Common Files\DivX Shared
2009-06-11 20:48:22 ----D---- C:\Program Files\CCleaner
2009-06-11 19:27:09 ----D---- C:\Windows\system32\eu-ES
2009-06-11 19:27:09 ----D---- C:\Windows\system32\ca-ES
2009-06-11 19:27:08 ----D---- C:\Windows\system32\vi-VN
2009-06-11 19:17:50 ----D---- C:\Windows\system32\EventProviders
2009-06-11 19:16:41 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-11 19:16:38 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-11 19:16:38 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-11 19:16:36 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-11 19:16:36 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-11 19:16:35 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-11 19:16:32 ----A---- C:\Windows\system32\mssrch.dll
2009-06-11 19:16:30 ----A---- C:\Windows\system32\tquery.dll
2009-06-11 19:16:29 ----A---- C:\Windows\system32\scavenge.dll
2009-06-11 19:16:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-11 19:16:29 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-11 19:16:29 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-11 19:16:29 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-11 19:16:28 ----A---- C:\Windows\system32\msi.dll
2009-06-11 19:16:27 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-11 19:16:26 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-11 19:16:26 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-11 19:16:26 ----A---- C:\Windows\system32\sysmain.dll
2009-06-11 19:16:26 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-11 19:16:25 ----A---- C:\Windows\system32\icardagt.exe
2009-06-11 19:16:24 ----A---- C:\Windows\system32\mf.dll
2009-06-11 19:16:24 ----A---- C:\Windows\system32\ieframe.dll
2009-06-11 19:16:24 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-11 19:16:24 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-11 19:16:23 ----A---- C:\Windows\system32\spreview.exe
2009-06-11 19:16:23 ----A---- C:\Windows\system32\spinstall.exe
2009-06-11 19:16:23 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-11 19:16:22 ----A---- C:\Windows\system32\spwizui.dll
2009-06-11 19:16:22 ----A---- C:\Windows\system32\shell32.dll
2009-06-11 19:16:22 ----A---- C:\Windows\system32\secproc.dll
2009-06-11 19:16:22 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-11 19:16:21 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-11 19:16:21 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-11 19:16:20 ----A---- C:\Windows\system32\mssvp.dll
2009-06-11 19:16:20 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-11 19:16:20 ----A---- C:\Windows\system32\mssph.dll

Computer Name: JensKnossall-PC
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update 905866-8_neutral_GDR aus Paket KB905866(Update) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 34487
Source Name: Microsoft-Windows-Servicing
Time Written: 20090312062702.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: JensKnossall-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB905866(Update) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 34486
Source Name: Microsoft-Windows-Servicing
Time Written: 20090312062702.000000-000
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

=====Application event log=====

Computer Name: JensKnossall-PC
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.


Record Number: 1279
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090217180347.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: WIN-TG9014SHWJA
Event Code: 9009
Message: Der Desktopfenster-Manager wurde mit dem Code (0xc00002fe) abgebrochen.
Record Number: 1278
Source Name: Desktop Window Manager
Time Written: 20090117072404.000000-000
Event Type: Informationen
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 8225
Message: Der VSS-Dienst wird aufgrund eines Ereignisses vom Dienststeuerungs-Manager heruntergefahren.
Record Number: 1277
Source Name: VSS
Time Written: 20090117072404.000000-000
Event Type: Informationen
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 17147
Message: SQL Server wird beendet, weil das System heruntergefahren wird. Diese Meldung dient nur zu Informationszwecken. Es ist keine Benutzeraktion erforderlich.
Record Number: 1276
Source Name: MSSQL$MSSMLBIZ
Time Written: 20090117072404.000000-000
Event Type: Informationen
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 1013
Message: Der Windows-Suchdienst wurde normal beendet.

Record Number: 1275
Source Name: Microsoft-Windows-Search
Time Written: 20090117072401.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: WIN-TG9014SHWJA
Event Code: 1100
Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
Record Number: 838
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090117072404.438600-000
Event Type: Überwachung erfolgreich
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7

Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 837
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090117072402.972800-000
Event Type: Überwachung erfolgreich
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: WIN-TG9014SHWJA$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7

Anmeldetyp: 5

Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Prozessinformationen:
Prozess-ID: 0x258
Prozessname: C:\Windows\System32\services.exe

Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -

Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 836
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090117072402.972800-000
Event Type: Überwachung erfolgreich
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: WIN-TG9014SHWJA$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Zielserver:
Zielservername: localhost
Weitere Informationen: localhost

Prozessinformationen:
Prozess-ID: 0x258
Prozessname: C:\Windows\System32\services.exe

Netzwerkinformationen:
Netzwerkadresse: -
Port: -

Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 835
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090117072402.972800-000
Event Type: Überwachung erfolgreich
User:

Computer Name: WIN-TG9014SHWJA
Event Code: 1102
Message: Das Überwachungsprotokoll wurde gelöscht.
Subjekt:
Sicherheits- ID: S-1-5-21-231028011-720208147-1658006778-500
Kontoname: Administrator
Domänenname: WIN-TG9014SHWJA
Logon-ID: 0x28616
Record Number: 834
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090117072357.372400-000
Event Type: Überwachung erfolgreich
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\DivX Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

SO JETZT IST ALLES DABEI!
Ich hoffe du kannst damit was anfangen =)
Ich musste es halt über mehrere Threads teilen, sonst ging es nicht!

Gruß Jens





info.txt logfile of random's system information tool 1.06 2009-06-29 18:27:14

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.5 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
Adventures of Robinson Crusoe-->"C:\Program Files\Gamenext\Adventures of Robinson Crusoe\Uninstall.exe" "C:\Program Files\Gamenext\Adventures of Robinson Crusoe\install.log"
Agere Systems HDA Modem-->agrsmdel
Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atheros WLAN Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04983D37-2202-4295-94A2-8B547C66133F}\setup.exe" -l0x9
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Business Contact Manager für Outlook 2007-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {4cb9f93c-9edc-4be9-ae61-af128ddbecfa}
Business Contact Manager für Outlook 2007-->MsiExec.exe /X{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}
Casting-Agentur-->MsiExec.exe /X{071F3745-E389-4345-86DF-E80B55446FCE}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Cucusoft Ultimate DVD + Video Converter Suite 7.19.7.12-->"C:\Program Files\Cucusoft\Ultimate-Converter\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Pro 6.8.0 VFW-->"C:\Program Files\DivX Pro VFW\unins000.exe"
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
E.M. DVD Copy 2.51-->"C:\Program Files\E.M. DVD Copy\unins000.exe"
Easy Battery Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe" -l0x9 Remove
Easy Display Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly
Easy Network Manager 4.0-->C:\Program Files\InstallShield Installation Information\{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}\setup.exe -runfromtemp -l0x0407
Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Google Gears-->MsiExec.exe /I{F9FBBFFE-5CFD-3271-B127-C2326D796F94}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDQuality-->"C:\Program Files\HDQuality\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
imagine digital freedom - Samsung-->MsiExec.exe /X{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft SOAP Toolkit 2.0 SP2-->MsiExec.exe /I{36BEAD11-8577-49AD-9250-E06A50AE87B0}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Move Networks Media Player for Internet Explorer-->C:\Users\Jens Knossalla\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{04B45310-A5FE-4425-BFCA-1A6D8920DE74}
PlayCamera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}\setup.exe" -l0x7
PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x9 Remove
Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Samsung Update Plus-->"C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Update Plus-->MsiExec.exe /X{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Video Converter 3.21 090220-->"C:\Program Files\Total Video Converter\unins000.exe"
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)-->MsiExec.exe /X{07629207-FAA0-4F1A-8092-BF5085BE511F}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Vimicro UVC Camera-->C:\Program Files\InstallShield Installation Information\{71A51B09-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
WIDCOMM Bluetooth Software 6.0.1.6300-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
Windows Mobile®-Gerätehandbuch-->C:\Program Files\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
Windows Mobile-Gerätecenter-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: JensKnossall-PC
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update 905866-8_neutral_GDR aus Paket KB905866(Update) in den Status Deinstallation angefordert(Uninstall Requested) setzen zu können.
Record Number: 34490
Source Name: Microsoft-Windows-Servicing
Time Written: 20090312062702.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: JensKnossall-PC
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update 905866-7_neutral_LDR aus Paket KB905866(Update) in den Status Bereitgestellt(Staged) setzen zu können.
Record Number: 34489
Source Name: Microsoft-Windows-Servicing
Time Written: 20090312062702.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: JensKnossall-PC
Event Code: 4376
Message: Windows-Wartung erforderte einen Neustart, um das Paket KB905866(Update) in den Status Deinstallation angefordert(Uninstall Requested) setzen zu können.
Record Number: 34488
Source Name: Microsoft-Windows-Servicing
Time Written: 20090312062702.000000-000
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Hast du den Link noch? Ich bin immer auf der Suche nach den Quellen.

Wann genau hast du den runtergeladen und installiert?

ciao, andreas

vor 2-3 tagen

Und von wo hast du das geladen?

ciao, andreas

na das ist ne gute frage, keine ahnung =) wieso?

Wenn du weiterhin wie wild auf alles rumklickst, das nicht bei drei auf den Bäumen ist, dann macht es kein Sinn hier weiterzumachen. Dann solltest du die schnelle und sichere Alternative wählen => http://www.trojaner-board.de/51262-a...sicherung.html

Das wirst du dann, je nach Intelligenz, so etwa 5-50 mal machen, bis du gelernt hast, nicht auf jeden Mist zu klicken und Software grundsätzlich nur vom Hersteller zu laden und vor der Installation bei www.virustotal.com überprüfen zu lassen. ;)

Schau in den Verlauf/Historie deines Browsers. Lässt sich dort die Quelle ermitteln?

ciao, andreas

leider hat der cleaner den verlauf gelöscht....ich weiss nur dass eine schwarze seite war ;-)
sorry!

Ist mein PC jetzt wieder sauber?

Welches Antivirenprogramm nutzt du? Ich sehe da Unmengen an Resten, aber keines das läuft.

1.) Deinstalliere (falls möglich):

• Apple Software Update
• Bonjour
• Google Update Helper

2.) Scripten mit Combofix

• Öffne den Editor (Start => Zubehör => Editor ) kopiere nun folgenden Text in das weiße Feld:

Speichere diese Datei nun auf dem Desktop unter -> cfscript.txt

• Nun die Datei cfscript.txt auf das Sysmbol von Combofix ziehen!

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

• Danach das Log von Combofix ohne zu Editieren posten. Nur wenn dein Vor- und Nachname ersichtlich ist, dann entferne ihn.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann.

ciao, andreas

2009-06-18 11:01 . 2009-06-18 11:01 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\dvdcss
2009-06-12 23:03 . 2009-06-12 23:03 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-11 18:48 . 2009-06-11 18:48 -------- d-----w- c:\program files\CCleaner
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\ca-ES
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\eu-ES
2009-06-11 17:27 . 2009-06-11 17:27 -------- d-----w- c:\windows\system32\vi-VN
2009-06-11 17:17 . 2009-06-11 17:17 -------- d-----w- c:\windows\system32\EventProviders
2009-06-11 17:15 . 2009-04-11 06:28 1077248 ----a-w- c:\windows\system32\vssapi.dll
2009-06-11 17:14 . 2009-04-11 06:28 33280 ----a-w- c:\windows\system32\wscapi.dll
2009-06-11 16:51 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-11 16:51 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-11 16:50 . 2009-06-11 16:50 -------- d-----w- c:\program files\iPod
2009-06-11 16:50 . 2009-06-11 16:51 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-11 16:50 . 2009-06-11 16:51 -------- d-----w- c:\program files\iTunes
2009-06-11 16:48 . 2009-06-11 16:49 -------- d-----w- c:\program files\QuickTime
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\Malwarebytes
2009-06-10 21:11 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-10 21:11 . 2009-06-10 21:11 -------- d-----w- c:\programdata\Malwarebytes
2009-06-10 21:11 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-10 16:27 . 2009-04-23 12:15 828416 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 16:27 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-10 15:44 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-10 15:43 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-10 15:35 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-09 11:31 . 2009-06-29 20:02 -------- d-----w- c:\program files\Google
2009-06-09 11:31 . 2009-06-09 11:32 -------- d-----w- c:\users\Jens Knossalla\AppData\Local\Google
2009-06-09 11:20 . 2009-06-09 11:20 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\AVS4YOU
2009-06-09 11:20 . 2009-06-09 11:20 -------- d-----w- c:\programdata\AVS4YOU
2009-06-09 11:19 . 2009-06-09 11:22 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-06-09 11:19 . 2009-01-28 18:49 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-06-09 11:19 . 2009-06-09 11:22 -------- d-----w- c:\program files\AVS4YOU
2009-06-09 11:19 . 2009-01-28 18:49 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-06-08 16:47 . 2009-06-29 16:27 -------- d-----w- c:\program files\Trend Micro
2009-06-08 16:14 . 2009-06-09 15:27 104 ----a-w- c:\windows\system32\SBRC.dat
2009-06-05 11:57 . 2009-06-05 11:57 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-03 23:46 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-03 23:46 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-03 23:46 . 2009-06-03 23:46 -------- d-----w- c:\programdata\Avira
2009-06-03 23:46 . 2009-06-03 23:46 -------- d-----w- c:\program files\Avira
2009-06-01 21:44 . 2008-11-05 09:39 92326 ----a-w- c:\windows\system32\HKCU_GNU.reg
2009-06-01 21:44 . 2008-06-17 08:57 6700 ----a-w- c:\windows\system32\HKLM_GNU.reg
2009-06-01 21:44 . 2006-07-17 19:42 14909 ----a-w- c:\windows\system32\A_reg.reg
2009-06-01 21:44 . 2008-02-03 19:26 364544 ----a-w- c:\windows\system32\cdg.dll
2009-06-01 21:44 . 2006-09-27 15:46 348160 ----a-w- c:\windows\system32\cdga.dll
2009-06-01 10:51 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-31 19:49 . 2004-10-12 12:42 262144 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2009-05-31 19:49 . 2004-10-05 14:16 395776 ----a-w- c:\windows\system32\libmplayer.dll
2009-05-31 19:49 . 2004-10-03 23:50 112640 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2009-05-31 19:49 . 2004-09-10 11:50 34820 ----a-w- c:\windows\system32\ffdshow.reg
2009-05-31 15:23 . 2009-05-31 15:23 -------- d-----w- c:\program files\E.M. DVD Copy
2009-05-31 15:00 . 2009-05-31 15:00 -------- d-----w- c:\program files\XviD
2009-05-31 15:00 . 2009-05-31 15:00 -------- d-----w- c:\program files\AviSynth 2.5
2009-05-31 14:59 . 2009-05-31 14:59 -------- d-----w- c:\program files\Gabest
2009-05-31 14:49 . 2009-05-31 14:56 -------- d-----w- C:\EasyDivX
2009-05-31 14:26 . 2009-06-09 11:39 -------- d-----w- C:\ConverterOutput
2009-05-31 14:26 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.DLL
2009-05-31 14:26 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.DLL
2009-05-31 14:26 . 2008-06-15 19:13 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-31 14:26 . 2008-06-15 08:01 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-05-31 14:26 . 2008-06-15 08:01 258352 ----a-w- c:\windows\system32\unicows.dll
2009-05-31 14:26 . 2009-06-01 20:00 -------- d-----w- c:\program files\Cucusoft
2009-05-31 13:46 . 2009-05-31 13:46 -------- d-----w- C:\Fraps

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-29 20:02 . 2008-09-12 19:41 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-29 15:36 . 2009-01-17 05:03 65270 ----a-w- c:\programdata\nvModes.dat
2009-06-20 20:34 . 2009-04-23 16:45 1 ----a-w- c:\users\Jens Knossalla\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-12 23:03 . 2009-02-23 03:24 -------- d-----w- c:\program files\DivX
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-11 17:28 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-11 17:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-11 17:27 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-11 17:27 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-11 17:24 . 2008-09-12 04:37 -------- d-----w- c:\programdata\NVIDIA
2009-06-11 16:50 . 2009-02-23 02:12 -------- d-----w- c:\program files\Common Files\Apple
2009-06-08 15:48 . 2008-09-12 03:57 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-31 14:25 . 2009-02-23 15:01 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\Download Manager
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-30 15:51 . 2009-04-30 15:51 43646 ----a-r- c:\users\Jens Knossalla\AppData\Roaming\Microsoft\Installer\{071F3745-E389-4345-86DF-E80B55446FCE}\ARPPRODUCTICON.exe
2009-04-24 06:26 . 2009-02-18 19:17 102416 ----a-w- c:\users\Jens Knossalla\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-11 06:33 . 2009-06-11 17:16 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-06-11 17:15 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-06-11 17:15 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-06-11 17:16 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-06-11 17:15 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-06-11 17:15 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-06-11 17:16 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-06-11 17:14 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-06-11 17:14 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-06-11 17:14 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-06-11 17:16 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-11 05:03 . 2009-06-11 17:16 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-06-11 17:14 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-06-11 17:14 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-06-11 17:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-06-11 17:15 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-06-11 17:14 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-06-11 17:14 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-06-11 17:14 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-06-11 17:14 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2009-04-11 04:46 . 2009-06-11 17:14 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-06-11 17:15 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:46 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\rndismpx.sys
2009-04-11 04:45 . 2009-06-11 17:15 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-06-11 17:15 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-06-11 17:15 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-06-11 17:15 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-06-11 17:15 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-06-11 17:14 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-06-11 17:14 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-06-11 17:15 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:42 . 2009-06-11 17:15 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-06-11 17:15 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-06-11 17:15 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-06-11 17:15 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-06-11 17:14 31616 ----a-w- c:\windows\system32\drivers\winusb.sys
2009-04-11 04:42 . 2009-06-11 17:15 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-06-11 17:14 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42 . 2009-06-11 17:14 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42 . 2009-06-11 17:14 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42 . 2009-06-11 17:16 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39 . 2009-06-11 17:14 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39 . 2009-06-11 17:14 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39 . 2009-06-11 17:14 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38 . 2009-06-11 17:15 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:27 . 2009-06-11 17:14 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23 . 2009-06-11 17:15 626176 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23 . 2009-06-11 17:14 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:23 . 2009-06-11 17:14 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-04-11 04:22 . 2009-06-11 17:14 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
2009-04-11 04:15 . 2009-06-11 17:15 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-11 04:15 . 2009-06-11 17:15 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-04-11 04:15 . 2009-06-11 17:15 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-04-11 04:14 . 2009-06-11 17:15 114688 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-04-11 04:14 . 2009-06-11 17:15 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14 . 2009-06-11 17:15 225280 ----a-w- c:\windows\system32\drivers\rdbss.sys
2009-04-11 04:14 . 2009-06-11 17:15 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14 . 2009-06-11 17:15 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14 . 2009-06-11 17:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-04-11 04:14 . 2009-06-11 17:15 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2009-04-11 04:13 . 2009-06-11 17:14 226816 ----a-w- c:\windows\system32\drivers\udfs.sys
2009-04-11 04:13 . 2009-06-11 17:15 136704 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-04-11 04:13 . 2009-06-11 17:15 142848 ----a-w- c:\windows\system32\drivers\fastfat.sys
2009-04-11 04:12 . 2009-06-11 17:15 617984 ----a-w- c:\windows\system32\adtschema.dll
2009-04-11 02:52 . 2009-06-11 17:16 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2009-04-11 01:59 . 2009-06-11 17:15 107612 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2009-04-06 16:28 . 2009-04-06 16:28 0 ----a-w- c:\windows\Infob.dat
2009-04-06 16:28 . 2009-04-06 16:28 0 ----a-w- c:\windows\Infoa.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\EasyDivX ----

2009-05-31 14:51 . 2009-05-31 14:54 1 ----a-w- c:\easydivx\temp\ready.log


((((((((((((((((((((((((((((( SnapShot@2009-06-29_16.06.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-06-29 18:43 61842 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-06-29 18:43 82064 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-18 19:16 . 2009-06-29 18:43 11686 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-231028011-720208147-1658006778-1003_UserData.bin
- 2009-02-18 19:12 . 2009-06-29 05:38 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-18 19:12 . 2009-06-29 19:23 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-18 19:12 . 2009-06-29 19:23 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-18 19:12 . 2009-06-29 05:38 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-18 19:12 . 2009-06-29 19:23 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-18 19:12 . 2009-06-29 05:38 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-06-29 20:03 . 2009-06-29 20:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-06-29 15:59 . 2009-06-29 15:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-06-29 20:03 . 2009-06-29 20:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-06-29 15:59 . 2009-06-29 15:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-06-29 18:47 633886 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-29 16:06 633886 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-06-29 18:47 118772 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-06-29 16:06 118772 c:\windows\System32\perfc009.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RssReader"="c:\users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\RSSReader.exe" [2008-10-02 3067904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-26 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-26 92704]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-17 6111232]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):b2,87,c1,da,ba,ea,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{087269CB-C29E-4584-9831-38D886F26584}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{54DD7B8D-9512-4516-BAD3-041659CA99AF}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{709D28E9-790D-45E1-82F1-003E93A32C1C}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{79524875-3480-489C-B0B4-C617A3117EC9}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

R0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\System32\drivers\iaNvStor.sys [12.09.2008 05:54 226328]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [04.06.2009 01:46 108289]
R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\System32\drivers\KMDFMEMIO.sys [12.09.2008 06:01 13312]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [14.04.2006 03:07 28933976]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [11.09.2008 17:02 44576]
R3 VMC302;Vimicro Camera Service VMC302;c:\windows\System32\drivers\vmc302.sys [12.09.2008 05:56 242048]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners

2009-06-29 c:\windows\Tasks\SupBackGroundTask.job
- c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe [2008-10-27 13:38]

2009-06-28 c:\windows\Tasks\User_Feed_Synchronization-{F88C0E6D-106F-4422-B887-51CDA5E691B2}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game10.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-29 22:04
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...


c:\users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\casta-small.gif

Scan erfolgreich abgeschlossen
versteckte Dateien: 1

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(5636)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\System32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-06-29 22:09 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-06-29 20:09
ComboFix2.txt 2009-06-29 16:07

Vor Suchlauf: 9.342.357.504 Bytes frei
Nach Suchlauf: 9.886.179.328 Bytes frei

2385 --- E O F --- 2009-06-25 14:34

c:\programdata\Fighters\spywarefighter\logs\scan_log7191958.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7194454.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log723033.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7361203.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7362732.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7364261.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7365790.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7367350.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7368878.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7370407.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log739834.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log759366.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log763172.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7637356.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log766744.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7689616.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7691145.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7699382.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7700911.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7706028.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log771362.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7728648.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log772891.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7730177.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7732735.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7754513.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7756073.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7757602.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7764793.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log781611.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log781689.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7819690.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7824339.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7828426.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log783655.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7838192.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7844323.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7850984.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log785231.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7853527.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7855555.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log785792.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7859657.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log787025.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7879688.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7883276.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7889438.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7891466.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7893510.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7896084.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7900701.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7902745.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log791096.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log791346.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7920217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7922261.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7926098.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log792750.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7932026.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log794310.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7948469.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7953586.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7957158.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7959171.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7961199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7963305.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7967470.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7976721.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log798413.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7990074.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7994692.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7994848.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7998358.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8000932.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8014223.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8018825.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8027031.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8029106.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8032709.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8034753.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8038840.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8045517.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8051664.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8071210.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8073254.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8088683.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8091818.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8094345.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8097933.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8108713.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log826040.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8268006.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8270517.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8272530.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8276071.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log830580.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log833762.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log837272.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log839675.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8422103.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8424116.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8426612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log842764.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log854698.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log862201.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log864245.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8645294.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log867755.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8686822.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log870267.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log870813.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log872763.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log873324.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log874822.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log879362.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log880376.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log881889.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log888456.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log889611.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8904927.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log890781.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8909435.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8911962.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log892294.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log894291.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8943006.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log894494.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log896771.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log8978013.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log899345.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log902418.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log907348.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log921763.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log928455.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log947690.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log985255.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log985489.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log989888.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log993991.txt
c:\programdata\Lavasoft
c:\programdata\McAfee
c:\programdata\McAfee\MSC\Cache\McSubDB.Bak
c:\programdata\McAfee\MSC\mcini.ini
c:\programdata\McAfee\MSC\McSubDB.Dat
C:\rsit
c:\rsit\info.txt
c:\rsit\log.txt
c:\users\Jens Knossalla\AppData\Local\caocs.bat
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\[www.busters.to].....Gina.Lisa.Lohfink.Sextape.German.2008.PROPER.XXX.WEBRiP.XviD-GiNALiSA.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\108- My Friends Hot Mom - Mrs. Ericka Lockett 2.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Cucusoft Ultimate DVD + Video Converter Suite 7.6.7.5.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Cucusoft Ultimate DVD + Video Converter Suite Full Version.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Cucusoft Ultimate DVD + Video Converter Suite v7.19.7.12.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\dht.dat
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\dht.dat.old
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Fast Times At Naughty America 9.XXX.DVDRiP.XviD.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\German_Top100_08.06.2009-FT.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\In.The.Vip.2008.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Lonnie Waters - InTheVIP.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\mfhmkendrasecrets_1k.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\mfhmtianarose_512k.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\My Friends Hot Mom - Emma Starr.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\My Friends Hot Mom - Mrs Cannon.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\My Friends Hot Mom - Mrs Lisa Lipps.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\My Friends Hot Mom - Ms Pink.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\MyFriendsHotMom - Brittany ONeil.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\MyFriendsHotMom.08.12.22.Trisha.Lynne.XXX.WMV-Sex4Ever.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Naughty America - My Sisters Hot Friend - Dani Woodward.mpg.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Naughty America 4 Her 4.XXX.DVDRiP.XviD.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Naughty America.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Naughty.America.Real.Big.Tits.1.2009.XXX.DVDRip.XviD-CiCXXX.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\naughtyamerica-.my first sex teacher-.Charlie James.zip.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\naughtyamerica-.my first sex teacher-.Katja Kassin.zip.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\naughtyamerica-.neighbor affair-.Eden DeGarden.zip.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\naughtyamerica-.neighbor affair-.Victoria Vonn.zip.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Nero 8.1.1.0 Ultra.rar.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\rainald grebe.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\resume.dat
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\resume.dat.old
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\rss.dat
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\rss.dat.old
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\Sasha - Good News On A Bad Day (2009) - Pop [www.torrentazos.com].torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\settings.dat
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\settings.dat.old
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\shake_it_fast_big.wmv.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\VA- Ballermann.Hits.-.Ballermann.Am.Balkan.-2CD-2009 MP3.torrent
c:\users\Jens Knossalla\AppData\Roaming\BitTorrent\www.fusion-torrent.to_Dieter.Bohlen.-.Der.Bohlenweg.-.Planieren.statt.sanieren.torrent
c:\users\Jens Knossalla\AppData\Roaming\Sunbelt Software
c:\users\Jens Knossalla\AppData\Roaming\Sunbelt Software\CounterSpy\SBCSTray.log
c:\windows\system32\drivers\Lbd.sys
c:\windows\system32\perfc007.dat
c:\windows\system32\perfh007.dat
c:\windows\Tasks\GoogleUpdateTaskMachine.job

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_LBD
-------\Service_Bonjour Service
-------\Service_gupdate1c9e8f5f2be466d
-------\Service_Lbd


((((((((((((((((((((((( Dateien erstellt von 2009-05-28 bis 2009-06-29 ))))))))))))))))))))))))))))))
.

2009-06-28 01:43 . 2009-06-28 01:43 -------- d-----w- c:\program files\HDQuality
2009-06-26 17:43 . 2009-06-26 17:44 -------- d-----w- c:\program files\Cheatbook 03.2009
2009-06-25 20:36 . 2009-06-27 13:50 -------- d-----w- c:\users\Jens Knossalla\AppData\Roaming\RobinsonCrusoe
2009-06-25 20:36 . 2009-06-25 20:36 -------- d-----w- c:\program files\GamesBar
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Oberon Media
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-06-25 20:35 . 2009-06-25 20:35 -------- d-----w- c:\program files\Gamenext

c:\programdata\Fighters\spywarefighter\logs\scan_log536815.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5369148.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5370677.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5377354.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5393796.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log540028.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5401503.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5423608.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5452172.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5455198.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5458708.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5461220.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5463217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5472234.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5488988.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log54917609.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log54935658.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log54966172.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log54973691.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55014750.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55035265.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55040319.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55054858.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55059882.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55065888.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55086932.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55228472.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55234493.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55237504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55242543.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55251061.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55268081.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55286130.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55288142.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55289671.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55291247.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55340325.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55344365.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55349887.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55353413.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55375425.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55383443.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55404971.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5540937.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55424487.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55428044.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55431554.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55452567.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55463597.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55475109.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55501661.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55504687.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55511208.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55514749.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55532799.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55556838.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55559849.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55565387.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55582423.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55603467.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55607507.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55629535.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55681624.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5570764.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55845643.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55850666.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55853178.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55856703.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55867218.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5586785.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55880728.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log55883255.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5590873.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5596785.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5604304.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5610404.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5634834.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log56395859.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log56611982.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5664645.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5665847.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log56659516.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log56663026.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5668857.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5671369.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5680370.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log568186.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5683880.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log56897417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5694301.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5696360.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5702522.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5706641.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log570760.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5708684.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57121107.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57132121.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57139640.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57148657.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57159187.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57160700.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57171293.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5717904.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57183960.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57221478.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57230011.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57305563.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57321693.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log573818.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5748886.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log57523605.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5752396.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log575347.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5754440.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log576876.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5780164.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log578404.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5789399.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5790913.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5795920.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5797933.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5798681.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log579933.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log580557.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5809992.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5815155.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5818213.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log582133.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5823876.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5827963.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log584644.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5855949.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log586173.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5887040.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log588747.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5888803.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5889536.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log590354.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5904544.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log59058718.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5907071.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log592382.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5936571.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5938583.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5943092.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log594956.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5961110.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5974370.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log59747337.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log597499.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5981156.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5988675.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5990921.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5997084.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5999205.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log600510.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6005196.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6007723.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6019516.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log602039.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log603567.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log605096.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6054757.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6056286.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6058236.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6070654.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6073742.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6082244.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log60836068.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log60849079.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log609729.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6113257.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6119295.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6122321.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6144333.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6147344.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log614893.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6149855.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6152367.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log617030.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log618465.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log618575.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6188871.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6192381.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62235850.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62271901.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62280918.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62283929.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log623208.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62321978.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62323491.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62361040.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log623738.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62402069.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62428589.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62431615.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62434626.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62436155.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62457168.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log624612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62464282.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62524171.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62524685.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62538850.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62555449.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log625720.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62584964.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62589488.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log62591001.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log628247.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log629230.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6321378.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6323890.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log632474.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6326402.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log632833.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6328913.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log634003.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6343421.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log634362.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6346495.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6355231.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6358429.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6359957.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6362453.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log636905.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6376291.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6388630.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6391672.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6398334.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6403965.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6408583.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6409113.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log641179.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log641195.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log641600.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log641725.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6419971.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6420423.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6423980.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log642724.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6438925.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6443028.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log644767.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6449237.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6450984.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6451280.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6453839.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6457957.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6459985.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6460516.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6464151.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6473994.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6483011.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6487301.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6489891.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6492964.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6494009.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6499532.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6503260.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log650742.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6521278.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6523852.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6525896.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6528938.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6531044.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6559280.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6561324.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6563398.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6567486.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6580356.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6595769.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6599513.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6601041.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6603584.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6603990.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6605113.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6606626.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6608670.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6610199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6612242.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6619372.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6620900.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6644550.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6647062.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6649573.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6664596.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6667591.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log671896.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6744297.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log676482.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6820644.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6822656.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6825184.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log683658.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6843186.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6845199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log687761.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6883232.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log6920750.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log697230.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7096204.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log713470.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7135314.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7138324.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7142848.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7153893.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log7155391.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log717058.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log718946.txt

c:\programdata\Fighters\spywarefighter\logs\scan_log3688128.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3691139.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3692216.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3700905.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3703526.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3703978.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log370798.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3708065.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37095399.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37123199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37127286.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37130359.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3713713.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3718829.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37202416.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37211136.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37235285.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3723556.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37236814.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log372623.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log372701.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37306032.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log373372.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3734227.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log37362598.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3745022.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log374652.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3758391.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3760419.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3766066.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3770871.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log377210.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3777033.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3779592.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log378661.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3789201.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3793304.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log379566.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3796892.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3797594.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log379768.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log380174.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3804068.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log380876.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38117221.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3812305.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38125926.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log381672.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38176346.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38197437.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3824754.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38257123.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log382654.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3845752.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38471000.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38490033.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3849340.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38508612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log38517380.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3855580.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3856594.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3866874.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log387225.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log388785.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3889510.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log388988.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3895157.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log39028642.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log391188.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3914158.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3916217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3918760.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log392576.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3929025.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3931053.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3939774.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3941817.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3944875.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log39463853.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3955155.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3963876.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log397053.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log39719476.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3977245.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40393058.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40398190.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40403307.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40427971.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log404791.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log405072.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40579307.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40600399.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40751719.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40759925.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40768146.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log40792311.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log411125.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log412482.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log414182.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4147551.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4152153.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4158315.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log416585.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log416725.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4173229.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4187612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4193759.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4197862.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log423917.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log424634.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log425960.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log432107.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log432372.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log432668.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log435975.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log437816.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log438175.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log438284.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log439330.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log439610.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4412379.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log441373.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4417527.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4419055.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log443401.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4443735.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4446808.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log444930.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log447972.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log449002.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log451560.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log452574.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log453619.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log455132.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log456178.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4584136.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4586663.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4589206.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45952574.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45971326.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45986317.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log459890.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45989375.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45992760.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45994461.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log45999188.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46003743.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46007253.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46011449.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4602575.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46027892.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log460280.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46029421.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46048484.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4605133.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46060059.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46066112.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46069154.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4607161.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46073179.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46087671.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4609221.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46092227.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46107624.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46114301.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46114831.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46120463.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46123037.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46127155.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46130618.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46133302.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46141008.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46141273.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46146406.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46147934.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46152474.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log461809.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46194938.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46200585.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46250474.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46341048.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46350299.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log463837.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4641809.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46431045.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46437722.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46444383.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46467534.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46475755.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4650374.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4650857.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46517938.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46533366.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log465382.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log465413.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46542087.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4654991.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46586859.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46590962.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46599183.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log466364.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log466458.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46691832.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46693376.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46694921.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46696980.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4669858.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46700568.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46704655.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46720630.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46727307.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46750457.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46753530.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46759162.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46764294.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46778179.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46780207.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46785323.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46789411.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46792999.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4679873.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46923837.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4693882.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46953399.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46956940.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46958453.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4695910.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46960980.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log46968032.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log47036298.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4703913.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log470545.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log47056422.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log47061960.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log47079978.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4708422.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log47094689.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4718936.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log472121.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4728951.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log473088.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4732196.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log473775.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log474633.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log479313.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log480748.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log483369.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log483431.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log484960.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log485428.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log486988.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4874844.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4876450.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4878026.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log487986.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4882737.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4886856.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4888384.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log489671.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4914359.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4918461.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4922580.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4935934.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log49380806.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4941846.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log49432317.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log494647.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4951097.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log495178.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log49520832.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4963187.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4988755.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log4999473.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5006680.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5009784.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5011329.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log503399.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5038645.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5040267.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log505989.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5060906.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log509717.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5117519.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5121622.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5124679.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5146504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5154007.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5156503.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5158017.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5158048.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5159592.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5161121.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5162525.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5162650.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5164210.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5165739.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5166862.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5167314.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5168890.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5168921.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5170450.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5171979.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5172462.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5173507.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5175052.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5176612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5178141.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5179685.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5180231.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5183055.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5187064.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5188390.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5191448.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5201088.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5213116.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5217125.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5223631.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5237811.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5241914.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log525083.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5260930.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5266063.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log526612.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5270665.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5274253.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5279900.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log529155.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5292224.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5299416.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log531713.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log533242.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5333174.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log534771.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5351692.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log5364016.txt

c:\programdata\Fighters\spywarefighter\logs\scan_log205671.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20571695.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20576204.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2058932.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log205999.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2062520.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log206997.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log207481.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2090272.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log209228.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2096435.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2101567.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2106684.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log211084.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log211147.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2115981.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log212005.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log215016.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log215125.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2153032.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2157213.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2160208.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2161737.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2165325.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log217652.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log218136.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log218853.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log219259.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log220445.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log221318.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log221911.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log222161.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2222421.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2225494.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2233169.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2239363.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2246554.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log227714.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log22802868.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log22904409.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log229461.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2308299.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log230990.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2310858.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2313432.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23195648.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23197177.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2324227.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log232519.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log233018.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log233049.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log233408.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23346516.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2335412.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23357031.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23362038.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2338049.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2338579.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log234531.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2347581.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log23496574.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log235202.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2352526.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2356270.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log235889.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log235904.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log237199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2385192.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log240428.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log241130.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2416767.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2418779.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log242441.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log244235.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24487742.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24491236.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24495744.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24502765.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24504777.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24521781.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24526289.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24529800.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24544822.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24555337.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24561359.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24569361.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24591373.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24593885.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log247292.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log248119.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24813924.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24815437.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24818433.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24826451.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log248977.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24921471.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24927477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log249336.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2494830.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log24952484.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log249632.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log252690.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25370068.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25376589.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25378102.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25379615.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25383125.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log25384623.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log254453.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log257510.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log257978.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log258618.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26068235.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26069732.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log261130.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26115253.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26129761.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26216186.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2622735.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2625309.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2628897.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log263126.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2634061.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2637680.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2637836.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2639380.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2639739.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26409986.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2642282.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26430469.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26433417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26438441.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2644326.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2644497.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2648444.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log26519967.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2656650.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2660425.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log266262.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2668209.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2670019.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2675417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log267728.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2678006.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log267822.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2679504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2683154.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2686274.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2689348.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log269351.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2694480.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2700143.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log270334.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log270880.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log27140523.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log272408.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log272424.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2729705.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2744962.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2745196.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2758518.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log275981.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log276839.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2769314.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2775476.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log278336.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2787269.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2790343.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2791216.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2802199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log280364.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log281613.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log281644.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2819172.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log282361.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2829811.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log283266.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2842650.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log284686.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log284873.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log285216.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2858577.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log286215.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2863179.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2868312.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log286948.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2880230.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2880901.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log288445.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log288773.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log288804.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2890511.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2891478.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log290333.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log290973.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log293547.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log295606.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2976124.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log29988914.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log29990490.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log300535.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log300613.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log301627.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log302158.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3044562.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3072860.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3093967.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log311502.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3118553.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3120191.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3132016.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3136992.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log314014.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3142811.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log315668.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3157569.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3170065.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3194089.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3197334.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3205555.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3209642.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log321284.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log321299.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3219408.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3225944.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3228128.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log323858.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log324372.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log325402.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3255382.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log326666.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log326884.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log327461.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3279546.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3280482.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log329006.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3298219.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3300778.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log333623.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3338592.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log334122.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3341291.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3349513.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log336244.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3364785.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3382897.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3388232.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33901092.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33908299.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33909859.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33912417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33915490.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33940217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33942759.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33945817.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33953508.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33993647.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log33997219.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34001322.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34003881.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34005955.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34007500.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34009029.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34035237.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34038809.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34043427.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34057810.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34077841.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34095360.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34104080.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34113315.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34114844.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34118931.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34126139.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34161130.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34174000.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34180661.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log341829.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34184249.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34186293.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34198102.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34218678.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34227414.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34274262.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34319034.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34342169.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34357098.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log343888.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34400342.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34407549.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34409078.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34410606.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3441881.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34419857.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34422416.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3443394.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log345074.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34525033.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34526562.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log346431.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log346525.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log346603.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log34793667.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3505997.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3515763.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3537868.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3557212.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log35972379.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log35977527.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log35980600.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36034062.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36041238.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36045325.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36054077.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36109145.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log361391.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36180703.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36243961.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36247549.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3624932.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36259374.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36263462.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3628520.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log362889.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36361758.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36364815.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36376125.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36387436.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36395641.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36399713.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36412567.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3642389.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36428994.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3644432.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3645946.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log364652.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36467604.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36471707.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36480443.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36509225.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36515918.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36521050.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3656757.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3661889.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log366227.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log366477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3665976.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log366789.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3669049.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36710950.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36725349.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3672637.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36770137.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36782461.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log368006.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36824145.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36832881.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3683402.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36834441.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36836469.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36839542.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36853941.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36856999.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36862131.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3686537.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log36865719.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log3688066.txt

c:\programdata\Fighters\spywarefighter\logs\scan_log12391986.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12411002.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12414044.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12429566.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12431672.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12433201.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12435245.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1254497.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1256026.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1257555.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1265246.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1301375.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1303263.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13040139.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13041652.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13053664.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1305993.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13068671.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13080184.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1310595.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1314870.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13204720.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13210227.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13214251.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13232784.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13240803.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log132413.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1324932.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1326538.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13271317.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1327521.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1328520.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1328582.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1330111.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1330532.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13305340.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13311346.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13314872.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1333168.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1338816.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13430406.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1343418.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13434416.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13436428.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1345446.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1348004.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13485958.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1349096.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13520466.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1352123.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1352138.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13524475.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13525988.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1352622.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1356225.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13580011.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1360157.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1360328.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1360859.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1362356.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1363885.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1364961.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13682052.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13684048.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13686061.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1369563.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13722737.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13727385.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13728899.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13731473.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13734047.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1374197.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13743578.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13746090.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13753578.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13766417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13771534.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13773562.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1379828.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1381669.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13835603.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13838115.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13840627.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1384446.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1385491.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13875649.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13880157.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1388237.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1388564.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13887177.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13891187.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13909704.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1391248.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log139246.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log13928736.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1393166.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log139792.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1398252.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1398814.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1409110.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1412183.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1418173.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1419702.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1420389.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1425505.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1431199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1440965.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1445037.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log146110.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1470418.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1473445.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1482477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1487126.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1492757.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log150759.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1514457.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1518014.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1526750.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1528279.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1529808.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1531851.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log154144.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1543661.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log155704.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1557545.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1574502.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1576046.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log15779469.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1578090.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1587029.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1588558.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1600211.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16006513.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1600819.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16009602.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16021162.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1602177.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16034188.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16037698.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16053719.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16055232.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16058758.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16062330.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1612597.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1618057.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1622581.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1624766.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1626279.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1627808.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1629383.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1630912.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1635654.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1637199.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1638774.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16436031.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16498759.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log165283.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log165719.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16572563.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16584918.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16630205.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16635338.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log166375.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16647662.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16648879.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16649206.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16689860.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16692933.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16697535.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16702668.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16716021.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16717550.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16719079.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16722137.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16743212.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16745771.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16766831.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log168481.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16858918.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16864581.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16869183.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log168902.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16891803.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16897217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16912380.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log169385.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log16943299.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17001940.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17052843.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1709880.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1716557.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1721174.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log172412.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17267953.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17274630.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17280527.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log17402114.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log174050.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log174097.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log175048.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log175766.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log177778.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log178667.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log179900.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log180415.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18117425.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18122448.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log181429.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18157517.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18168063.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18177111.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18179124.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18199622.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18201229.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18202742.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18219263.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18222273.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18226283.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1834946.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1837488.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log183831.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1843105.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1851326.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1856458.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18573338.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18583868.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18586364.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18635910.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18652415.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18654927.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18656955.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18659466.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18674988.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1868283.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log186951.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1870857.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18710494.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1873416.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1875163.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1875974.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1877503.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log188464.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log188948.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18896557.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18953575.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18958583.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18962607.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18964620.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18971624.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1898235.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log18985633.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1902494.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1903742.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1905255.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1905552.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log191241.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19134162.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19136658.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19139669.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19145690.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19153194.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19155705.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19169215.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19171727.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1920278.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19241272.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19243269.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1925130.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19259789.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19264797.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19274812.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log192770.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19278322.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19286325.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19292846.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log193004.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19305357.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19314873.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19334919.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19336417.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19338429.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19341471.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1934162.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1934927.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19351986.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1936440.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19374497.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1937938.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19390019.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1939451.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19395526.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1940964.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19417553.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log194236.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1942477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19427584.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19432092.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1943990.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19445103.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1945504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1947017.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19475648.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1948514.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19487161.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19495663.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log194970.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1950028.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19509672.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1951541.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19523681.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19526691.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1953070.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19531699.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19543212.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19561729.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19565754.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log196280.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log196561.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log196623.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log196701.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log196732.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log197388.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1988825.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1992928.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19947411.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19950421.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19952917.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19989437.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log19990950.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1999418.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log199977.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20000966.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20003477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20007487.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2001446.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log200523.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20071509.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20084504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log200898.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20105034.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2012771.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2013255.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log201366.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log201522.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2016312.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2020930.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log202442.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log202676.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2027092.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2027357.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2030680.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log203940.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2039931.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log204486.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20460576.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20463072.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20467081.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20528109.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20530651.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20533662.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log20535675.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log205468.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log2056373.txt

c:\program files\Fighters\Spywarefighter\Signatures\20090529.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090530.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090531.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090601.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090602.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090603.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090604.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090605.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090606.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090607.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090608.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090609.sfw
c:\program files\Fighters\Spywarefighter\Signatures\3166.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3167.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3168.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3169.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3170.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3171.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3172.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3173.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3174.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3175.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3176.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3177.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3178.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3179.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3180.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3181.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3182.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3183.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3184.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3185.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3186.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3187.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3188.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3189.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3190.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3191.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3192.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3193.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3194.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3195.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3196.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3197.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3198.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3199.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3200.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3201.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3202.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3203.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3204.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3205.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3206.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3207.DAT
c:\program files\Fighters\Spywarefighter\Signatures\3208.DAT
c:\program files\Fighters\Spywarefighter\Signatures\Copyright.txt
c:\program files\Fighters\Spywarefighter\user.config
c:\program files\Google\Update
c:\program files\Google\Update\1.2.145.5\GoogleUpdate.exe
c:\program files\Google\Update\1.2.145.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.2.145.5\goopdate.dll
c:\program files\Google\Update\1.2.145.5\GoopdateBho.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ar.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_bg.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_bn.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ca.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_cs.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_da.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_de.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_el.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_en.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_es.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_et.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_fa.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_fi.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_fil.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_fr.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_gu.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_hi.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_hr.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_hu.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_id.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_is.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_it.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_iw.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ja.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_kn.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ko.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_lt.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_lv.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ml.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_mr.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ms.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_nl.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_no.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_or.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_pl.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ro.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ru.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_sk.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_sl.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_sr.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_sv.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ta.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_te.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_th.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_tr.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_uk.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_ur.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_vi.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.2.145.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Lavasoft
c:\program files\Navilog1
c:\program files\Navilog1\recherok.txt
c:\program files\Navilog1\Report\catchmeF.log
c:\program files\Navilog1\Report\catchmeP.log
c:\program files\Navilog1\Report\debug.txt
c:\programdata\Fighters
c:\programdata\Fighters\spywarefighter\logs\install.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log10290543.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log10292072.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log10293601.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1037328.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1045113.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1046626.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1053037.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1068404.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1074051.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1076094.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1101289.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11018615.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11022157.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11024653.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11063169.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11064682.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11066695.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1116467.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11172245.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11174242.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1131147.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11342801.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1134735.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1140351.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1143424.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1151646.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1158822.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1159664.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11626426.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11632947.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11644991.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11652057.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11662572.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11669576.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11671604.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11700137.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1170132.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11709669.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11712711.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11716221.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11867760.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11874281.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11900785.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11943311.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11947835.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11949863.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11953389.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11956883.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11959910.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11964917.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11967429.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11969941.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11972452.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11974465.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11976477.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11978973.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11981984.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11984511.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11986009.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11988021.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11990018.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11992030.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11994043.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11996554.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log11998052.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12000080.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12001578.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12004089.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12009097.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12011608.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12018114.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12020641.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12024650.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12027645.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12033168.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12040172.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12044181.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12046693.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12050203.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12052200.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12054228.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12056724.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12061248.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12063744.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12067769.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12073868.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12077379.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12081903.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12088423.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12094429.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12100950.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12105958.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12108969.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12112479.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12114990.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12116504.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12120513.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12125021.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12134054.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12140559.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12144085.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12146081.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12151089.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12152602.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12155613.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12161619.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12166127.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12168124.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12171634.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12174146.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12180667.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12187188.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12190713.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12192726.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12198747.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12202257.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12210276.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12213786.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12218793.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12221789.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12225813.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12230821.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12233348.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12238855.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12242365.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12243863.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12245376.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12247888.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12256904.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12259915.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12264439.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12265953.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12269010.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12273019.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12274548.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12276061.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12279571.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12283081.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12285094.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12286685.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12290694.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12293705.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12296217.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12299228.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12301739.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12304235.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12305748.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12307262.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12310257.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12313767.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12347276.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12355294.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log1235808.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12358305.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12361831.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12365871.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12368882.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12372423.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12385964.txt
c:\programdata\Fighters\spywarefighter\logs\scan_log12389474.txt

So jetzt hast du alles fein säuberlich ;-)

Schonmal Danke ;-)













ComboFix 09-06-28.06 - Jens Knossalla 29.06.2009 21:55.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.2046 [GMT 2:00]
ausgeführt von:: c:\users\Jens Knossalla\Desktop\cofi.exe.exe
Benutzte Befehlsschalter :: c:\users\Jens Knossalla\Desktop\cfscript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"C:\Cucu_Video_log.txt"
"C:\fixnavi.txt"
"c:\users\Jens Knossalla\AppData\Local\caocs.bat"
"c:\windows\system32\drivers\Lbd.sys"
"c:\windows\system32\perfc007.dat"
"c:\windows\system32\perfh007.dat"
"c:\windows\Tasks\GoogleUpdateTaskMachine.job"
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Cucu_Video_log.txt
C:\fixnavi.txt
c:\program files\Apple Software Update
c:\program files\Apple Software Update\plugins\EXEInstallPlugin.dll
c:\program files\Apple Software Update\plugins\MSIInstallPlugin.dll
c:\program files\Apple Software Update\ScriptingObjectModel.dll
c:\program files\Apple Software Update\SoftwareUpdate.exe
c:\program files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\Software Update.tiff
c:\program files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\SoftwareUpdateLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateAdmin.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\SoftwareUpdateFilesLocalized.dll
c:\program files\BitTorrent
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\BitTorrentIE.2.dll
c:\program files\BitTorrent\uninst.exe
c:\program files\Bonjour
c:\program files\Bonjour\About Bonjour.rtf
c:\program files\Bonjour\mdnsNSP.dll
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\Fighters
c:\program files\Fighters\Spywarefighter\logfile.txt
c:\program files\Fighters\Spywarefighter\scnuser.txt
c:\program files\Fighters\Spywarefighter\Signatures\20090101.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090102.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090103.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090104.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090105.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090106.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090107.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090108.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090109.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090110.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090111.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090112.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090113.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090114.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090115.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090116.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090117.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090118.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090119.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090120.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090121.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090122.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090123.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090124.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090125.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090126.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090127.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090128.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090129.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090130.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090131.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090201.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090202.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090203.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090204.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090205.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090206.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090207.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090208.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090209.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090210.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090211.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090212.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090213.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090214.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090215.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090216.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090217.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090218.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090219.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090220.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090221.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090222.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090223.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090224.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090225.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090226.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090227.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090228.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090301.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090302.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090303.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090304.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090305.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090306.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090307.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090308.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090309.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090310.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090311.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090312.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090313.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090314.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090315.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090316.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090317.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090318.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090319.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090320.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090321.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090322.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090323.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090324.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090325.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090326.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090327.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090328.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090329.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090330.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090331.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090401.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090402.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090403.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090404.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090405.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090406.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090407.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090408.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090409.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090410.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090411.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090412.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090413.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090414.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090415.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090416.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090417.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090418.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090419.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090420.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090421.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090422.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090423.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090424.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090425.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090426.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090427.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090428.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090429.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090430.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090501.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090502.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090503.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090504.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090505.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090506.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090507.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090508.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090509.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090510.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090511.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090512.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090513.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090514.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090515.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090516.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090517.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090518.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090519.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090520.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090521.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090522.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090523.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090524.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090525.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090526.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090527.sfw
c:\program files\Fighters\Spywarefighter\Signatures\20090528.sfw

achso ich benutze antivir

Siehst du unten rechts den Regenschirm?

ciao, andreas

Edit: Ich weiß jetzt noch nicht, ob es deiner ist, aber ich habe etwas gefunden:

Ja ich sehe den genschirm, wieso?
Bin ich dann jetzt wieder sauber?
Wie kann ich die ganzen Programme denn jetzt wieder deinstallieren?

Gut, ich wollte nur sicher gehen. ;)
Nein, mindestens 4 Programme kommen noch und falls noch mehr gefunden wird noch weitere.
Rsit kannst du einfach löschen.

1.) Start => Ausführen => combofix /u => OK

2.) Kaspersky - Onlinescanner

Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick über die vorhandene Malware.

---> hier herunterladen => Kaspersky Online Scanner
=> Hinweise zu älteren Versionen beachten!
=> Voraussetzung: Internet Explorer 6.0 oder höher
=> die nötigen ActiveX-Steuerelemente installieren => Update der Signaturen => Weiter
=> Scan-Einstellungen => Standard wählen => OK => Link "Arbeitsplatz" anklicken
=> Scan beginnt automatisch => Untersuchung wurde abgeschlossen => Protokoll speichern als
=> Dateityp auf .txt umstellen => auf dem Desktop als Kaspersky.txt speichern => Log hier posten
=> Deinstallation => Systemsteuerung => Software => Kaspersky Online Scanner entfernen

3.) Überprüfe den Rechner mit PrevXCSI. Poste ein Screenshot falls etwas gefunden werden sollte.

4.) Poste ein neues HJT-Log.

ciao, andreas

Also rsit habe ich einfach so vom desktop gelöscht! Richtig oder?

zu combofix: Start / Ausführen geht bei mir nicht habe vista! Wäre das die Anweisung zur löschung oder wie? Wie genau soll ich das denn löschen?

Wennn Antivir was findet was soll ich dann eigentlich machen? Zugriff verweigern oder löschen?

C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Dec 2006 13:20 from Volksbanken Raiffeisenbanken:Internet-Ban.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Dec 2006 20:28 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/30 Dec 2006 04:03 from Volksbanken Raiffeisenbanken:Anleitung Fr.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/31 Dec 2006 23:23 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/04 Jan 2007 18:24 from Volksbanken Raiffeisenbanken AG:Anleitung.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/06 Jan 2007 12:07 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Jan 2007 09:36 from Volksbanken Raiffeisenbanken AG:obligator.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2007 06:07 from Volksbanken Raiffeisenbanken AG:Volksbank.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2007 03:34 from Isabel Howe:British Muslims Genocide/Video.exe Infizierte Objekte: Trojan-Downloader.Win32.Small.dam übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2007 00:39 from alternation:Radical Muslim drinking enemi/Full Clip.exe Infizierte Objekte: Email-Worm.Win32.Zhelatin.a übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2007 14:18 from Bertram:Your Love Has Opened/Greeting Postcard.exe Infizierte Objekte: Email-Worm.Win32.Zhelatin.a übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2007 17:07 from Bobbie:You Lucky Duck!/postcard.exe Infizierte Objekte: Trojan-Proxy.Win32.Lager.dp übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2007 19:28 from Sewell Angelina:Falling In Love with You/flash postcard.exe Infizierte Objekte: Trojan-Proxy.Win32.Lager.dp übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/24 Jan 2007 18:34 from Luna Emily:Love is in the Air/Greeting Postcard.exe Infizierte Objekte: Trojan-Downloader.Win32.Small.ciw übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/04 Feb 2007 21:44 from greibnertz@gmx.de:Von Marlene/Marlene-Bild__JPG.com Infizierte Objekte: Trojan-Dropper.Win32.Mudrop.cy übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2007 00:05 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2007 23:16 from Volksbanken Raiffeisenbanken AG:Volksbank.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/27 Jan 2007 10:34 from Volksbanken Raiffeisenbanken AG:Volksbank.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2007 00:22 from dazzle:When You Fall in Love/greeting card.exe Infizierte Objekte: Email-Worm.Win32.Zhelatin.h übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2007 05:46 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst MailMSMaill: infiziert - 175, verdächtig - 6 übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012009070120090702\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Media\11.0\WMSDKNSD.XML Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat{d380309a-fd1c-11dd-8b42-001377b3f83b}.TM.blf Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat{d380309a-fd1c-11dd-8b42-001377b3f83b}.TMContainer00000000000000000001.regtrans-ms Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows\UsrClass.dat{d380309a-fd1c-11dd-8b42-001377b3f83b}.TMContainer00000000000000000002.regtrans-ms Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Mail\edb.log Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Mail\tmp.edb Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Roaming\Qlikworld\RSSReader\data\archive.db Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\NTUSER.DAT Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\ntuser.dat.LOG1 Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\ntuser.dat.LOG2 Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Das Objekt ist gesperrt übersprungen
C:\Windows\bthservsdp.dat Das Objekt ist gesperrt übersprungen
C:\Windows\Debug\PASSWD.LOG Das Objekt ist gesperrt übersprungen
C:\Windows\Debug\WIA\wiatrace.log Das Objekt ist gesperrt übersprungen
C:\Windows\Logs\CBS\CBS.log Das Objekt ist gesperrt übersprungen
C:\Windows\Logs\CBS\CBS.persist.log Das Objekt ist gesperrt übersprungen
C:\Windows\Logs\DPX\setupact.log Das Objekt ist gesperrt übersprungen
C:\Windows\Logs\DPX\setuperr.log Das Objekt ist gesperrt übersprungen
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Das Objekt ist gesperrt übersprungen
C:\Windows\Panther\UnattendGC\diagerr.xml Das Objekt ist gesperrt übersprungen
C:\Windows\Panther\UnattendGC\diagwrn.xml Das Objekt ist gesperrt übersprungen
C:\Windows\Panther\UnattendGC\setupact.log Das Objekt ist gesperrt übersprungen
C:\Windows\Panther\UnattendGC\setuperr.log Das Objekt ist gesperrt übersprungen
C:\Windows\security\database\secedit.sdb Das Objekt ist gesperrt übersprungen
C:\Windows\SoftwareDistribution\ReportingEvents.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Das Objekt ist gesperrt übersprungen
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Das Objekt ist gesperrt übersprungen
C:\Windows\System32\catroot2\edb.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Das Objekt ist gesperrt übersprungen
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Das Objekt ist gesperrt übersprungen
C:\Windows\System32\LogFiles\Firewall\pfirewall.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\LogFiles\Firewall\pfirewall.log.old Das Objekt ist gesperrt übersprungen
C:\Windows\System32\LogFiles\Scm\SCM.EVM Das Objekt ist gesperrt übersprungen
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Das Objekt ist gesperrt übersprungen
C:\Windows\System32\restore\MachineGuid.txt Das Objekt ist gesperrt übersprungen
C:\Windows\System32\spool\SpoolerETW.etl Das Objekt ist gesperrt übersprungen
C:\Windows\System32\sysprep\Panther\diagerr.xml Das Objekt ist gesperrt übersprungen
C:\Windows\System32\sysprep\Panther\diagwrn.xml Das Objekt ist gesperrt übersprungen
C:\Windows\System32\sysprep\Panther\setupact.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\sysprep\Panther\setuperr.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\0332A97878022BD4B34ECC098E57783A.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\040270F850D5C3C91057DDDA2DA294D8.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\0FF162C67AD719BB7258CA5874D0E6EC.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\1328355F476A6C04BC174C8FEFED6030.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\191095FB4864B1AE365957B3B2D28C4F.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\1A4E55E3BE96FF394FB5020C4D537AB1.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\1F260613E85F3D0BACEC07DCEF35396B.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\21D7529435092A1DD242FD6ACF494493.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\22A0F05220E6420CA3AA86E34805F752.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\241F1954DCD7B0310958D9540754CEC3.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\394EF2A769C648E61B41BFAD23BACF0E.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\3CF854648793305D1D2A7AC41F80E9D6.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\3DFD050CBBC8EA38EA5F1066285F0F4E.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\3EFE5AEBC6F1152375E7674497F7043F.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\3FC136B9AA8D71056333AF0137119E93.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\422F2CA2C538F8B8C6D7F7D2B92DC785.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\4461018BFFC22A809EBE8FA05567B686.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\45D86E53E6ADF70035B0034F9D8C42FE.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\47DDFF7276CF8C08F181DD23AF67B868.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\4B2660072B052959CB2A0C8B6A1E9B6A.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\4D9F92C0437DBC456F4433CDD8506F52.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\4FFAA3E7CB3131376614E98F756EE7AD.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\542DC56D520FDDEDA279A0D2F398203D.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\58F6DC94AE063187572E906AE0B9DC24.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\5F8AAE81E6AA25DDECD426311EDC3CEA.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\6389D91E49CCAF02640B61214A97211F.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\63E48B1766A961491E55D10F8F08C0E7.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\66231762529A003735024004DCDE643C.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\6DD1779321E1C86B32D09A35DA5E4ED2.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\734834D588DA61453DEA4E0AF499ADCE.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\7424188A11F3D829BB76C98170DB45E5.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\75054C3771DF289038069A9BB1C1FB6E.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\7A7E1B1832596F5C49CD70E9755EED39.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\7BDE76979585395D59B5DA1D62E63C50.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\7C45C8B7490D3AD44A961494C7FBFAFD.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\7DFE880F785D5AB82870BFC0C3F814A2.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\8608CDBF407B09DF27C3406379384843.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\86824C24FDE0A58E4EB1A7918FBEF0C5.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\89B278BD994A4232365F0E916C19916C.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\8A20D7181B570E2E2142FB6261D170A2.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\9B2AE30BDA2ED3E7E1378B8770C99C54.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\9FB731EA48C7701EB7978CEB7E0314AD.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\A02DB69DBBC4F298AD0CE59F677EBF22.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\A851D3BCFCE697C24E7112D24AFBE9E3.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\B7890DE53F3A6B3C277523E82A081C04.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\B88E8B639804BA063AC1D11AC4C196C1.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\B8F066315788F9A2DF744CF3A9F7F3D6.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\BF2ADAFC80AB82D412CD9F0B99A0AD2C.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\C3613D92FBA5F820823577D6FC2CE8A9.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\C5B3C3C921790F19FCDE9367A797A2EF.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\CF881EBD6F50B8BAA9BD57DC3DAC5CB2.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\CFD53C8456D58010BA580B1D5CFF68D3.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\D4CB64722F050ABEB5F8B6B143A19A6C.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\D6149C45B68480CA184F2D9C7CB312A5.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\DED51090917AEE019629CE420A50F3C2.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\DF2FB1F3C8DCD25B01FDE5A4697177CB.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\EC4E4D2526C1F24E4D610677CF1EA0E7.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\EEDD6F5F4BEDFEA1C780FFC78DCDE051.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\F001D607C389EDBCFB1D1F3C9AE0FFC5.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\F1E5535EC8A153BF2EB4F202C2704228.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\F644552872028BB5127A6F0E7B587070.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\AutoRecover\FA01281653BC6D33CB10F9E5C36E4047.mof Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\Logs\WMITracing.log Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\repository\INDEX.BTR Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\repository\MAPPING1.MAP Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\repository\MAPPING2.MAP Das Objekt ist gesperrt übersprungen
C:\Windows\System32\wbem\repository\OBJECTS.DATA Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Application.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Media Center.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-PLA%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WDI%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Metrics.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\ODiag.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\OSession.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Security.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\Setup.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\System32\winevt\Logs\System.evtx Das Objekt ist gesperrt übersprungen
C:\Windows\Tasks\SCHEDLGU.TXT Das Objekt ist gesperrt übersprungen
C:\Windows\Tasks\SupBackGroundTask.job Das Objekt ist gesperrt übersprungen
C:\Windows\temp\fwtsqmfile00.sqm Das Objekt ist gesperrt übersprungen
C:\Windows\WindowsUpdate.log Das Objekt ist gesperrt übersprungen
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18000_none_d12e90ac35ffb753\dnary.xsd Das Objekt ist gesperrt übersprungen
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\dnary.xsd Das Objekt ist gesperrt übersprungen
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\dnary.xsd Das Objekt ist gesperrt übersprungen
C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6002.18005_none_d31a09b83321829f\dnary.xsd Das Objekt ist gesperrt übersprungen

Die Untersuchung wurde abgeschlossen.

RS SUP/email-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 03:54 from reisebuero-tholen@t-online.de:Your passwo/password.zip/password.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 03:54 from reisebuero-tholen@t-online.de:Your passwo/password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 09:28 from reisebuero-tholen@t-online.de:Members Sup/account-report.zip/account-report.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 09:28 from reisebuero-tholen@t-online.de:Members Sup/account-report.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 20:54 from reisebuero-tholen@t-online.de:Security me/important-details.zip/important-details.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Jan 2006 20:54 from reisebuero-tholen@t-online.de:Security me/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 02:38 from reisebuero-tholen@t-online.de:Members Sup/account-details.zip/account-details.doc .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 02:38 from reisebuero-tholen@t-online.de:Members Sup/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 08:21 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip/email-password.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 08:21 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 14:02 from reisebuero-tholen@t-online.de:Your Accoun/email-details.zip/email-details.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 14:02 from reisebuero-tholen@t-online.de:Your Accoun/email-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 19:31 from reisebuero-tholen@t-online.de:zjiolsclwvt/account-report.zip/account-report.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Jan 2006 19:31 from reisebuero-tholen@t-online.de:zjiolsclwvt/account-report.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 01:20 from reisebuero-tholen@t-online.de:Important N/important-details.zip/important-details.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 01:20 from reisebuero-tholen@t-online.de:Important N/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 06:58 from reisebuero-tholen@t-online.de:*DETECTED* /important-details.zip/important-details.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 06:58 from reisebuero-tholen@t-online.de:*DETECTED* /important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 12:37 from reisebuero-tholen@t-online.de:Warning Mes/account-info.zip/account-info.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 12:37 from reisebuero-tholen@t-online.de:Warning Mes/account-info.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 18:09 from reisebuero-tholen@t-online.de:Your passwo/owkuoe.zip/owkuoe.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Jan 2006 18:09 from reisebuero-tholen@t-online.de:Your passwo/owkuoe.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/24 Jan 2006 17:11 from reisebuero-tholen@t-online.de:WARNING MES/document.zip/document.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/24 Jan 2006 17:11 from reisebuero-tholen@t-online.de:WARNING MES/document.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/24 Jan 2006 23:03 from reisebuero-tholen@t-online.de:Security me/important-details.zip/important-details.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/24 Jan 2006 23:03 from reisebuero-tholen@t-online.de:Security me/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 04:49 from reisebuero-tholen@t-online.de:*DETECTED* /account-info.zip/account-info.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 04:49 from reisebuero-tholen@t-online.de:*DETECTED* /account-info.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 10:42 from reisebuero-tholen@t-online.de:*DETECTED* /document.zip/document.doc .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 10:42 from reisebuero-tholen@t-online.de:*DETECTED* /document.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 16:27 from reisebuero-tholen@t-online.de:Your passwo/approved-password.zip/approved-password.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 16:27 from reisebuero-tholen@t-online.de:Your passwo/approved-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 16:56 from reisebuero-tholen@t-online.de:Important N/document.zip/document.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Jan 2006 16:56 from reisebuero-tholen@t-online.de:Important N/document.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2006 15:16 from reisebuero-tholen@t-online.de:You have su/account-password.zip/account-password.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2006 15:16 from reisebuero-tholen@t-online.de:You have su/account-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2006 23:33 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip/important-details.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/26 Jan 2006 23:33 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/27 Jan 2006 05:53 from reisebuero-tholen@t-online.de:You have su/account-password.zip/account-password.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/27 Jan 2006 05:53 from reisebuero-tholen@t-online.de:You have su/account-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 00:50 from reisebuero-tholen@t-online.de:Your Accoun/account-details.zip/account-details.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 00:50 from reisebuero-tholen@t-online.de:Your Accoun/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 07:00 from reisebuero-tholen@t-online.de:ftmcdbiymx/updated-password.zip/updated-password.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 07:00 from reisebuero-tholen@t-online.de:ftmcdbiymx/updated-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 09:39 from reisebuero-tholen@t-online.de:Your new ac/updated-password.zip/updated-password.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 09:39 from reisebuero-tholen@t-online.de:Your new ac/updated-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 17:41 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip/important-details.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Jan 2006 17:41 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 00:02 from reisebuero-tholen@t-online.de:YOU HAVE SU/email-password.zip/email-password.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 00:02 from reisebuero-tholen@t-online.de:YOU HAVE SU/email-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 06:13 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip/important-details.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 06:13 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 12:34 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip/email-password.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Jan 2006 12:34 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/30 Jan 2006 07:14 from reisebuero-tholen@t-online.de:YOUR ACCOUN/account-report.zip/account-report.doc .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/30 Jan 2006 07:14 from reisebuero-tholen@t-online.de:YOUR ACCOUN/account-report.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/31 Jan 2006 07:54 from reisebuero-tholen@t-online.de:Your passwo/new-password.zip/new-password.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/31 Jan 2006 07:54 from reisebuero-tholen@t-online.de:Your passwo/new-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/31 Jan 2006 11:26 from reisebuero-tholen@t-online.de:Your passwo/password.zip/password.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/31 Jan 2006 11:26 from reisebuero-tholen@t-online.de:Your passwo/password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/01 Feb 2006 09:34 from reisebuero-tholen@t-online.de:Your passwo/account-password.zip/account-password.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/01 Feb 2006 09:34 from reisebuero-tholen@t-online.de:Your passwo/account-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/01 Feb 2006 17:44 from reisebuero-tholen@t-online.de:EJXLJFMWYFD/dta.zip/dta.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/01 Feb 2006 17:44 from reisebuero-tholen@t-online.de:EJXLJFMWYFD/dta.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/02 Feb 2006 10:27 from reisebuero-tholen@t-online.de:WARNING MES/important-details.zip/important-details.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/02 Feb 2006 10:27 from reisebuero-tholen@t-online.de:WARNING MES/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/02 Feb 2006 18:39 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip/important-details.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/02 Feb 2006 18:39 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/03 Feb 2006 08:02 from reisebuero-tholen@t-online.de:Your new ac/accepted-password.zip/accepted-password.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/03 Feb 2006 08:02 from reisebuero-tholen@t-online.de:Your new ac/accepted-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/08 Feb 2006 13:43 from support@paypal.com:PayPal Notification: U.eml/[Date 8 Feb 2006 14:43:06]/html Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/08 Feb 2006 13:43 from support@paypal.com:PayPal Notification: U.eml Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/12 Feb 2006 00:34 from -maria80@arcor.de:Von Tanja-Maria/Fotos-Setcard__JPG.com Infizierte Objekte: Trojan-Dropper.Win32.Agent.age übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Mar 2006 22:09 from PayPal.com:{Disarmed} PayPal Notification.eml/[Date 23 Mar 2006 23:07:03]/html Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Mar 2006 22:09 from PayPal.com:{Disarmed} PayPal Notification.eml Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/12 Aug 2006 07:22 from nortling@arcor.de:Von Beate/Foto-006_(klein)__JPG.com Infizierte Objekte: Trojan-Dropper.Win32.MultiJoiner.13.j übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/08 Oct 2006 16:53 from VOLKSBANK:Fur alle Volksbanken-Raiffeisen.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.qi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/08 Nov 2006 23:36 from hurstling@arcor.de:Von Birgit/Fotos--MCI112__JPG.com Infizierte Objekte: Trojan-Dropper.Win32.Agent.age übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Nov 2006 21:30 from Volksbanken Raiffeisenbanken:Information .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Nov 2006 01:21 from CitiBank Deutschland:Betreff Achtung! FXr.html Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Nov 2006 05:15 from CitiBank Deutschland:Betreff Achtung! FXr.html Verdächtige Objekte: Trojan-Spy.HTML.Fraud.gen übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Dec 2006 00:37 from Volksbanken Raiffeisenbanken AG:Volksbank.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Dec 2006 13:05 from Volksbanken Raiffeisenbanken AG:die eilig.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Dec 2006 23:42 from Volksbanken Raiffeisenbanken:amtliche Nac.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Dec 2006 23:38 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Dec 2006 03:45 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Dec 2006 22:42 from Volksbanken Raiffeisenbanken AG:Banking.html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/25 Dec 2006 00:11 from Volksbanken Raiffeisenbanken:Volksbanken .html Infizierte Objekte: Trojan-Spy.HTML.Bankfraud.od übersprungen

So hier also mal das kaspersky protokoll...es zeigt 14 Viren gefunden, 177 infizierte objekte.....das hört sich nicht gut an und ich hab auch bissel angst jetzt.

-------------------------------------------------------------------------------
PROTOKOLL FÜR KASPERSKY ONLINE SCANNER
Mittwoch, 1. Juli 2009 15:42:47
Betriebssystem: Microsoft Windows Vista Home Edition, Service Pack 2 (Build 6002)
Version von Kaspersky Online Scanner: 5.0.98.2
Letztes Update der Antiviren-Datenbanken: 1/07/2009
Anzahl der Einträge in den Antiviren-Datenbanken: 2411353
-------------------------------------------------------------------------------

Scan-Einstellungen:
Folgende Antiviren-Datenbanken zur Untersuchung verwenden: Erweiterte
Archive untersuchen: ja
Mail-Datenbanken untersuchen: ja

Untersuchungsobjekt - Arbeitsplatz:
C:\
D:\
E:\
F:\

Untersuchungsergebnisse:
Untersuchte Objekte insgesamt: 106599
Viren gefunden: 14
Infizierte Objekte gefunden: 177
Verdächtige Objekte gefunden: 6
Untersuchungszeit: 01:13:21

Name des infizierten Objekts / Virusname / Letzte Aktion
C:\ProgramData\Avira\AntiVir Desktop\TEMP\avguard.tmp Das Objekt ist gesperrt übersprungen
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\aeb7fb219dd5509d689baad6b9c47e1b_d0437dce-1d56-41d1-89fe-da8c55ef2cca Das Objekt ist gesperrt übersprungen
C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.tmp Das Objekt ist gesperrt übersprungen
C:\ProgramData\Microsoft\Windows\DRM\drmstore.hds Das Objekt ist gesperrt übersprungen
C:\Qoobox\Quarantine\C\Windows\System32\drivers\MSIVXrbobgetuwnpphbuietwtwbjmionxvcsu.sys.vir Das Objekt ist gesperrt übersprungen
C:\Qoobox\Quarantine\C\Windows\System32\MSIVXxpglocvfnkgmrtpjtuqvmiivtmxipprs.dll.vir Infizierte Objekte: Trojan.Win32.Agent2.kug übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Windows Media\11.0\WMSDKNSD.XML Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Business Contact Manager\MSSmallBusiness.ldf Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Business Contact Manager\MSSmallBusiness.mdf Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Feeds\Aktuelle Meldungen des Medienmagazin DWDL~dde~.feed-ms Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Feeds Cache\index.dat Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Das Objekt ist gesperrt übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/09 Nov 2005 07:39 from marce.zuzan@az-investment.de:Re: Re: Mess/message_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/10 Nov 2005 07:52 from laenne42@freenet.de:Re: Your text/your_text.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/11 Nov 2005 07:33 from arnold-estrich@t-online.de:Re: My details/my_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Nov 2005 09:49 from info@connatura.com:Re: Word file/document_word.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Nov 2005 09:56 from kat.postillion@gmx.de:Re: Your music/mp3music.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Nov 2005 07:30 from aerosea@01019freenet.de:Re: My details/my_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/30 Nov 2005 07:44 from bnaumann@autoaktuell.de:Re: Your picture/your_picture.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/01 Dec 2005 07:38 from edgar.hartmann@infraserv.com:Re: Hello/your_picture.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/05 Dec 2005 09:49 from patickvolz@web.de:Re: Your music/mp3music.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/06 Dec 2005 07:34 from zauberinnen@aol.com:Re: Your music/mp3music.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/07 Dec 2005 07:34 from irottsahl@quoka.com:Re: Your bill/your_bill.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/12 Dec 2005 09:57 from kalle1976@freenet.de:Re: Your details/your_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/13 Dec 2005 07:27 from helmrich-kai@gmx.de:Re: Details/my_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Dec 2005 07:34 from rezeption@domhof.de:Re: Excel file/document_excel.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Dec 2005 07:38 from info@ina-warehouse.de:Re: Hello/your_picture.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Dec 2005 13:37 from 2pac4ever@web.de:Re: Re: Document/your_document.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/16 Dec 2005 07:49 from roulettespielbeteiligung@yahoo.de:Re: You/your_website.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Dec 2005 09:59 from karl.amberg@gmx.de:Re: Re: Thanks!/document.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Dec 2005 12:06 from schneckm@onlinehome.de:Re: Your software/application.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Dec 2005 07:36 from aquafredda@web.de:Re: Your letter/your_letter.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/21 Dec 2005 07:36 from bkoehlings@quoka.com:Re: Hi/your_file.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/22 Dec 2005 07:45 from w_siamlidou@yahoo.de:Re: Your details/your_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/23 Dec 2005 07:37 from darmstadtenglisch@hotmail.com:Re: Re: Doc/your_document.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/27 Dec 2005 07:41 from ilsejanssen@gmx.de:Re: Your software/application.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/28 Dec 2005 07:37 from carsten.breithaupt@gmx.de:Re: Here is the/document_full.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/29 Dec 2005 07:30 from schuy154@aol.com:Re: Here is the document/document_full.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/30 Dec 2005 07:55 from flirtheartonfire@aol.com:Re: Your bill/your_bill.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/03 Jan 2006 07:29 from suske-ammerndorf@tonline.de:Re: Here/yours.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/04 Jan 2006 07:43 from info@ous-vertrieb.de:Re: Your bill/your_bill.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/05 Jan 2006 07:48 from octav@t-online.de:Re: Here is the documen/document_full.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/06 Jan 2006 07:35 from odelo90@hotmail.com:Re: My details/my_details.pif Infizierte Objekte: Email-Worm.Win32.NetSky.d übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/09 Jan 2006 07:47 from reisebuero-tholen@t-online.de:Your passwo/bdmarml.zip/bdmarml.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/09 Jan 2006 07:47 from reisebuero-tholen@t-online.de:Your passwo/bdmarml.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/09 Jan 2006 14:25 from reisebuero-tholen@t-online.de:Email Accou/account-details.zip/account-details.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/09 Jan 2006 14:25 from reisebuero-tholen@t-online.de:Email Accou/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 02:35 from reisebuero-tholen@t-online.de:Your passwo/password.zip/password.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 02:35 from reisebuero-tholen@t-online.de:Your passwo/password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 08:52 from reisebuero-tholen@t-online.de:Your Accoun/zrb.zip/zrb.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 08:52 from reisebuero-tholen@t-online.de:Your Accoun/zrb.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 21:07 from reisebuero-tholen@t-online.de:Your passwo/accepted-password.zip/accepted-password.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/14 Jan 2006 21:07 from reisebuero-tholen@t-online.de:Your passwo/accepted-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 09:23 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip/important-details.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 09:23 from reisebuero-tholen@t-online.de:Members Sup/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 15:28 from reisebuero-tholen@t-online.de:Mstwklbzfa/account-details.zip/account-details.txt .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 15:28 from reisebuero-tholen@t-online.de:Mstwklbzfa/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 21:34 from reisebuero-tholen@t-online.de:Warning Mes/account-info.zip/account-info.doc .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/15 Jan 2006 21:34 from reisebuero-tholen@t-online.de:Warning Mes/account-info.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/16 Jan 2006 15:46 from reisebuero-tholen@t-online.de:Your Accoun/account-report.zip/account-report.txt .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/16 Jan 2006 15:46 from reisebuero-tholen@t-online.de:Your Accoun/account-report.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Jan 2006 03:55 from reisebuero-tholen@t-online.de:Your passwo/account-password.zip/account-password.doc .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Jan 2006 03:55 from reisebuero-tholen@t-online.de:Your passwo/account-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Jan 2006 15:52 from reisebuero-tholen@t-online.de:SECURITY ME/account-details.zip/account-details.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/17 Jan 2006 15:52 from reisebuero-tholen@t-online.de:SECURITY ME/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 03:38 from reisebuero-tholen@t-online.de:Your passwo/accepted-password.zip/accepted-password.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 03:38 from reisebuero-tholen@t-online.de:Your passwo/accepted-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 15:13 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip/important-details.doc .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 15:13 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 21:05 from reisebuero-tholen@t-online.de:Your Accoun/account-details.zip/account-details.htm .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/18 Jan 2006 21:05 from reisebuero-tholen@t-online.de:Your Accoun/account-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 02:44 from reisebuero-tholen@t-online.de:Your passwo/password.zip/password.htm .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 02:44 from reisebuero-tholen@t-online.de:Your passwo/password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 08:22 from reisebuero-tholen@t-online.de:Your Accoun/account-info.zip/account-info.doc .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 08:22 from reisebuero-tholen@t-online.de:Your Accoun/account-info.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 14:05 from reisebuero-tholen@t-online.de:Your Accoun/account-report.zip/account-report.htm .pif Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 14:05 from reisebuero-tholen@t-online.de:Your Accoun/account-report.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 19:55 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip/important-details.doc .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/19 Jan 2006 19:55 from reisebuero-tholen@t-online.de:Warning Mes/important-details.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2006 01:37 from reisebuero-tholen@t-online.de:Your Accoun/durkv.zip/durkv.doc .exe Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2006 01:37 from reisebuero-tholen@t-online.de:Your Accoun/durkv.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2006 08:20 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip/email-password.txt .scr Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2006 08:20 from reisebuero-tholen@t-online.de:Your passwo/email-password.zip Infizierte Objekte: Net-Worm.Win32.Mytob.bi übersprungen
C:\Users\Jens Knossalla\AppData\Local\Microsoft\Outlook\outlook.pst/Persönliche Ordner/Posteingang/20 Jan 2006 16:18 from reisebuero-tholen@t-online.de:MEMBERS SUP/email-details.zip/email-details.doc

[G] c:\program files\quicktime\qtsystem\qtmlclient.dll [PX5: E304F21600022C8C00B7057BCCF3B5003119A954]
[G] c:\windows\winsxs\temp\pendingdeletes\wdscore.dll [PX5: AF21E0CD0069E3AF562903652000D300038E9245]
[G] c:\windows\system32\gpedit.dll [PX5: 56851A2900371B2C82630E4B7B1BDA009DB003AF]
[G] c:\windows\winsxs\temp\pendingdeletes\rasmans.dll [PX5: 9DC35D2600D6369DFAE003149AE365001745914D]
[G] c:\windows\system32\scrobj.dll [PX5: 7B0BAE1C008084B8C05D02649B220100A69929A0]
[G] c:\program files\common files\microsoft shared\dw\dwtrig20.exe [PX5: 9DA1B9B06037FEAFA198062B366C7300ABC7BD89]
[G] c:\windows\winsxs\x86_microsoft-windows-calendar_31bf3856ad364e35_6.0.6001.18000_none_90f0b3cb5ec7bc56\wincal.exe [PX5: 0D03E32000AFAB4DC4610E8E6D85CC0011339BB5]
[G] c:\program files\synaptics\syntp\syntpcom.dll [PX5: DF1D218500066576909D018FDB3C6300E26D5DB5]
[G] c:\windows\system32\imjp10k.dll [PX5: FF783EF3004874FF22430B9AA150E400A4E4D96E]
[G] c:\windows\system32\drivers\mraid35x.sys [PX5: DE8482BE68C3C07B827B004B9A3CA90028DF4D96]
[G] c:\program files\common files\system\ado\msjro.dll [PX5: 32BB3C7B00FF412400A7024013B163006AC27B59]
[G] c:\program files\common files\oberon media\odyssey\2.0.0.29\odyssey.dll [PX5: C7089F212831142B25A3035B8CCE0600011E9A4C]
[G] c:\windows\system32\certenrollui.dll [PX5: 183925CA00A84A7AAC370994EBFC0F00B335BF11]
[G] c:\windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6001.18000_none_062b7e7afe71e492\purbleplace.exe [PX5: 31D3BD5400B2AE041EED0F51A20DEC0026790ECE]
[G] c:\windows\winsxs\x86_microsoft-windows-tabletpc-inputpanel_31bf3856ad364e35_6.0.6001.18000_none_118f15c677824d1e\tabtip.exe [PX5: 4D38A48E006BE70294CE04113322F50043D00A60]
[G] c:\program files\gamenext\adventures of robinson crusoe\uninstall.exe [PX5: 0065279300D8E1130A430334571D8800157D6401]
[G] c:\windows\system32\iassdo.dll [PX5: E08D25B800BB2AC2DC8603F273CEDF0009A63687]
[G] c:\program files\quicktime\qtuipanelcontrol.dll [PX5: 9FFA24AC0033F70B6025057EC5255C00A060CC0B]
[G] c:\windows\system32\imapi2fs.dll [PX5: 41C0307600ECA96F56D00AE9ED9F98006CEF2016]
[G] c:\program files\quicktime\qtsystem\qtjavanative.dll [PX5: 870B0D0900298C36207507B5B87B2600278D00CA]
[G] c:\windows\winsxs\temp\pendingdeletes\netapi32.dll [PX5: BBBAF2A900FF0551207D07432A7625002239C50A]
[G] c:\windows\system32\presentationnative_v0300.dll [PX5: 1280927680164D98E33C0B94C3624900999C11AF]
[G] c:\windows\winsxs\temp\pendingdeletes\srclient.dll [PX5: 276A55240052D7B7A0E500A442784F00AC050299]
[G] c:\program files\common files\microsoft shared\web server extensions\40\bin\fpmmc.dll [PX5: 84151F7F37E33D1D200B090D25EABC00D3670CBD]
[G] c:\windows\system32\btwnamespaceext.dll [PX5: C2276BB300163792E04E097796E775008EB5EA37]
[G] c:\windows\helppane.exe [PX5: ECACFD2100B626849A8507102CFE77006616DC38]
[G] c:\windows\system32\iasmigreader.exe [PX5: 8CC0D12400C2DE0B14AE073B204F2C004D51091D]
[G] c:\windows\system32\drivers\wudfrd.sys [PX5: 7583BC37800C9687454E0193AA57C900B53C501C]
[G] c:\program files\common files\system\ole db\msdaipp.dll [PX5: 0C3581A1000C476980740839F96CF70060454C51]
[G] c:\program files\adobe\reader 8.0\esl\aiodlite.dll [PX5: 18CF7C0C00B09E5A60F801A215166F0008E2755F]
[G] c:\program files\windows collaboration\wincollabfile.dll [PX5: 5D06004D002B36318036027917580F00EA36D8D0]
[G] c:\windows\system32\wbem\wmipdfs.dll [PX5: 5D8DEAEA00B15DCA9C6500A3157A500086C742A5]
[G] c:\windows\winsxs\temp\pendingdeletes\advapi32.dll [PX5: 4556F5FC00A750D9305C0C1A92B46D0095A303BD]
[G] c:\windows\system32\iasmigplugin.dll [PX5: 6BFADFDB00E39E82EE5906FCA0C9D2002DA5AC30]
[G] c:\windows\system32\drivers\viac7.sys [PX5: 1676EA05005497F0A22F002BC616560079DED4B6]
[G] c:\program files\samsung\playcamera\playcamera.exe [PX5: AA5721F7A8FB9E825C690B14F6FB7500F1C75853]
[G] c:\windows\system32\btwapplext.dll [PX5: F7907FB800EB145230C1059F4E3D4F00078BDFCE]
[GP] c:\windows\ehome\netbridge.dll [PX5: 507CF1AC0024E150302A01E4F52BB1003D1B41DC]
[G] c:\windows\system32\mapi.dll [PX5: 8FD1B5C920AAA3E5FE3707B6FD82F000963FFF15]
[G] c:\windows\system32\clvsds.ax [PX5: 5EB29F830028F9BAE0D307777CE34C0020F700B2]
[G] c:\windows\ehome\ehchtime.dll [PX5: 28977C27007D56BE28D101BAB21B37001D4F04AB]
[G] c:\windows\system32\rtcom\rtcomdll.dll [PX5: 7809F0AE00E016F740AC083B135FFB00F4A6ABE1]
[G] c:\windows\system32\halmacpi.dll [PX5: 4F0196E3E8199835B3F802D1869E9D0002471F06]
[G] c:\program files\common files\divx shared\dpl100.dll [PX5: E052559F00FC6E1660DD010FB3382C008C06B6B2]
[G] c:\windows\system32\rasmontr.dll [PX5: 1F160BFB003C37EA5E96021ED090D90043C6F608]
[G] c:\program files\common files\system\ole db\msmdcube.dll [PX5: BD6764430089763F1884049545462700E45476BD]
[G] c:\windows\winsxs\temp\pendingdeletes\tcpmon.dll [PX5: EF08D39E00167DBF1068028787DE22001470336B]
[G] c:\program files\windows journal\mspvwctl.dll [PX5: AA0A42C90011070F64A90743901FDF007DE3F956]
[G] c:\windows\system32\ime\imetc10\imtccfg.dll [PX5: 3E2806C2009AD1329A6B024D00F53D004A66F646]
[G] c:\program files\samsung\samsung update plus\suphelp.exe [PX5: 0AD632D8A85063C3BEA9046B2FBD7800B312BFF4]
[G] c:\windows\winsxs\temp\pendingdeletes\rsaenh.dll [PX5: 3703545938D4A857B4D103B42BAB7100215BEE9B]
[G] c:\windows\system32\slui.exe [PX5: C2FD0A2D00F355FC862405EC0E5EE90041ACB413]
[G] c:\windows\winsxs\temp\pendingdeletes\dnsapi.dll [PX5: C722935F0085B190888402C45559D20065B3E472]
[G] c:\windows\system32\wbem\wmitimep.dll [PX5: 7799E02E00BF4101AA7A001E28896400BB663187]
[G] c:\windows\system32\gpresult.exe [PX5: 10796B73000CFC24F42D01572CF75D00E20113F5]
[G] c:\windows\system32\rmactivate_ssp.exe [PX5: 8C35BCB20038BBA74CF605CE0F9BD000355BAB11]
[G] c:\windows\winsxs\temp\pendingdeletes\mfplat.dll [PX5: 4A7F6F530052A22730C903BA5FDB5F00C4FF7461]
[G] c:\program files\cucusoft\ultimate-converter\filter\ff_libfaad2.dll [PX5: 4550D7970012D772C0CF03ABCF2E1B00949AD835]
[G] c:\program files\common files\system\ole db\msmdcb80.dll [PX5: FA693E6BE879908CAA6603E18C8F9C00C1E05BD3]
[G] c:\windows\winhlp32.exe [PX5: 197E1DD50068FA8D24EF003ECF0A3F00AB5839D5]
[G] c:\program files\itunes\itunesphotoprocessor.exe [PX5: 85362F3328DAA1760B73043EB4521300784563DA]
[G] c:\windows\system32\msdtcuiu.dll [PX5: 884D12AD00826A57489F03ABE3D6CC0000131644]
[G] c:\program files\common files\system\msadc\msdarem.dll [PX5: 591547900047295A7081029220E0AE0067E5F750]
[G] c:\program files\common files\microsoft shared\ink\ipsplugin.dll [PX5: 3132383E0093916D0E38016074DDAD006AAB211A]
[G] c:\program files\common files\microsoft shared\ink\tabskb.dll [PX5: 5BCA18AB00E01461485202FE15F8AD0098B6A88A]
[G] c:\windows\winsxs\temp\pendingdeletes\wsdmon.dll [PX5: 8A8766A4007CEC6FB63F02E5C99612007F9E9B6C]
[G] c:\program files\bittorrent\bittorrentie.2.dll [PX5: A8E0DE0E0800666F96D7043FE0C1A5005168A205]
[G] c:\windows\system32\msrdo20.dll [PX5: E3282BB2006B135000CA063B20242D002524F292]
[G] c:\windows\system32\wpdwcn.dll [PX5: 2893665900A9D3091C79039B29ECDB000956D7DE]
[G] c:\windows\system32\xwreg.dll [PX5: AC538A4F00C0BA5336AA013ABC6A4A00E3428F80]
[G] c:\windows\system32\xwizards.dll [PX5: B822B0C1006405E5861704A1FFBE620096CB5E2D]
[G] c:\program files\windows media player\wmlaunch.exe [PX5: 73F7F9760097CC3FA4F60365F7DC33007EF125D7]
[G] c:\windows\system32\drivers\btwavdt.sys [PX5: D48BC35928EF4CB33CD30187C5938600F78DDDB2]
[G] c:\windows\winsxs\temp\pendingdeletes\shsvcs.dll [PX5: 0FEFF60100AF1F45C60A03B75C1DE80001A4D96B]
[G] c:\program files\adobe\reader 8.0\reader\adobe_epic.dll [PX5: EBFC90EF00B2AE44487403F6310B3700DEB975C3]
[G] c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18000_none_f261ec400d1da6d8\moviemk.exe [PX5: 1B1EB7060005E41B4ADB023B3C2E070033F55C85]
[G] c:\windows\system32\halacpi.dll [PX5: D303402AE82B952325370233211EDA0060F8012F]
[G] c:\windows\system32\rtcom\rtlcpapi.dll [PX5: 9FEE53AD00D65604009502FD7F324800B0E21654]
[G] c:\windows\system32\atmfd.dll [PX5: 21AF4E13005471546CA404CF04418000180995CD]
[G] c:\program files\microsoft sql server\90\shared\sqlwtsn.exe [PX5: 9F31A77A2000D81F6B38017C5DAA13000E950294]
[G] c:\windows\winsxs\temp\pendingdeletes\iertutil.dll [PX5: D5D890FC0087CEBA22B7042A0021090056D55DAB]
[G] c:\windows\system32\wbem\wmipsess.dll [PX5: 213BA16D0021C2EDAA1B00C2D549310023C15D48]
[G] c:\windows\system32\icsigd.dll [PX5: 2FFEB29C001414E7FCBE02B90AC715007BD5FC77]
[G] c:\windows\ehome\ehpresenter.dll [PX5: 1CBB09EE00BCB3A29CA4012080C314003FEADD0B]
[G] c:\windows\system32\msexch40.dll [PX5: DF645F4E00776B65400606B43D7698002F1AD691]
[G] c:\windows\regedit.exe [PX5: 003BD4B8001B2A850E0A02424D192900885A79A4]
[G] c:\program files\common files\microsoft shared\ink\inputpersonalization.exe [PX5: DB4095C60007A30408260335F7EA420095711118]
[G] c:\windows\system32\drivers\umdf\wpdrapi2.dll [PX5: 312671F08829810E6BCF032C11DF730075A0C7EC]
[G] c:\windows\winhelp.exe [PX5: CE4758B5C0C4ECDAE8CA0334867F300024AD41EB]
[G] c:\program files\itunes\itunesadmin.dll [PX5: 79D1C21E2848122DDFD705EB51524F0003DB6A48]
[G] c:\windows\system32\drivers\uliahci.sys [PX5: 54316D06381D7CE2A48503F8FB559A00E57220A8]
[G] c:\windows\system32\drivers\pcmcia.sys [PX5: 128BDF0538B75E7ABC6D02B71B941F00C10A9318]
[G] c:\windows\system32\fsquirt.exe [PX5: 2A1EEE030094231AC681027322A45F00F38797A4]
[G] c:\windows\windowsmobile\wmdhost.exe [PX5: 218801A7886020BDC57A00E4346BCC00FBA57E61]
[G] c:\windows\ehome\ehvid.exe [PX5: 975F15F300073980E0430315EE708600C0F93BFA]
[G] c:\program files\windows collaboration\wincollabpres.dll [PX5: F431FC0A007AD4A9766F03729DFD560033BD45C0]
[G] c:\windows\system32\ime\imejp10\applets\imjpskf.dll [PX5: 5C2CBBBA001013A65A4103244924BB001B90359A]
[G] c:\windows\winsxs\temp\pendingdeletes\ncrypt.dll [PX5: 9DE339CB008F76C31E4E03FFB78CC2004431A703]
[G] c:\windows\winsxs\temp\pendingdeletes\eapphost.dll [PX5: D01C07520098E99BC6D7021BDFB6B700AEFBFB69]
[G] c:\program files\samsung\ebm\easybatterymanager.exe [PX5: 967D94CB00099161A0BD0216A47A630054F07B19]
[G] c:\windows\system32\drivers\adp94xx.sys [PX5: 5B0B3DC63817CDF4740106848B1DD8006F031F65]
[G] c:\windows\system32\drivers\bthport.sys [PX5: 0C6E8C3C00BF04BF5C870325D13984004A3E7E0C]
[G] c:\program files\common files\microsoft shared\triedit\triedit.dll [PX5: 2DCC50A66B1709CC203903EE64BDA300D9D4D4D3]
[G] c:\windows\windowsmobile\inkstore.dll [PX5: 9F80169A88008030737A0225C8B2C600EB4CC4B0]
[G] c:\windows\system32\cdg.dll [PX5: F5213E3000FC633C90860597A6F78900E80E8E5F]
[G] c:\windows\system32\drivers\elxstor.sys [PX5: F34169F638DD6FB53A4F050A311B55009664AC42]
[G] c:\windows\btwieproxy.exe [PX5: C0F5E1D728AD286E5AED04408A64AA005A44E457]
[G] c:\program files\common files\speechengines\microsoft\tts20\msttsdecwrp.dll [PX5: D69228F1003AEDCCB81C0093DC4BCC006D54A5CE]
[G] c:\program files\common files\system\ole db\msolapui.dll [PX5: A45C468D0011D586601E03553F3A760080EBA1DD]
[G] c:\program files\common files\divx shared\dpu11.dll [PX5: 11B9EC3800DEA37280BA049326036C00ECDF362A]
[G] c:\windows\system32\drivers\arcsas.sys [PX5: 9FDA9EFA38EE5F1438F201345BA53800AB35F6ED]
[G] c:\windows\windowsmobile\outstore.dll [PX5: AEA2EA8888A6630B2157046E723DCF008B2444AE]
[G] c:\windows\winsxs\temp\pendingdeletes\smartcardcredentialprovider.dll [PX5: C35465EF007FFB9D0C1102928B407E008BD862CE]
[G] c:\program files\common files\speechengines\microsoft\tts20\en-us\msttsfrontendenu.dll [PX5: C97667B600B0E981308004404F93F200DC6400C4]
[G] c:\windows\windowsmobile\legacysyncengine.dll [PX5: 0265143E88FEAF727DA80329C0CD5E00A514F410]
[G] c:\windows\system32\drivers\hdaudio.sys [PX5: 2567F97000641336982D0323E95F4B003CCA89B6]
[G] c:\windows\system32\igfxdev.dll [PX5: DEA7C9D800541B4330600384F7AA6000EEA3C138]
[G] c:\windows\system32\wbem\wbemdisp.dll [PX5: 55CDB78A0042D8A6E22E02E11F193700C1C9809F]
[G] c:\windows\system32\dpapimig.exe [PX5: D173DBAE007795C036C906D155BB1200F3D7D1B8]
[G] c:\program files\itunes\itunesoutlookaddin.dll [PX5: A1E3A256005FBC735A5A04D6DDE01B0048305C56]
[G] c:\windows\winsxs\temp\pendingdeletes\bthserv.dll [PX5: ACD983D4009CDDF19C3000F09204390057E757BF]
[G] c:\windows\system32\drivers\wpdusb.sys [PX5: F071458E009D3AA49C5900DC61506700E635605C]
[G] c:\windows\system32\drivers\serial.sys [PX5: 45F3CDEB00DDE4A946F30177C7C5DF0064ABF0A2]
[G] c:\windows\system32\fdeploy.dll [PX5: 603C5014005C56DAD2A200804BC92E00873FF728]
[G] c:\windows\ehome\mcx2prov.exe [PX5: E10A6FFD009E9C7E444E011589D42D0021503B34]
[G] c:\windows\system32\iscsiexe.dll [PX5: 67F8A21100C1C72AB42101504F43FC00C278335D]
[G] c:\windows\system32\wpdshextautoplay.exe [PX5: 3C71E432008C961F76F0004889F5DF00A718B22D]
[G] c:\program files\divx\divx codec\config.exe [PX5: EB747D0200BE07A510450124E9C50000C5D51B63]
[G] c:\windows\system32\auxiliarydisplaydriverlib.dll [PX5: BFFAC14C002EFB66C224010566C01100BC8251AA]
[G] c:\windows\system32\ime\imesc5\imsccfg.dll [PX5: 8B9060C100D5134FE6C9013801B7D400A42DD304]
[G] c:\windows\winsxs\temp\pendingdeletes\ntmarta.dll [PX5: 24AB43F100CB0716DA0601525DBE1A002DA6738C]
[G] c:\windows\system32\wbem\wmipicmp.dll [PX5: 40C3DB4E000782293C7C01E4B414510051CA10A5]
[G] c:\windows\msagent\mslwvtts.dll [PX5: B107429B00371FDCB08100C7A9F6F60090A2A905]
[G] c:\windows\system32\wbem\wmicookr.dll [PX5: 34611CF400A2BF0E24AA01AD7E4980001C8F522B]
[G] c:\windows\system32\drivers\gagp30kx.sys [PX5: FF176F2B38489706F0730050AEF4CE00C2141C03]
[G] c:\windows\system32\chajei.ime [PX5: 62747AC400D6312BE896010F8883A9005F472F21]
[G] c:\windows\winsxs\temp\pendingdeletes\feclient.dll [PX5: 040C5D3F00697D3AD4D000B18BC2DF0013CD23BF]
[G] c:\windows\system32\msstdfmt.dll [PX5: 258156BE303C44BFEBD401218D72090087A3B12F]
[G] c:\program files\openoffice.org 3\basis\program\ooofiltproxy.dll [PX5: 5545AD4F00C624695AAD01503F5FFF004A00179A]
[G] c:\program files\common files\intel\wirelesscommon\imfrmwrk.exe [PX5: 1B8069AF08FE13681999019D13577A0084B426F5]
[G] c:\windows\system32\signdrv.dll [PX5: 5A6BA9C500245CB6A49900B0E15FA000A0E1C554]
[G] c:\windows\winsxs\temp\pendingdeletes\rtutils.dll [PX5: 2E3C4F1600830C988E6100D2CBCF3200FD5B68DE]
[G] c:\windows\ehome\mfcongestioncontroller.dll [PX5: B6FFB9AC001719DC644D0151AAD14400EC64FCFA]
[G] c:\windows\twain.dll [PX5: 9CE3A6BE4000D2307219010A9A3E420029D50D57]
[G] c:\windows\system32\quicktime.qts [PX5: 0CE653DB00AAF9AAE03B00C8F50CD200604A0886]
[G] c:\windows\system32\drivers\adpu160m.sys [PX5: 76C972DC3888D0618CEA0129BC8E28003F023439]
[G] c:\windows\system32\quick.ime [PX5: BE5E28DC00ACFB25E862011AD07DE4000D111231]
[G] c:\windows\system32\fdwsd.dll [PX5: CDA79B0300980101061201D54A881C00665FD744]
[G] c:\program files\divx\divx converter\mtw178.ddc [PX5: 323DE3F800C85A77E062004A1A8CEF00CBCAECBE]
[G] c:\windows\system32\drivers\1394bus.sys [PX5: 4C81B7DF800CDB7DD0F1004B76BA16003D440302]
[G] c:\windows\system32\drivers\sisraid2.sys [PX5: DEF1F23B38922ADFA05800555686CD000D24CDCF]
[G] c:\windows\system32\phon.ime [PX5: 7A5B1838008DA3D8E89501A8960DF00039886684]
[G] c:\windows\system32\drivers\parport.sys [PX5: FAECA1F20035B98B36870111BBC59C0099379B0E]
[G] c:\windows\ehome\mcxdatapath.dll [PX5: 0907945A000A3A0B2C3801B8BF3F4200571EEFB0]
[G] c:\program files\widcomm\bluetooth software\bin\btwmpplugin.dll [PX5: 811FAA0A00C849EDD02002C062412F0067E731FC]
[G] c:\program files\common files\mssoap\binaries\mssmo.dll [PX5: 4ECD09220092B0CE701D0160C18D4A0052E92E7E]
[G] c:\windows\system32\esentprf.dll [PX5: 070898A00045FB0A8EF10079A8F82000C328C59D]
[G] c:\windows\system32\drivers\dxg.sys [PX5: E0D7EDFD00B05AE72AEF016483F95200E618EB1A]
[G] c:\program files\quicktime\qtsystem\quicktimestreaming.resources\de.lproj\quicktimestreaminglocalized.dll [PX5: A6958F8300753D3FD06A00C4B700760041A66E73]
[G] c:\windows\system32\drivers\hpcisss.sys [PX5: E573F9663891FC639E4C006BB2670D001F2BC770]
[G] c:\windows\system32\setup\pbkmigr.dll [PX5: 626A55AC009834A6EA2D0165E31FA100232297DA]
[G] c:\windows\system32\wbem\wmiaprpl.dll [PX5: DCC9898A00AF420A604601C25F3EBC00801EE6C7]
[G] c:\windows\windowsmobile\assvreng.dll [PX5: AEC6279D88951992B5D100EC1EA6FB0072DDBEB8]
[G] c:\windows\system32\wiavideo.dll [PX5: 68386C9300FF6A4EACFE01A695234500BD78816E]
[G] c:\program files\cucusoft\ultimate-converter\dataext.dll [PX5: 8413A09D5A574966B04300E41577230094A980DA]
[G] c:\windows\system32\drivers\wudfpf.sys [PX5: 02F7006F00D82262C82400D39B918B007E9006A9]
[G] c:\windows\system32\vsflex3.ocx [PX5: 2239466E0005BB8470C403BD9F60D30065141EAB]
[G] c:\windows\system32\qsvrmgmt.dll [PX5: A113157F00E3FFD0402C01CC6D14220064DFD420]
[G] c:\windows\system32\iaspolcy.dll [PX5: E51A8BFD002CC9BA84B8004F06D33B004189A24A]
[G] c:\program files\common files\microsoft shared\ink\ipsoptinsrv.exe [PX5: FE08EEF900070FAC70A502A1955C6F007E2476A5]
[G] c:\windows\system32\packager.dll [PX5: 6198BC8200A34064083C012E2FE9CC005C725272]
[G] c:\windows\system32\drivers\i2omp.sys [PX5: 0418C9EA386B77F6762F002C0E6C4D003CE303AF]
[G] c:\windows\system32\mssha.dll [PX5: 9D8C2D790089B2E4966D0226EECD8C00ECB6F8A3]
[G] c:\windows\system32\qintlgnt.ime [PX5: 12D596D300C58CACE83701178802D000244597FD]
[G] c:\windows\system32\bidispl.dll [PX5: 71F24265007892CA84A6007439D6AB00D6F72DF3]
[G] c:\windows\system32\drivers\amdagp.sys [PX5: 2D9599A838D30487E0EC00F35EBA7C00E563E2BD]
[G] c:\windows\system32\drivers\ulsata.sys [PX5: F7EBFEE26899CCB1800401E69B9C2D00449B11B0]
[G] c:\windows\system32\logman.exe [PX5: 54C45495005A5E1CE04C0010A0BD60007B188DDA]
[G] c:\windows\system32\eapqec.dll [PX5: 0F9FD7EE00D76C8808E2013453B5080028F4AAF2]
[G] c:\windows\system32\cintlgnt.ime [PX5: 82ECE46200077B93E8FD01661DB42C0047FABA52]
[G] c:\windows\system32\msltus40.dll [PX5: 60E6C0AC003E3245B0F403266BDE13006BABB81D]
[G] c:\windows\system32\iasacct.dll [PX5: EEBCD21D00A357B5E62900F83C3CF200B1901212]
[G] c:\windows\system32\ime\imekr8\imkrapi.dll [PX5: 1D876BD800F90614BAB201E6E81E1B00F4C99ECD]
[G] c:\npbittorrent.dll [PX5: EC22261948D36BFDD516001A4EB930007D232552]
[G] c:\program files\common files\microsoft shared\ink\tpcps.dll [PX5: 984E46FB006E0A6D9C4500E87B7B81004ADBC031]
[G] c:\windows\system32\drivers\rdpwd.sys [PX5: 323CF2900077AB06C25802C4AE406400F86ED371]
[G] c:\windows\winsxs\temp\pendingdeletes\winscard.dll [PX5: 0E86F6A3008D34CCC2B901CF6BFB8700E0573CF9]
[G] c:\windows\winsxs\temp\pendingdeletes\smss.exe [PX5: 08C1C5050055EB4BFA850047E0E8940026DDC64C]
[G] c:\windows\system32\drivers\hidbth.sys [PX5: E080E1EA0047066572D900BE0819C400E4DC9C5A]
[G] c:\windows\grep.exe [PX5: 3135F7601CE57F623A270192F3A51400FAF55654]
[G] c:\windows\system32\cmmon32.exe [PX5: 5800CA3C00DE7A77C04500B98DC5B900B863D423]
[G] c:\program files\quicktime\qtsystem\quicktimeaudiosupport.resources\de.lproj\quicktimeaudiosupportlocalized.dll [PX5: A6958F8300753D3F106A01C4B7007600777A887C]
[G] c:\windows\system32\l2sechc.dll [PX5: 3ACBC6700088DCB6F08301E89749AF0012272DEB]
[G] c:\windows\system32\wbem\stdprov.dll [PX5: 5B0C69F70095106780050161517C8C00641689C9]
[G] c:\program files\common files\apple\mobile device support\bin\outlookchangenotifieraddin.dll [PX5: B8118A95004F2295B0C401886EBAE300564FC4F9]
[G] c:\windows\system32\apphlpdm.dll [PX5: B2CC305F000DAF9C706F001270DCD600AB663064]
[G] c:\windows\system32\igfxtmm.dll [PX5: F982E4A2000451ABF0F600F7F862FF002246F428]
[G] c:\windows\system32\drivers\hidir.sys [PX5: A745FC9A00DE46E754E50068BB643000F12D749E]
[G] c:\windows\winsxs\temp\pendingdeletes\fwremotesvr.dll [PX5: 1C7D6A2100B5F2CD70DA0041878E5D001ACE0367]
[G] c:\windows\system32\tstheme.exe [PX5: 98697712008B188096F2001408DC4E00F672E63D]
[G] c:\windows\system32\perfts.dll [PX5: 37B3F8B500C525B2444B0023FC033A008FE2A7A7]
[G] c:\windows\winsxs\temp\pendingdeletes\winrnr.dll [PX5: 7D4034320035BF2A4EF00081E6E6D500B2DC178D]
[G] c:\windows\system32\drivers\vgapnp.sys [PX5: A287A59C006A75A866A100F7A4EA6C00DFBDD99A]
[GP] c:\users\jens knossalla\desktop\prevxcsifree.exe [PX5: 63FE75A53822E6D202F00CE455A0B500FABBA26D]
[G] c:\windows\system32\winsockhc.dll [PX5: 47310503000D5669BE8200709471B30063837A7A]
[G] c:\windows\system32\mapisrvr.exe [PX5: 708E326A1087B106A1EE00CACCF96D00A4681367]
[G] c:\windows\system32\drivers\gearaspiwdm.sys [PX5: F75751DF6867442F5BCA007992201500CD721641]
[G] c:\windows\ehome\ehcyrtt.dll [PX5: 2837605F0089BD8462EA007791286600DAF51201]
[G] c:\program files\avisynth 2.5\uninstall.exe [PX5: 2FFD3841708449E38AF600E2504864004043A1A7]
[G] c:\windows\system32\drivers\msahci.sys [PX5: F3A5985F38BC6FDF704700E95BD1B000EA2483F0]
[G] c:\windows\system32\acppage.dll [PX5: 6BA9187B00E9B62898E60016A8E9C1002B023CFC]
[G] c:\windows\system32\dssec.dll [PX5: 62F8A6F7002C41CFACC4000BB6AB28007B23CAF7]
[G] c:\windows\system32\gpupdate.exe [PX5: 9D636FFB007491E64264002E36DCE3002F445BA3]
[G] c:\windows\system32\mcx2svc.dll [PX5: 7774DE3C00C6AD53D22800AE4E377100304FFFBF]
[G] c:\windows\system32\drivers\mbam.sys [PX5: 14052C179834FA4B4A900016A99D6D00696E70D9]
[G] c:\windows\system32\drivers\wacompen.sys [PX5: B28BBEA1808A5B71504B0020E5660A00F622429D]
[G] c:\windows\system32\drivers\fdc.sys [PX5: F6283C7200093F406208005273845C005E7798C1]
[G] c:\windows\system32\drivers\mbamswissarmy.sys [PX5: 980187E6E004A2499C37002917ED4200476D887B]
[G] c:\windows\system32\iscsilog.dll [PX5: 727D917A0060CC5C40B500344506270072580F19]
[G] c:\windows\fveupdate.exe [PX5: 02D44EFE003CBA04344D00C11D4D9F0010716257]
[G] c:\program files\windows media player\wmpenc.exe [PX5: 9655479F004FA2D95CE30054CEF87800511FA3B2]
[G] c:\windows\system32\drivers\wd.sys [PX5: 86C95C38385D080756E600FEC27A2B008742B3BF]
[GP] c:\fraps\fraps.exe [PX5: B96B45AF00A3F7BB64C7007883F19F00DB02F6DD]
[G] c:\windows\system32\drivers\megasas.sys [PX5: 57805BEF388C56957AE80073D0876400947A347B]
[G] c:\windows\ehome\ehcett.dll [PX5: 6097D773006F21DF608B00605B3393002885CE8E]
[G] c:\users\jens knossalla\appdata\local\temp\askinstallchecker.exe [PX5: C232A3C588C6EC16D581000DDF30DE00DDE4DBFA]
[G] c:\windows\system32\format.com [PX5: CC59CC9F0044B1EB8A480080E4074300A2AE6AC7]
[G] c:\windows\system32\pnrpperf.dll [PX5: 732B31F7006904824A440087E14CF00085D908C2]
[G] c:\windows\system32\cbsra.exe [PX5: A1BFBBE700B07762AC0A002351FE3C00D47FE678]
[G] c:\program files\avira\antivir desktop\rctext.dll [PX5: 64421B3301CF604D575101F6172AD7000A70F5B1]
[G] c:\windows\system32\wsqmcons.exe [PX5: 99E0AE0D00825F99EE380275A377E100E101E6D1]
[G] c:\windows\system32\winhttp.dll [PX5: 337C86600023EE38BC1B05A1C33D9E00BE0BA700]
[G] c:\windows\system32\schtasks.exe [PX5: 42F9EB3E007A117F50F502A40BC9A500D9E9691B]
[G] c:\windows\system32\netapi32.dll [PX5: 1418E73000226BFC220A07577587BC006ED61E2A]
[G] c:\windows\system32\rsaenh.dll [PX5: 2E63ACACE891ACF9AD38034DB935B20058E7E8B8]
[G] c:\windows\system32\propsys.dll [PX5: E120283F0088C86684C80BC6E5D60B00DFD3AD2B]
[G] c:\windows\system32\authz.dll [PX5: 1AB3E5810064C49138020182AFC44D0068688085]
[G] c:\windows\system32\ntmarta.dll [PX5: 90F93BB0003CCB04DAD401A5241952003DA85026]
[G] c:\windows\system32\nlsdata0000.dll [PX5: 2013B4520009A3CB407F177777435400D82B8258]
[G] c:\windows\system32\urlmon.dll [PX5: CF0DE0180092AE41D2B7119092F215003ADE05E5]
[G] c:\users\jens knossalla\appdata\local\temp\pxinstall109.exe [PX5: 0418016438820A3DAA8842C335276F00FC6A1BE9]
[G] c:\windows\system32\winspool.drv [PX5: 865BDCC30058C930F0F103174DB4F700B842BBD8]


End of Prevx Scan Log - http://www.prevx.com

[G] c:\windows\system32\bcmms32.dll [PX5: C7774DFA48EA5F9273BB01B28F2C9C00B6F2D3C9]
[G] c:\windows\swxcacls.exe [PX5: A88EC77C004D09AD3EAD03886C024100562C6F9B]
[G] c:\program files\microsoft sql server\90\com\axscphst90.dll [PX5: A73686E0D870B6BAA6B600E59761B300C75CDAD3]
[G] c:\windows\rtlexupd.dll [PX5: 4BF6B35E00F2E4B5F0FA0702E6A62A00F7052005]
[G] c:\windows\system32\portabledevicewiacompat.dll [PX5: 4D1CFF4E00731B5CE8A00104F4A26D0026EE5387]
[G] c:\windows\agrsmdel.exe [PX5: 112B256040379073C67100072859520062C78646]
[G] c:\windows\system32\wuwebv.dll [PX5: 7855255810673CA37967020606935D00D7AFA03C]
[G] c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll [PX5: 4CBC19FB0092A5A476A30522BAD957003C21027F]
[G] c:\program files\common files\system\ole db\msolui80.dll [PX5: 26C3CFE2387876DC7B540377D8C8480054CAB219]
[G] c:\windows\system32\regtlib.exe [PX5: C9DB071600854E91C09900257B057000850F8A04]
[G] c:\windows\rtlupd.exe [PX5: 6DDC8B810041375140F412A795CED300EB3909C0]
[G] c:\windows\winsxs\temp\pendingdeletes\winspool.drv [PX5: D070AF87008B360DF00003282D548E000940668C]
[G] c:\program files\common files\microsoft shared\sql debugging\ssdebugps.dll [PX5: A72912C9D815E55EE0FC0027CBC740003FA4DB1C]
[G] c:\program files\samsung\easy network manager\helplaunch.exe [PX5: 0AF2F6B200E5FC35902A04E4FBB447008EB600FA]
[G] c:\windows\system32\drivers\rfcomm.sys [PX5: A06F311600FF4E50C68900C6227F3800AC9044AD]
[G] c:\windows\system32\drivers\processr.sys [PX5: 2F0F7E1B00E2D3E3A0790020237BA00026D72AC2]
[GP] c:\windows\nircmd.exe [PX5: 7A13E04900C503117A1800DBA8E1990091A6F065]
[G] c:\program files\common files\microsoft shared\dw\dwdcw20.dll [PX5: F6CF9CD5C8B08B5A9E2C0040253F77004EB0E9F1]
[G] c:\windows\system32\ole2disp.dll [PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7]
[G] c:\program files\quicktime\qtsystem\quicktimecheck.ocx [PX5: 1334BD12304FC0BAC57001BB015F9600CB155462]
[G] c:\windows\system32\drivers\lsi_fc.sys [PX5: BE95277338D46003785501D775AF6F000859A4DF]
[G] c:\windows\winsxs\x86_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_6.0.6001.18000_none_5871c59a9cdacbf3\freecell.exe [PX5: C4BDBF930044C015B40B098AA86C8C00CB13316A]
[G] c:\windows\system32\dot3cfg.dll [PX5: E46868C100A4F96EC2B0005B4B1F6D0006B437AC]
[G] c:\windows\system32\wsmauto.dll [PX5: C9B7D8340087EB7FE44501926A1A1900C4865D3C]
[G] c:\program files\common files\divx shared\qt-dx331.dll [PX5: C9F371530031E58DE000360B1F59620004BE1690]
[G] c:\program files\e.m. dvd copy\unins000.exe [PX5: 7CABF2D31A64C3719DCF0A561A0FFB007CA5CD72]
[G] c:\windows\system32\gearaspi.dll [PX5: F3D182306884FDD9A3D101C770D4E0004C94C4C9]
[G] c:\program files\ccleaner\ccleaner.exe [PX5: 634911CCF0F81086008218247756A5002160B7FE]
[G] c:\program files\total video converter\quicktime.ax [PX5: 5B78CE40007B341E50BA01E70A429600CA6C6412]
[G] c:\program files\openoffice.org 3\basis\program\so_activex.dll [PX5: A0DBF7A20052DF28C4A801555B2A980093A47AB7]
[G] c:\windows\system32\perfdisk.dll [PX5: 04AF795300F33D067C9800F4D68BF500A2932417]
[G] c:\program files\divx\divx converter\converter.exe [PX5: B3AFEF9700A9DAA9C0D21C661ED92D00131E2C0B]
[G] c:\windows\system32\nvwss.dll [PX5: 10F46C1820314F133A8E28BBAA24EE00BD2D1619]
[G] c:\windows\system32\drivers\drmkaud.sys [PX5: FA94CFEC0087AF5A16B4003B3C2E0700C04CA76F]
[G] c:\windows\windowsmobile\asstatusl.dll [PX5: C749CF5E88CDC2B77F8A0064112A0B00C30AED9D]
[G] c:\windows\system32\drivers\amdk8.sys [PX5: 7DF6E80B00631234ACFB00CAE08C2400C9B84235]
[G] c:\windows\system32\drivers\iastorv.sys [PX5: 0C09EE1D38310C8B962603A17B69C700B29F9440]
[G] c:\windows\winsxs\x86_microsoft-windows-s..iuminboxgames-chess_31bf3856ad364e35_6.0.6001.18000_none_74d4a1cd7e673a2e\chess.exe [PX5: 12AF7AA000ED88CCDAC92A96991A9F00C0951FF7]
[G] c:\program files\itunes\ipodupdaterext.dll [PX5: E894E19F0056548AD09709977A10EB00025A333B]
[G] c:\program files\quicktime\qtsystem\quicktimeupdatehelper.exe [PX5: C68996B300F6E49670FD02B7AF9D000051D6D1E6]
[G] c:\windows\system32\mscandui.dll [PX5: F67A334A001EAD95563303C265ECB100DBC0EEBB]
[G] c:\windows\system32\laprxy.dll [PX5: FD5EEB690065E392267A004F9C14360056DADAF8]
[G] c:\windows\winsxs\temp\pendingdeletes\wsdchngr.dll [PX5: EA55730900CCE1EF5206007F55657D004CA984D6]
[G] c:\windows\system32\scrrun.dll [PX5: F45C1F74002EF7B4A0E102BAE6432400547091B4]
[G] c:\program files\microsoft sql server\80\tools\binn\sqldmo.dll [PX5: CA6C781900209C80906D4548C9F11A00637D47BE]
[G] c:\windows\system32\ime\imekr8\applets\imkrskf.dll [PX5: C54AAC850087D5F7F0AF01C520A09A006121F589]
[G] c:\windows\windowsmobile\certauth.dll [PX5: 4D722026886F61F1A7A602FEF3CEAA00388FB06E]
[G] c:\windows\system32\p2pgraph.dll [PX5: D41EB1E600C3D81CFE8A0411117DD700A873E273]
[G] c:\windows\system32\netcorehc.dll [PX5: 2B24189E00C1F613B62E01240E29870047CA64E1]
[G] c:\windows\system32\shimgvw.dll [PX5: 8B3C80BD009364CCF4EC017DB38BF800CA4A6A1D]
[G] c:\windows\system32\drivers\i2omgmt.sys [PX5: 9D9AB7A238164D8B4A5D00DFE27A310093B680A6]
[G] c:\windows\system32\tomsmocomp_ff.dll [PX5: AAC9A91300AF4F3C001604478CDB240096EC62E5]
[G] c:\windows\system32\proplistctrl.ocx [PX5: 38F890D0007CD194C010011A4394BF00AD05DB69]
[G] c:\windows\system32\tintlgnt.ime [PX5: 8E53B68300A1DBDAECD3016F5F2AD90064EC63C5]
[G] c:\program files\quicktime\qtsystem\quicktimemusicalinstruments.qtx [PX5: E3E12CDD00B8524188611E3B3C2E07002100F7A3]
[G] c:\windows\system32\sdchange.exe [PX5: 7854DC3400552B95449401BBDA267900C12BC91A]
[G] c:\windows\system32\wlanmmhc.dll [PX5: A8B5B40A009B4BA4A21900D1967C1F003CD8BE72]
[G] c:\windows\system32\wbem\vsswmi.dll [PX5: 6B1F870200CF0FB510D60271A24513009194C4FA]
[G] c:\windows\system32\wmpsrcwp.dll [PX5: F515FA5100156101D0C4026316BEC9005B2C8BAB]
[G] c:\windows\system32\l3codecx.ax [PX5: 5EE6C3BC0022166C80A701337C7DF0002DC5AFF3]
[G] c:\windows\system32\vmctrl.ax [PX5: AF7312FC00662DFA800A011C28812300125C7F14]
[G] c:\windows\system32\nvvitvs.dll [PX5: AA3CEF79208265A7CA1B39471EFE5200D7C5CADC]
[G] c:\windows\system32\msxml3a.dll [PX5: 3EE57A0E0011B273603E00398E1D6B008B4E272C]
[G] c:\windows\system32\iassam.dll [PX5: 97A75F2F00B63A27C89E029EECC31000CBE77C0E]
[G] c:\windows\system32\adsnt.dll [PX5: 479C668B0042CB4DEC4303EC4E3CBB001A641C2A]
[G] c:\windows\system32\drivers\lsi_sas.sys [PX5: C86570DA383FBC735E8E01FA23FF8700DF8E2DE8]
[G] c:\windows\system32\drivers\rdpdr.sys [PX5: 310265EF008436BCCC0803DAE1319900EE060B45]
[G] c:\windows\system32\btsendto_office.dll [PX5: 934E460B00BD4309609305ED46947000A3E5A0E6]
[G] c:\program files\adobe\reader 8.0\reader\acrord32info.exe [PX5: 3A30B7D77806BAD93866002FA06503007203D766]
[G] c:\program files\common files\divx shared\dtu100.dll [PX5: 324CDE8E0009610720B503681A6F9C00742C2E96]
[G] c:\windows\twunk_32.exe [PX5: B6446FCC003349417A910098F2BDBC0092D171AC]
[G] c:\windows\system32\touchx.dll [PX5: 21983C4B0079725EA4711F0878874500A91CA1F6]
[G] c:\program files\microsoft games\chess\chess.exe [PX5: 3EAB00B000B0D50C0AE02B1D2CDED9008999E146]
[G] c:\windows\winsxs\temp\pendingdeletes\wmvcore.dll [PX5: FB3CE02300CE5BE16C9224B0F25C2200D4E51376]
[G] c:\program files\microsoft small business\business contact manager\bcmhistoryaddin.dll [PX5: 7136C15148CCFDD347D704FAA03960008C9BBF77]
[G] c:\windows\system32\vmc302.ax [PX5: E9B47AC1008C5EC5B0B507A4B68755003D47940D]
[G] c:\windows\system32\typelib.dll [PX5: C0620321C004C14EB60D020DCCE16200701F9AEA]
[G] c:\windows\winsxs\temp\pendingdeletes\urlmon.dll [PX5: 810A92AC0045DE96CCDC118AEA261A00B623B6E8]
[G] c:\windows\system32\panmap.dll [PX5: DF509F1200F71DDB2A2300B7B2423800F59F0542]
[G] c:\windows\bfsvc.exe [PX5: D86CBE2600277AAEE68D000E37EF7B007C966430]
[G] c:\program files\microsoft sql server\90\tools\binn\sqlmanager.dll [PX5: 66A7569D201B71C5A31007679940B500CA97A652]
[G] c:\windows\system32\drivers\pciidex.sys [PX5: D9CD0FB2383AA014B08B001BFE54DC0069E47FB0]
[G] c:\windows\system32\sqlncli.dll [PX5: 17A13C76580359D1EB2B21E742FC770076A59BD1]
[G] c:\program files\quicktime\qtsystem\quicktimevrauthoring.qtx [PX5: ED2B2261004CBB49605E0BE526D34700A87E2009]
[G] c:\program files\adobe\reader 8.0\reader\viewerps.dll [PX5: B0C52A9A80F62390429000B85505C60050C509AA]
[G] c:\windows\system32\xwtpw32.dll [PX5: DCD7ACAA0004DC307662010EE97AF0000575DDB0]
[G] c:\program files\common files\system\ole db\msolapsl.dll [PX5: A132517B00FE5E0E54EE02413E4F9600D996FEA5]
[G] c:\windows\system32\drivers\megasr.sys [PX5: ACE52A1938A01661E62005C52AD16C0033F904F3]
[G] c:\program files\adobe\reader 8.0\reader\acrofx32.dll [PX5: C9B4EA1700F2C45500B0017A6D07DE00F2D8FC4B]
[G] c:\windows\winsxs\temp\pendingdeletes\spoolss.dll [PX5: D759CD8D00C05C40806C022FBFD66E004A9210EF]
[G] c:\program files\common files\system\directdb.dll [PX5: BC05606F00DF64EF5E41006707FDEF005BD46D6E]
[G] c:\windows\winsxs\temp\pendingdeletes\scesrv.dll [PX5: 847C023E00CD9CD2AC7A04DE2E6BD1005AC2ADCF]
[G] c:\windows\system32\sllua.exe [PX5: 8CA5BB1C002095DAD670028597C6240086960A40]
[G] c:\windows\system32\wpdmtpus.dll [PX5: E9FB8BA30019CEFEEEEA005C3489310045D9F2EA]
[G] c:\windows\winsxs\temp\pendingdeletes\mscoree.dll [PX5: DC4D775C0056291E4EAA0496E6A5F900E88DF2B5]
[G] c:\windows\system32\drivers\sym_hi.sys [PX5: 779D853568AE646D7C8B006B1089D5008151B0B7]
[G] c:\windows\system32\iashlpr.dll [PX5: 7E5859BF002B5D3E14EE01775E80940072A67AF5]
[G] c:\windows\servicing\wrpintapi.dll [PX5: CF255B40001D16232647003B3C2E0700CA4F2B5D]
[G] c:\windows\system32\nvgames.dll [PX5: F6BE0948201FA448EAB53358434888007462E112]
[G] c:\windows\system32\nvdisps.dll [PX5: 1CEEC7CD20F9A120EAD23C0BC3EFDE0001374107]
[G] c:\windows\system32\dsprop.dll [PX5: 36BC17BC007005E21A4502BBD64810002B41855E]
[G] c:\program files\divx\divxconverteruninstall.exe [PX5: 8BBFD9973BC3D6E0BF1507CEBA5295004A87C6EC]
[G] c:\program files\common files\microsoft shared\ink\tabipsps.dll [PX5: 946D20FC00FD5FC34CDC003360AAF80084425468]
[G] c:\windows\system32\drivers\ohci1394.sys [PX5: 716BFE21002C3B35F23400F7713DD9005BF901F7]
[GP] c:\windows\winsxs\x86_microsoft-windows-aero_31bf3856ad364e35_6.0.6001.18000_none_abe3118b19699649\aero.msstyles [PX5: 4BDBD5DC9071EB06148E1380BFC62200453825EC]
[G] c:\windows\winsxs\temp\pendingdeletes\ole32.dll [PX5: 1516A36B00760CCC12B01496CBBF10001122C3F5]
[G] c:\windows\system32\secproc_ssp.dll [PX5: 5C57982600CB8F1C52FF025791409F003D84A002]
[G] c:\windows\system32\drivers\adpu320.sys [PX5: 8DB8DB40380CDF54480002EC60792900E1DC37C1]
[G] c:\windows\windowsmobile\asdsktpeng.dll [PX5: AD746DD188C7E8F4B9FA006844B0B00016038552]
[G] c:\windows\winsxs\temp\pendingdeletes\esent.dll [PX5: 0EDF90CD003DFAB62AC01608B9C385009412AD36]
[G] c:\program files\common files\system\ole db\msdmine.dll [PX5: 73E7EA4AE8FE0D178A951587DDD1BF007682971F]
[G] c:\windows\system32\ac3filter.ax [PX5: AFA287FD00228EE2A02B026C8563C4003C44A79D]
[G] c:\windows\system32\rpcndfp.dll [PX5: 38E0BBBE004B1C22AA5700048FE8EB0054F95272]
[G] c:\windows\system32\setup\rasmigplugin.dll [PX5: 29BABDDC00D37167C24C016E26E48200753656FE]
[G] c:\windows\system32\speech\common\sapi.dll [PX5: 0A0F2C1900B82E1D9CDC11CBE01B1500D9D97A91]
[G] c:\windows\system32\devil.dll [PX5: 4063DB510041A8CFFCEA0A5E2A32BE009220A244]
[G] c:\program files\common files\microsoft shared\ink\inkdiv.dll [PX5: 54FB153A001004D33AC404DF4D92C100EB05796C]
[G] c:\program files\divx\divx codec\divxsm.exe [PX5: B4C531030028C24F109308EA6A65CA004075FF1B]
[G] c:\program files\microsoft sql server\90\shared\sqlsac.exe [PX5: D90D6ADB20E734B9CB0B118E18A80E00A8AFF0DB]
[G] c:\windows\system32\btwizard.dll [PX5: B4D465800079BBDE706B12060B944F00279C6411]
[G] c:\program files\divx\divx converter\gzhf330.ddc [PX5: 1ED348BC005C2560F06A007211E6EA0050589F98]
[G] c:\windows\system32\racpldlg.dll [PX5: D2FDB0D40058FBCDA00F00AFCB6360004035C8A4]
[G] c:\windows\system32\wmpencen.dll [PX5: 3FFC8DC700D02D7B107019BBA2826A00E09B885F]
[G] c:\windows\system32\bcdprov.dll [PX5: 38AF32DC000B769FBC8D003DB6EEB3004817A5CA]
[G] c:\windows\system32\sqlctr90.dll [PX5: 1A6E6691D8DE2D3D026C0189CB4ACC008E67F4FF]
[G] c:\windows\system32\conime.exe [PX5: D7FFEC5600E269780E0B01A1C61E3600B1A9160B]
[G] c:\windows\system32\csrstub.exe [PX5: 50869A5700CE897DB4F800508E8FB80032B3396B]
[G] c:\windows\winsxs\x86_microsoft-windows-s..nboxgames-solitaire_31bf3856ad364e35_6.0.6001.18000_none_751d5a58fbacf66d\solitaire.exe [PX5: 4759604D004F853CD020091D7B28B4004C5E1E18]
[G] c:\program files\quicktime\qtsystem\quicktime.resources\de.lproj\quicktimelocalized.dll [PX5: A6958F8300753D3F306A01C4B70076000F3AB72A]
[T] c:\program files\common files\installshield\driver\10\intel 32\idriver.exe [PX5: 3F3EB5ED00EB0867A04D0B1622AF9E00AC3A3241]
[T] c:\program files\common files\installshield\driver\10\intel 32\idriver2.exe [PX5: 3F3EB5ED00EB0867A04D0B1622AF9E00AC3A3241]
[G] c:\program files\cdburnerxp\nmsdvdxu.dll [PX5: 6CC023DDB8101483E51D1211ACA8A200382A2664]
[G] c:\windows\system32\autoconv.exe [PX5: 05FC97B400E91276061E0AE97895AC000E21D21F]
[G] c:\program files\windows journal\inkseg.dll [PX5: 823DAB7800D3028344BB0A61182A81006FD1334E]
[G] c:\windows\system32\unrar.dll [PX5: 77588F9F0061216E56320202BDC1D90047B22ECC]
[G] c:\windows\system32\compobj.dll [PX5: 7F15D8FD9058C3456C3C00DD4D593D008787B5BE]
[G] c:\windows\winsxs\temp\pendingdeletes\setupapi.dll [PX5: 83571B6700D995FD44AA18AD5D5E4B00EFE5EC75]
[G] c:\windows\winsxs\x86_microsoft-windows-o..calmediadisc-wizard_31bf3856ad364e35_6.0.6001.18000_none_1a8bb8d447e4ec1f\dvdmaker.exe [PX5: F749FED80063324FF45F1DC481EA1800D01D9F44]
[G] c:\windows\winsxs\temp\pendingdeletes\vssapi.dll [PX5: 9B19CCE100AADF916C4C106529FF980060C9AAE0]
[G] c:\windows\system32\softkbd.dll [PX5: 77FBA69F000A8734EC5601E74695CD00EEE18165]
[G] c:\windows\winsxs\temp\pendingdeletes\srvsvc.dll [PX5: C9CAA235009112B8E0230182C5BE3900657C5F99]
[G] c:\windows\system32\tdc.ocx [PX5: 5403CC4900355E0C047D01D4B7E36E0018F543C5]
[G] c:\windows\system32\macromed\flash\flashutil9b.exe [PX5: 47B5B56478BF8B54E6690237A2E9FF00D1B99E8D]
[G] c:\program files\microsoft games\mahjong\mahjong.exe [PX5: 09FFAE730048ABAE7C610AB386A8E70057A961B3]
[G] c:\windows\system32\certenrollctrl.exe [PX5: 6F1EE2780013B86D1A0000AA9BF36100B540D5C2]
[G] c:\windows\system32\divx_xx0a.dll [PX5: AD284E5B0092A92170080CD60B49CE00452EB54B]
[G] c:\program files\divx\divx plus directshow filters\dmfsource.ax [PX5: 32B496DF00EFF2E9107D06F28988A000E22379EF]
[G] c:\windows\ehome\ehchsime.dll [PX5: 38E2B7C5007DE0B4A6831462963B6F00CBD8EE3C]
[G] c:\windows\system32\wbem\viewprov.dll [PX5: 05B54BFF0088C41810F102A0536ED80048F6E62F]
[G] c:\program files\common files\system\ole db\msolap.dll [PX5: 38F219080053994BAC8C168380A86E0031CE6D30]
[G] c:\windows\winsxs\temp\pendingdeletes\wmiprvse.exe [PX5: 2687ECEF0083449EC658034C16A379006B7346DE]
[G] c:\program files\common files\microsoft shared\ink\tipskins.dll [PX5: D0C46741007DBA4DEC851312EEAA92005352EB3F]
[G] c:\windows\winsxs\temp\pendingdeletes\dnsrslvr.dll [PX5: 7F52CAAB00DF484B5225012E2380520015D5C5DB]
[G] c:\windows\system32\cfgbkend.dll [PX5: 39E13B44004B8BB2B8E20004F64D6900F95B0CF1]
[T] c:\program files\common files\installshield\driver\10\intel 32\objpscnv.dll [PX5: 4ACDE0C900B3D8AD800B002DDDE82A007B611394]
[G] c:\windows\winsxs\temp\pendingdeletes\rastapi.dll [PX5: D5EEF720007ADA5910BF019043480800A59EB68E]
[G] c:\program files\quicktime\qtsystem\quicktime.resources\quicktime.dll [PX5: A6958F8300753D3F206A01C4B70076009637A084]
[G] c:\windows\windowsmobile\wmdsyncproxy.dll [PX5: 56690D0788FB5B967B1A0068E0F5CE009F95AEF0]
[G] c:\windows\winsxs\temp\pendingdeletes\authz.dll [PX5: 9C136A0A00A84A0D36FA01544122DD00AA87DA11]
[G] c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_17b18851a49835e5\journal.exe [PX5: 7EF881E800D3D38F3E5B1C574A173900B6C4318B]
[G] c:\windows\system32\ime\imejp10\applets\imjpkdic.dll [PX5: EBB7E7E80032B1B2D676064314CAE7000E5BD5B4]
[G] c:\windows\system32\findstr.exe [PX5: 404D3AF10070A34FEE6A009FC3CB0B00A11A593B]
[G] c:\windows\system32\setup\cmmigr.dll [PX5: F0BD4D51001EDC19DC900008B8EAAA0034B72A6F]
[G] c:\windows\system32\xvid.ax [PX5: 6F68E62000CF5F79B001054789D2CE0035FF3274]
[G] c:\windows\system32\nvmobls.dll [PX5: DFFFBE6B20ED94ED4A2C135A19B2F70049D3573F]
[G] c:\windows\system32\dot3msm.dll [PX5: 584668F4003A5F7F268B0192CD85C90081362292]
[G] c:\windows\winsxs\temp\pendingdeletes\cimwin32.dll [PX5: 232BCAFB00F22FD5D0DC149E9F0DFE0005794080]
[G] c:\windows\system32\licmgr10.dll [PX5: 8A23BCE70076FB6BA4C4009EE4C85900FB8BB5EB]
[G] c:\windows\system32\mfwmaaec.dll [PX5: 71DB9C4D00DDD6BE60B209B31C67D7001204F682]
[G] c:\windows\system32\wbem\wmipdskq.dll [PX5: E73642D70046E363121202B323E2660020231C4D]
[G] c:\windows\system32\drivers\peauth.sys [PX5: 988CD949002FCC1266640D5308EC9F00F15CF075]
[G] c:\windows\system32\networkitemfactory.dll [PX5: 9E1AD5A400C125D49C1C00AAA3E8560041779473]
[G] c:\windows\ehome\ehplayer.dll [PX5: 732F8F5D00BAAD6A40F50408A31C0C0043D99FD9]
[G] c:\windows\system32\rasgcw.dll [PX5: E090253100C343F9CE8C0979BD12880004940B4D]
[G] c:\windows\system32\drivers\marker.exe [PX5: E234689800C8E8C460F0002DDDE82A00D16D5D31]
[G] c:\program files\quicktime\qtsystem\quicktime.cpl [PX5: 54F751AE0014EA67E05F16834FB74B0075D992E6]
[G] c:\windows\system32\bcdsrv.dll [PX5: 3B1D49B100807CC5CC28015A386CDE000CAE6F10]
[G] c:\windows\system32\mfc70.dll [PX5: 9261F223004F40B8E0460E9DBB8B1100EBA4234E]
[G] c:\program files\common files\divx shared\dpus11.dll [PX5: 68E7973B007B8024403B058FCF0E1F0022119152]
[G] c:\windows\sed.exe [PX5: 32B63D37005C3986820E013B062ED9007A77AC9C]
[G] c:\windows\ehome\ehchhime.dll [PX5: 24390D9B0086E371AE46031C61BDA1003A36EE02]
[G] c:\program files\common files\microsoft shared\ink\shapecollector.exe [PX5: AADE73940044DF985C230E31426627003FF661EB]
[G] c:\windows\system32\divx_xx0c.dll [PX5: AD284E5B0092A92190080CD60B49CE00B4EB2AF3]
[G] c:\windows\system32\ime\shared\mscand20.dll [PX5: 4493F19A0005DDE0D4C608D359DB260003F898B8]
[G] c:\windows\winsxs\temp\pendingdeletes\propsys.dll [PX5: EBF581BD00560EB582600B638AD81F00C56D07AE]
[G] c:\program files\common files\installshield\professional\runtime\objectps.dll [PX5: 4ACDE0C900B3D8AD800B002DDDE82A005F7FAD69]
[G] c:\windows\windowsmobile\cefstore.dll [PX5: 2B8D653D88A37E90AF3A0014F5417000892C8307]
[G] c:\windows\winsxs\temp\pendingdeletes\bcrypt.dll [PX5: A949C6E500080B36306B0449CDCA8B00AC1FD305]
[G] c:\program files\common files\system\msadc\msadco.dll [PX5: C77DCF57004A444FC05D02AAABBC0700EA2FCC21]
[G] c:\windows\system32\edsproppageext.dll [PX5: D8CF3FA900BE899DD28E0EFBC2A03C00CD51C215]
[G] c:\program files\cucusoft\ultimate-converter\filter\audxlib.dll [PX5: B53CAE6700B86DA850910B2900E08600C5F44088]
[G] c:\windows\system32\drivers\arc.sys [PX5: 9E3AEDCC38D8A99C36600125664AB40090838B13]
[G] c:\windows\winsxs\temp\pendingdeletes\shlwapi.dll [PX5: BA8F3AD3003521A85EBC0536F51C8C00094D9C8E]
[G] c:\windows\system32\wbem\msiprov.dll [PX5: 7F0EFF4700B11277C07404173EDF1900F917A01F]
[G] c:\windows\system32\ime\imetc10\imtccore.dll [PX5: 4864933400FE67DC4C7B08B0B843DA0015188AA0]
[G] c:\windows\winsxs\temp\pendingdeletes\wmiprvsd.dll [PX5: D47B9D0200D435349E1B076DD9483C0012BE1CB1]
[G] c:\program files\synaptics\syntp\syntpcpl.dll [PX5: 54017D9A0038A6A9608A0EBCACCE0D00E6D3FA45]
[G] c:\program files\common files\divx shared\libdivx.dll [PX5: 03D6361E00D2951BF0E20F3BBF5C6A0019FF1BA1]
[G] c:\windows\system32\cmdial32.dll [PX5: C02BA93B00D1EF515A89074A00AC9E000484E930]
[G] c:\windows\system32\dsquery.dll [PX5: EF86A68D00BAAE9C04AE068659E53800B825E251]
[G] c:\windows\winsxs\x86_microsoft-windows-s..mes-spidersolitaire_31bf3856ad364e35_6.0.6001.18000_none_82b83466754f24cc\spidersolitaire.exe [PX5: 61C360400020F88FE0AF0956C7D8490028BA8857]
[G] c:\windows\system32\mscomct2.ocx [PX5: 482C38FAC073C39FE2390994E4D8F0002D1899C5]
[G] c:\windows\system32\ime\imesc5\imsccore.dll [PX5: 26E6716200F2012EFA0809720D3B3000243B06B2]
[G] c:\windows\system32\ftp.exe [PX5: F1E1782A009A8716A4EF00665B77BB00322E91A8]
[G] c:\windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\minesweeper.exe [PX5: 9312EF7A0019897B3CF80DA622A2DC00A71878C2]
[G] c:\windows\system32\comuid.dll [PX5: 2989B815003E542E0E7D09990D1E8D00B776AF78]
[G] c:\windows\system32\divx_xx11.dll [PX5: AD284E5B0092A92140080CD60B49CE00F88E7700]
[G] c:\windows\winsxs\temp\pendingdeletes\emdmgmt.dll [PX5: A4E4056F0014F512A07208F9F1C24700731E7BC9]

[GP] c:\program files\trend micro\hijackthis\hijackthis.exe [PX5: 3DF7D3A40061C4A70C8E069553313F002B40F674]
[G] c:\windows\system32\certenroll.dll [PX5: 5C7646FC008D21CAF89710B15EF62700BA692849]
[G] c:\program files\quicktime\qtsystem\quicktimeeffects.qtx [PX5: ADFC755400519C4AD0BA088408D97E004CBCCBAB]
[G] c:\program files\avira\antivir desktop\update.exe [PX5: B601C7A00128589D2BB1065710D87B008CD6BF1D]
[G] c:\windows\system32\drivers\agrsm.sys [PX5: 91811DECA075E74FBA0111979F9900008F1BB978]
[G] c:\program files\quicktime\qtsystem\quicktimestreaming.qtx [PX5: 6A175F5F00BC9A6250470D3245802C00FB7D0B30]
[G] c:\windows\system32\accessibilitycpl.dll [PX5: F8488853000EAFC264D5260276530B004BEB99A9]
[G] c:\windows\system32\drivers\sym_u3.sys [PX5: 7C59CF4768E3045A88B300D37CC870006EE36856]
[G] c:\program files\adobe\reader 8.0\reader\agm.dll [PX5: 3A71CD4700A617DADEFC4A8F08F69900DD31E7F7]
[G] c:\program files\common files\microsoft shared\ink\inkwatson.exe [PX5: 31172B7300FFD025F6030B91F69AB200B5D25774]
[G] c:\program files\common files\adobe\acrobat\activex\acropdf.dll [PX5: 2F2BA0E1685B8CEFA51109BA07978D00481FE0AF]
[G] c:\program files\quicktime\qtsystem\quicktimevr.qtx [PX5: C16B15B70021DA00803B0DBE09BC1C00F7089E42]
[G] c:\program files\avira\antivir desktop\update.dll [PX5: 5DC9BAE60143BAF145D1053AB4C22000520BBD75]
[G] c:\program files\malwarebytes' anti-malware\unins000.exe [PX5: 57C587C410E2A48B914D0AA72B9B4000F1F86DD1]
[G] c:\program files\itunes\cddbcontrolapple.dll [PX5: 6431CCF2F037F1AC04F70BE1DE05E000DFF81BAA]
[G] c:\program files\samsung\samsung update plus\supclientapp.exe [PX5: C92C6B0DA808F958AE593FD8D69F6B008BC0F761]
[G] c:\program files\gamenext\adventures of robinson crusoe\launch.exe [PX5: 513CE5DF00DFFCD9B0F0069B80F0CC0098ED32E8]
[G] c:\program files\quicktime\qtsystem\quicktimeaudiosupport.qtx [PX5: CA99EE980068A9B270D932931D6FCE00E1D8286C]
[G] c:\windows\system32\drivers\netw3v32.sys [PX5: 3B35AC8800E630B9F60C210EC03D64001997B17B]
[G] c:\program files\cdburnerxp\unins000.exe [PX5: 7CABF2D34664C37180CF10561A0FFB005D739131]
[G] c:\program files\adobe\reader 8.0\reader\ace.dll [PX5: 8B75E6C600F458FD4CD80AD29A308A003E433A20]
[G] c:\windows\system32\btwhidcs.dll [PX5: 096B42EC003ED356001206970771ED00610A14D3]
[G] c:\program files\adobe\reader 8.0\reader\axsle.dll [PX5: 19E63A3400A501781A0A09CF72581A0040D90637]
[G] c:\program files\adobe\reader 8.0\reader\pdfprevhndlr.dll [PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5]
[G] c:\windows\system32\quicktimevr.qtx [PX5: F6DADBD000DA9CAA60F601D13FB78D00A24725D5]
[G] c:\program files\widcomm\bluetooth software\btstackserver.exe [PX5: 74F375EC281DEF59CAB018A26DDFA200D045C5A6]
[G] c:\program files\common files\px storage engine\pxsfs.dll [PX5: E494BE57F8326649DAFC18EFA7085F0073E546ED]
[GP] c:\windows\system32\avisynth.dll [PX5: 708329F3005505B95EA805C0A4007F00FA71E77F]
[G] c:\program files\adobe\reader 8.0\reader\cooltype.dll [PX5: CECA7BD00081D3EFD08C224BE59F3B007C20EE94]
[G] c:\program files\cucusoft\ultimate-converter\mp4convertersuite.exe [PX5: 770216B800E37F8810BD0C56A572DE00B9B5603D]
[G] c:\program files\common files\system\ole db\msolap80.dll [PX5: 62B6DE0F00DCFE1E407920EA99D5FD00A62215DE]
[G] c:\program files\gabest\vobsub\subresync.exe [PX5: B546CC83007DC80280C801FC97EA0500E8A07AFE]
[G] c:\windows\system32\hbaapi.dll [PX5: 3A4CE7E800EBAECAA2F300920E8BC8001CC4C8A2]
[G] c:\program files\common files\system\ole db\msmdgdrv.dll [PX5: D7160FA500E0B9DC04240C0DD7056000E400BCBC]
[G] c:\program files\common files\mssoap\binaries\mssoap1.dll [PX5: 95FD337000E0FF209845034DC1392200DDCE2FCA]
[G] c:\windows\winsxs\temp\pendingdeletes\adsldpc.dll [PX5: FB27BC1C008E7A5606A703B6C11C35005647AE66]
[G] c:\windows\system32\storage.dll [PX5: 7BAF327F704FA91D10D000043D15CA00D1A14898]
[G] c:\program files\common files\microsoft shared\web server extensions\40\bin\fp4awec.dll [PX5: 9F9047B26D20AB88E09906E8F1EBBE0085673182]
[G] c:\windows\smcm.dll [PX5: 24BF9A3000B80EE1A01C025BAD7E7200E77FB31A]
[G] c:\windows\system32\wpdconns.dll [PX5: CC403B32002491108285000B9848F100D42113D9]
[G] c:\windows\system32\sysfxui.dll [PX5: 5426AEAC0096A6212C7A0549113BFB00BED0A1E6]
[G] c:\program files\cucusoft\ultimate-converter\filter\ff_tremor.dll [PX5: BBDF480800E6D3033E2F01E42A9E3600CF4FE493]
[G] c:\windows\system32\inetppui.dll [PX5: F9D769FE001D48B33C1E00FEB9AC97009B42FB79]
[G] c:\windows\winsxs\temp\pendingdeletes\naturallanguage6.dll [PX5: F5BA5F6900D444D83A340CCF9ED1B500D7C0DC30]
[G] c:\windows\winsxs\temp\pendingdeletes\mscms.dll [PX5: DC97D2EB008A7086F803055B6685B300D190D602]
[G] c:\program files\microsoft sql server\80\com\sqlvdi.dll [PX5: 704D163C00DAF0F8D2F7016DB418DD00CB56185E]
[G] c:\windows\system32\mscomctl.ocx [PX5: 49A24C3D58E27ABC706810713597FE00FF74A5DE]
[G] c:\windows\system32\ocsetup.exe [PX5: 7E7638830078942D8C26000B5DA42400C8014561]
[G] c:\program files\cucusoft\ultimate-converter\unins000.exe [PX5: 7CABF2D31A64C3719DCF0A561A0FFB007CA5CD72]
[G] c:\windows\system32\qshvhost.dll [PX5: B43B674C00D083865ADA02C0817191008BF652DD]
[G] c:\program files\common files\adobe\acrobat\activex\pdfshell.dll [PX5: 8C22B1270080452CB0520538F9A2700042807472]
[G] c:\windows\system32\drivers\bthusb.sys [PX5: 987504FA0049D66D72760002C53A8B002C606AC9]
[G] c:\windows\system32\fm20.dll [PX5: EC708135204EB3BB2BC712EAB12E9600581B5CED]
[G] c:\program files\microsoft sql server\90\shared\sqlmgmprovider.dll [PX5: 7BCCAC92D822E2FE94FC03ACCEB553004740C737]
[G] c:\program files\windows journal\jntfiltr.dll [PX5: FDCD0FE30026DEA600720F2105985C006E23EB93]
[G] c:\windows\system32\iasrad.dll [PX5: 44BCCB1F003FC5316A1302AA2EEEFE003710699A]
[G] c:\windows\winsxs\temp\pendingdeletes\rasplap.dll [PX5: E44DA86D00872A53C0CE053226710300822DA032]
[GP] c:\program files\bittorrent\bittorrent.exe [PX5: AF36169D30553DDAB9AD09EC09A1DB000A7AA9A8]
[G] c:\windows\windowsmobile\inplace.dll [PX5: 47A49A9588A2281D83380057C8C214003ED0B503]
[G] c:\windows\system32\drivers\igdkmd32.sys [PX5: 0A3CA41F001860E4128E15472C71EB0013301FAE]
[G] c:\windows\system32\ff_vfw.dll [PX5: 471E618200EB7A9D1E9E003B3C2E07006140F31C]
[G] c:\program files\adobe\reader 8.0\reader\adobexmp.dll [PX5: 509FD054007734DAF07D056A11BA2500A96028A4]
[G] c:\program files\microsoft sql server\90\com\sqlwep.dll [PX5: C889ED17D8993A2B5A6E01B2EC0BC90006CDD3C9]
[G] c:\program files\common files\divx shared\dpugui11.dll [PX5: 85EBFADA0041388E109309F4D5BACF0018533553]
[G] c:\windows\system32\fdssdp.dll [PX5: 8270424800871CD10A3A012E0711EA00DFCBE225]
[G] c:\program files\ahead\nero\aphandler.dll [PX5: 9BEE6541006AF1E43048014267FD7700513A57C4]
[G] c:\program files\avira\antivir desktop\licmgr.exe [PX5: 742AC03C01DF96DB0370029CAD0AAB00D8F5B3E8]
[G] c:\windows\system32\comdlg32.ocx [PX5: 12216787C86C832E240502FA343A3C00F8DFE989]
[G] c:\windows\system32\ole2nls.dll [PX5: 09B13294B021FA9E558F026E08072F00900228B5]
[G] c:\program files\quicktime\qtsystem\appleproresdecoder.qtx [PX5: 95C7ED7900B387AA9AA1084E51C159007C906E95]
[G] c:\windows\winsxs\temp\pendingdeletes\winhttp.dll [PX5: 83C2555E009D8A70C09F05D82A9BA300C747B4A1]
[G] c:\windows\system32\logon.scr [PX5: EC6C90040041370D325C57370B486600AD247E7E]
[G] c:\windows\system32\drivers\adpahci.sys [PX5: 5A4B969D388C80B9963F04DBDE00F3001E8B2839]
[G] c:\program files\openoffice.org 3\basis\program\xmergesync.dll [PX5: 629B3D75007AF7A4507401F64A702D0059BFE099]
[G] c:\program files\avira\antivir desktop\avwmi.dll [PX5: 3B84DAF6016D29124125038583CFA900E5D29CF6]
[G] c:\windows\system32\drivers\uagp35.sys [PX5: 9D5CF27E3863EDB3E81B00DDFFB76D002070F488]
[G] c:\program files\adobe\reader 8.0\reader\axe8sharedexpat.dll [PX5: 351687F40016599E90F002D3A604B2004A3014E6]
[G] c:\windows\winsxs\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\mahjong.exe [PX5: D522A19600E14B961C5709741C15EC0033A21467]
[G] c:\windows\system32\netmsg.dll [PX5: AAEF4C0A00237BFE080D00C9515CDF00B79BCD14]
[G] c:\program files\adobe\reader 8.0\reader\adobe_eula.dll [PX5: 8F3180D500299D55328705340817960043879B33]
[G] c:\program files\common files\system\ole db\msmdgd80.dll [PX5: 9C116DEDF091B67E5AAE10077F91E30046F3ECB0]
[G] c:\windows\system32\btxppanel.dll [PX5: 8016653D009218B8D0D203A5F6C1EA004683280D]
[G] c:\windows\system32\iasnap.dll [PX5: CA2EE69A004F2E9C4CB4029D2B6AD000BF584197]
[G] c:\windows\system32\drivers\brserwdm.sys [PX5: 4E4ECB67801245EAF3B40058BC160500B5075865]
[G] c:\windows\system32\drivers\brserid.sys [PX5: C8C6FD1580067D1718D501E2B4D233007975D998]
[G] c:\windows\system32\mferror.dll [PX5: B0E42E5E005163390890000A3F161C00B79BCD14]
[G] c:\program files\common files\system\ole db\msdaps.dll [PX5: B9D2ACCE00EC4942E0B703EA1A5C1E00612494DE]
[G] c:\windows\system32\drivers\uliagpkx.sys [PX5: 3C1CB526384E3B50EEA00025FF82550033A86AC5]
[G] c:\program files\installshield installation information\{60de4033-9503-48d1-a483-7846bd217ca9}\setup.exe [PX5: FE28283000FE7477B0170573B2632E00E44273A4]
[G] c:\windows\system32\shpafact.dll [PX5: A244E8F000D96AB3364500FD1D880000178FBE29]
[G] c:\windows\system32\ndfapi.dll [PX5: D5DC5FA800AA0BCB1041022CAB7D1200BC2A0EB2]
[G] c:\windows\system32\cscript.exe [PX5: 586E07480021DA3B107302F938D6D400A885448C]
[G] c:\windows\system32\wow32.dll [PX5: F2DAB16600E4A2572EC8048252D6510021A4C9DE]
[G] c:\program files\quicktime\qtsystem\exportcontroller.exe [PX5: F72E584C0026B20FA0BC023BFDC6F00023C72C09]
[G] c:\windows\ehome\ehreplay.dll [PX5: AB4B918A00F50BF3E2340317EAD45D00CFD91A37]
[G] c:\program files\malwarebytes' anti-malware\ssubtmr6.dll [PX5: 98897C80105A5F79B5280051E4E68100D1332867]
[G] c:\windows\system32\drivers\ql40xx.sys [PX5: A212259968904FA29EFB0130C62C0B006A8C0B61]
[G] c:\program files\common files\system\msadc\msadcf.dll [PX5: 4F77533A00DDE9F3201E01B27C9656003B4C58F7]
[G] c:\program files\quicktime\qtsystem\quicktimeauthoring.resources\de.lproj\quicktimeauthoringlocalized.dll [PX5: A6958F8300753D3FD06A00C4B70076005EF41D28]
[G] c:\windows\system32\drivers\sisraid4.sys [PX5: 607EDA833811578224F201F938B7F900A513D9BE]
[G] c:\windows\system32\iscsiwmi.dll [PX5: 4AA7C87400DE679CFA20006AC3024C00726CE25A]
[GP] c:\program files\divx\divx plus directshow filters\divxdech264.ax [PX5: 27FDF9AF003DCDF79CF5070C4D7A35000FBF40B8]
[G] c:\windows\system32\nvmccs.dll [PX5: 9E71F06A200D5B369A78038C237D7F000BD4C4A2]
[G] c:\windows\system32\drivers\sisagp.sys [PX5: DE3EE36A386BFD66DA740036F7E912001649334E]
[G] c:\windows\system32\ime\imekr8\imkrtip.dll [PX5: 0C67C3800020924F54FF08AFFBEF9200797FD047]
[G] c:\windows\system32\msvcp70.dll [PX5: 97FD0832003018F270F607F09DF447007EAD100A]
[G] c:\windows\system32\mfc71.dll [PX5: 6CC9C2640078308D309410C7EE8D9E0004FCAA75]
[G] c:\program files\adobe\reader 8.0\reader\acrordif.dll [PX5: 20C64FF5704AE3C7A6A70114951155004C1B18C1]
[G] c:\windows\system32\msstkprp.dll [PX5: 010754470092111D70A501EC3021BE00904AC187]
[G] c:\windows\winsxs\temp\pendingdeletes\mswsock.dll [PX5: DEA5CEB000F2E870688203A788D4DB00589E5215]
[G] c:\windows\system32\drivers\e1g60i32.sys [PX5: 7AF1120E002BA0F0D05301E0E1798C00C8711A89]
[G] c:\program files\windows collaboration\wincollabelev.dll [PX5: 92A213500011A4AD028701695B64510026EF7034]
[G] c:\windows\system32\colorui.dll [PX5: 7B1029D200ADD0907A140A3B3C2E0700562F404D]
[G] c:\windows\system32\wscript.exe [PX5: 489510F1003A8ADC6077024F126735001085D5A2]
[G] c:\program files\windows collaboration\wincollabproj.dll [PX5: 36DB447100F204956615032703473100CCC4B314]
[G] c:\windows\system32\printcom.dll [PX5: 60A999EB009654C794290032CD875C00A1E6DE4E]
[G] c:\windows\system32\msctfui.dll [PX5: B3073C2B00DCD9474E7E017493C7000074DC0D76]
[G] c:\program files\windows journal\nbdoc.dll [PX5: 2D8B5D870039CB7D94EC12B043366D005FD1E0CB]
[G] c:\windows\system32\drivers\vsmraid.sys [PX5: 7658EC273896147FFEBC011FED940800512829E4]
[G] c:\windows\system32\portabledevicewmdrm.dll [PX5: 7B76A027008505FB002203806B79A800AABA5E2E]
[G] c:\windows\system32\wbem\ntevt.dll [PX5: 564563B100CAA1AAA28702CC471F27007B28068C]
[G] c:\windows\winsxs\temp\pendingdeletes\fastprox.dll [PX5: 358AEB0E001CFAE3648C09FC115B9200AD44C3B6]
[G] c:\windows\difxapi.dll [PX5: 29FD0D63E0035FF8DF8E0498EEA8DC00BAEE56CD]
[G] c:\windows\system32\netiohlp.dll [PX5: 609676B9000B4BE298BB01A0E2D6D300D2F0F045]
[G] c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sidebar.exe [PX5: 299ECEE500A4AF72D4DB12A94DE79200AA03DE80]
[G] c:\windows\system32\drivers\iirsp.sys [PX5: 8F2B0F656839B276A2EC002FD1D65900B4172CC3]
[G] c:\windows\windowsmobile\mailsync.dll [PX5: AC225E9288DAE821870401B403811B0093838065]
[G] c:\program files\samsung\easy network manager\easynetworkmobility.exe [PX5: 305F0406000ED6948047020B837DAD00D45668FA]
[G] c:\windows\system32\drivers\viaagp.sys [PX5: CF25F4D238F1CFD4DEA9009F83001F00100F49AB]
[G] c:\windows\system32\drivers\sbp2port.sys [PX5: 8672988C681B5B7C2AE301A7F826DB0015764629]
[G] c:\program files\common files\system\ole db\msdaosp.dll [PX5: 64AD9718001AEEE8603B0186C06CCD000200A691]
[G] c:\windows\system32\btsendto_ie.dll [PX5: 83B0A2D30075E75EE09C02D3E1A1A1003F326B2C]
[G] c:\windows\system32\atmlib.dll [PX5: 07794FEF00CC3615866A00C6AEA25700A9A781F8]
[G] c:\program files\total video converter\mediaburner.exe [PX5: 05BF1EB846A6DEF1607904C602DE930014A04315]
[G] c:\program files\common files\microsoft shared\ink\tabtip.exe [PX5: 05A9262E00EBD9BFA4800459FB28210090DB77D2]
[G] c:\program files\total video converter\tvp.exe [PX5: 521BDFA800798B2590F4039951757000451D69B8]
[G] c:\windows\system32\ndishc.dll [PX5: F3D4A34D00E22E82A67C002394A7B80038452E34]
[G] c:\fraps\uninstall.exe [PX5: B54F836CE26EA3A754AD009D1835EE004897B571]
[G] c:\windows\windowsmobile\wmdconn.cpl [PX5: 7B40A1E888E6716EB520016A2A6E9600B2E7780A]
[G] c:\windows\windowsmobile\inkform.exe [PX5: 749E50DE8893CF1C51BA008E141FD500EAF89DD9]
[G] c:\windows\windowsmobile\inkprops.dll [PX5: A456CE3B88EDEF7EEB8D006F453C2700732C4FE5]
[G] c:\program files\common files\system\ole db\msdmeng.dll [PX5: D78390F8E87373C11A6F0707FCC8860067D3D614]
[G] c:\windows\hidewin.exe [PX5: 869102C500D0B3DED06704B6D2DE3B00B3A5CC1B]
[G] c:\windows\microsoft.net\framework\v3.0\wpf\penimc.dll [PX5: 22C0799C60ECD94A0D2C01B7147921004D0C6C24]
[G] c:\windows\system32\slcc.dll [PX5: 3DEF121D00C27305DC2D0B9A2D0534008A5AD93C]
[G] c:\windows\system32\rrinstaller.exe [PX5: FB9108FA009F9C70D06500472F4E5F000D62C273]
[G] c:\windows\system32\drivers\nv_agp.sys [PX5: 8446C2E738B933FCAA13018CB8B5FB008B273796]
[G] c:\windows\winsxs\temp\pendingdeletes\rpcss.dll [PX5: A144B96000FAFAB96AF408FE84AE7D00E6235D11]
[G] c:\windows\system32\nslookup.exe [PX5: E50443870019B43344C901A9836EEE0019A68D9F]
[G] c:\windows\system32\xpsviewer\xpsviewer.exe [PX5: 8DCC59056825B5DF9183040AC5B56A002EF792C3]
[G] c:\program files\gabest\vobsub\submux.exe [PX5: DE5D7CB9000B7CC4F037007AF6E0A20042DAC44E]
[G] c:\windows\system32\drivers\nvraid.sys [PX5: AE8FF5F3382A1C5992C601A024B459000382905E]
[G] c:\windows\system32\wshnetbs.dll [PX5: 7AEA2CBD00BB66E42C4700C3BDCD6500035624CB]
[G] c:\windows\system32\advancedinstallers\cmiv2.dll [PX5: C49FE7F7009AD92B044A1FD592128F0025F8A08D]
[G] c:\windows\system32\pthreadgc2.dll [PX5: 216BB60871F3E0ECEB900096B91CC100A05CF759]
[G] c:\windows\system32\btsendto_wab.dll [PX5: A693E4600086C6B0803F035F637D0600D0A6C0A9]
[G] c:\program files\total video converter\unins000.exe [PX5: 5489F0721AAB8782692E0A8C36F4280001A2B960]
[G] c:\windows\smcm.exe [PX5: 27D5B47900DFD6E1E023046BEDE4A80059A10A74]
[G] c:\windows\system32\drivers\nvstor.sys [PX5: F42E73C038596124B0A800E7B99C960029411BBA]
[G] c:\program files\divx\divxdsfiltersuninstall.exe [PX5: 8BBFD9973BC3D6E0BF1507CEBA5295004A87C6EC]
[G] c:\windows\windowsmobile\voicefrm.exe [PX5: 7CAE0AEC8811A828512800EDC947BF002B1F4DBC]
[G] c:\program files\common files\microsoft shared\ink\flicklearningwizard.exe [PX5: C43A243E005546C1C8B80EFD0B5958004C9D7A95]
[G] c:\windows\system32\drivers\usbvideo.sys [PX5: BF32A398805F79140BC10227F5ACDC0065DACA66]
[G] c:\program files\itunes\itunesminiplayer.dll [PX5: D074E31A280CE427E57101CE6CB9D700D8344160]
[G] c:\windows\ehome\createdisc\sbeserver.exe [PX5: 28367A3D00A854AB942091E88C196C006A4BB25C]
[G] c:\windows\system32\mfvdsp.dll [PX5: 42F7CD1E005CB205F47F00CE626EA700FB9CF7A2]
[G] c:\windows\system32\drivers\agp440.sys [PX5: 7735EA853850435CDCCE00B4B17168000928CE09]
[G] c:\windows\system32\drivers\lsi_scsi.sys [PX5: BE95277338FCB98B784F0185FC79470061431A41]
[G] c:\windows\windowsmobile\vcomctl.dll [PX5: 5FFFB886888AB05F137301D57323730085F0AA30]
[G] c:\program files\divx\divxwebplayeruninstall.exe [PX5: 8BBFD9973BC3D6E0BF1507CEBA5295004A87C6EC]
[G] c:\windows\winsxs\x86_microsoft-windows-wordpad_31bf3856ad364e35_6.0.6001.18000_none_2dba79336ce584c1\wordpad.exe [PX5: EAFA3CF100AF4074260005595C067600BCF1127F]
[G] c:\windows\system32\mmc.exe [PX5: 892FC4E700B395385A201B73A38ED500A3D6955F]
[G] c:\windows\hotfixchecker.exe [PX5: 38CEE2350032C75A30640649ED7BDB0067B1F846]
[G] c:\program files\adobe\reader 8.0\reader\atl.dll [PX5: DAC8A4C63AF90751E6FC00E22005AC0062DCABC8]
[G] c:\windows\system32\pnpxassoc.dll [PX5: F1EC599F00DE024410ED017136C5B900ED971A95]
[G] c:\windows\system32\wmvencod.dll [PX5: 7968518F006E36040C1318B106F4C0008A09F3DA]
[G] c:\program files\common files\divx shared\dpv11.dll [PX5: 88D410D600D3F4D1E02000E2854E30005CFE1005]
[G] c:\windows\system32\wbem\wmiperfclass.dll [PX5: 836277C100FAE5B4646D0169D0E86200BCA9350F]
[G] c:\windows\system32\mscorier.dll [PX5: B4895004409B9C325FFD029D70951B00CFE48C6D]
[G] c:\program files\openoffice.org 3\program\quickstart.exe [PX5: 98E37CD700BC8233DC99053B3C2E070082BA3893]
[G] c:\windows\system32\drivers\ulsata2.sys [PX5: 6DA1CCDE685BBEA3C4FD012CFA49FA0005FDAF14]
[G] c:\program files\windows collaboration\wincollabcontacts.dll [PX5: 55AA56A500582716DC7E007C5E17D600E89152E9]
[G] c:\windows\winsxs\temp\pendingdeletes\msxml6.dll [PX5: 2D87768600667A9D5CBB14BE03510200276C7B84]
[G] c:\windows\system32\synctrl.dll [PX5: 52ED780200BF8148009B030547B40400FBA39AC6]
[G] c:\windows\system32\oleprn.dll [PX5: 9BDB941B00E746087EC701CCDDC4FF00564C5D93]
[G] c:\program files\pokerstars.net\tracer.exe [PX5: 3C3651E1186E25EAB5EB025A68D2C3009115569D]
[GP] c:\program files\divx\divx plus directshow filters\daac.ax [PX5: B3DFC82500368819EE0500F6D82CA7006B5CF17A]
[G] c:\windows\system32\mshta.exe [PX5: BC8C0E0900EF154CB283004921E9A6003C776A4A]
[G] c:\program files\itunes\itdetector.ocx [PX5: BBE837A728A3A26CB5C301E7C1D9A100CBA08B5E]
[G] c:\windows\ehome\cbva.dll [PX5: FA00210B00D90EB0C09D029F649DE8001C95B2CC]
[G] c:\windows\ehome\ehglid.dll [PX5: 075E9AF200715A5BB230050212497F00B2D5DAC9]
[G] c:\windows\system32\auxiliarydisplayapi.dll [PX5: 3E066B32003B5B12969C014F59D38B00AC16131C]
[G] c:\windows\system32\drivers\circlass.sys [PX5: 5A389B1A00C1D5CE8AE5002F375DC0009049DF4C]
[G] c:\windows\ehome\mcx2filter.dll [PX5: 58F1EB7E0096745922A215D089B3050030DF709C]
[G] c:\program files\quicktime\qtsystem\qtjnative.dll [PX5: 26F02B680019360090560AC6C3AA6E0040DAE1FF]
[G] c:\program files\adobe\reader 8.0\reader\bibutils.dll [PX5: 96DE17E200C25AC252AE02C33C6D0700D2FB1CBF]
[G] c:\program files\common files\divx shared\ssldivx.dll [PX5: 2B5064B000BEF4D3107603FF1E984800D76847DF]
[G] c:\windows\system32\drivers\winusb.sys [PX5: FC7925CA808170ED7B7A002704272E009142DC46]
[G] c:\windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\shapecollector.exe [PX5: 27B6279D00AFCF2E5AA70E290E74C300FED3781B]
[G] c:\program files\divx pro vfw\unins000.exe [PX5: F61B8FB326550E748D5B0A1B8473C000A76D4072]
[G] c:\windows\system32\pintlgnt.ime [PX5: 37F178E7008DA9055C6F01E5E705CC0089FA6FB1]
[G] c:\windows\system32\drivers\usbstor.sys [PX5: 108EA11D0079732900190151A4A00B00777EF34A]
[G] c:\windows\system32\comctl32.ocx [PX5: B338A671C024B20F48A80970D3818A00AFB0346E]
[G] c:\windows\twain_32.dll [PX5: AAACC7C400CCB726C6D3000FE14DEB002125C608]
[G] c:\windows\system32\drivers\rndismpx.sys [PX5: 90DDBB19006A37F082AC00E1E85E680078B90E04]
[G] c:\program files\common files\speechengines\microsoft\tts20\msttscommon.dll [PX5: 29DE585F005BC46D86A800BCAE609B0003BEF3A7]
[G] c:\windows\twunk_16.exe [PX5: F36A27171006EDD2C23C0094956AFB0056981184]
[G] c:\windows\system32\exvmuvc.ax [PX5: C01EF8BB00040DF720350143BF045800BE7B22F5]
[G] c:\windows\winsxs\temp\pendingdeletes\eappcfg.dll [PX5: CCD2252F00C55FA8128602EFCC2F130026D586F2]
[G] c:\program files\common files\speechengines\microsoft\tts20\msttsengine.dll [PX5: FEF73AF90019BAE64A1102111481FA00C204C212]
[G] c:\windows\system32\libmpeg2_ff.dll [PX5: 14E4F95A00D90023B83901B399C6360067C79507]
[G] c:\windows\downloaded program files\oberongamehost.dll [PX5: 9C063916484C4C02A6FE09F92811EA0073A1E41C]
[G] c:\windows\system32\wpdmtp.dll [PX5: 23A5894D008092C350CA020E8B9D000049435E11]
[G] c:\windows\winsxs\x86_microsoft-windows-s..l-inboxgames-hearts_31bf3856ad364e35_6.0.6001.18000_none_f409fe2f63d8cdb4\hearts.exe [PX5: F5AD305300364B98A83509AE8EB25900D17CDC71]
[G] c:\program files\avira\antivir desktop\guardgui.exe [PX5: D83138470108B5C199810514B201AE00DE758C69]
[G] c:\windows\system32\drivers\symc8xx.sys [PX5: F1BB1EE36851219D8CED00DBBECDAF00D593B9DC]
[G] c:\windows\ehome\createdisc\sbeserverps.dll [PX5: BA23855D003495633E6100E595EAE6004233DA98]
[G] c:\windows\system32\ole2.dll [PX5: 023C475D60D5EE8EA6AB00EE35003400C081EC8E]
[G] c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6001.18000_none_aa47d5c4002219b8\wincollab.exe [PX5: 78ED17FE009ED6DF866206E3D47F4700F1A54CCD]
[G] c:\windows\system32\drivers\sdbus.sys [PX5: 4FC76AB100F695F15A3E01245775E800BBEAD5C9]

[G] c:\program files\windows media player\wmpsyncmgr.dll [PX5: 5922106100C0D7576C10025FD39D09009BE2A61E]
[G] c:\windows\system32\dpl100.dll [PX5: E052559F00FC6E1660DD010FB3382C008C06B6B2]
[G] c:\windows\system32\resampledmo.dll [PX5: BACFB9A800F47F1A4E1303ABAA5FDD00FB2BE105]
[G] c:\windows\system32\es.dll [PX5: 024B768B0000DE221A5A04C26F9B7B0067978C8B]
[G] c:\program files\samsung\samsung update plus\supbackground.exe [PX5: A0E2F261A89E79E08EB504CAC21F0400EB9E6A54]
[G] c:\windows\system32\macromed\flash\flashutil10b.exe [PX5: 35B983CEA07D563DABD0037097283400479D7BC4]
[G] c:\windows\system32\loadperf.dll [PX5: 96B7678C0007059CBCD00182941239006539A7B3]
[G] c:\windows\system32\wbem\esscli.dll [PX5: 6EBB8FF7008E27680E4204EDF74970001D982F4F]
[GP] c:\windows\swsc.exe [PX5: 9AD6007400EF58FB16FD02C93D5A11007C587A2D]
[G] c:\windows\system32\nvmctray.dll [PX5: 88809440207F0A5B6AB50127F1180A00077D8524]
[G] c:\windows\system32\btncopy.dll [PX5: C23EE39F00A02A9CD02702B9EE7A5E00F09CC20A]
[G] c:\windows\system32\cewmdm.dll [PX5: 70EB4964007207D1721D0311C8BC020009889EA4]
[G] c:\windows\system32\portabledeviceapi.dll [PX5: FA01AF5800D348D2AE5703D6EBE1E200AD5CA7CD]
[G] c:\program files\synaptics\syntp\syntpenh.exe [PX5: 721F35DE284B613EB5440F3D79187D00B76C9094]
[G] c:\windows\system32\portabledevicetypes.dll [PX5: A70A106600223D7674270271F905C900B6B08CDC]
[G] c:\windows\system32\rapistub.dll [PX5: 61A9C015885EEC9967200342DAFBA500E1A57B36]
[G] c:\windows\system32\wbem\wbemcore.dll [PX5: 76C5F581006C34525CCF0BFB152E1500330B0AEE]
[G] c:\program files\malwarebytes' anti-malware\mbamext.dll [PX5: 2636393D103EDB42251701B5D563E600F23C2578]
[G] c:\windows\windowsmobile\rapimgr.dll [PX5: F367758B889F3003CDB802BA48F42B008C791F69]
[G] c:\windows\system32\nvapi.dll [PX5: 978DA3B7006E94CA000F07D592B5D800B968343B]
[G] c:\windows\system32\mediametadatahandler.dll [PX5: 38F88319006ADE0572A605E9C806E10095AB1D5F]
[G] c:\program files\windows media player\mpvis.dll [PX5: 2BA3B2C6002B021ACA230315C2FC0800333A9707]
[G] c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe [PX5: 954AE427588652AFFBCE018D0488EF0073322612]
[G] c:\windows\system32\drivers\bthmodem.sys [PX5: 56351D8100A9E4BF9C1900FB6F7FCB00D9E23FC9]
[G] c:\windows\system32\wbem\repdrvfs.dll [PX5: 1A9D346F00AD35C20E3104D40C363D00DEC96F16]
[G] c:\windows\system32\drivers\usbaapl.sys [PX5: 7CDFC033007BCC667DD600FBC3C328003F61FFD7]
[G] c:\windows\system32\drivers\iteatapi.sys [PX5: 7F01032468AF7A1E8C65003CD9835700C4DC00DB]
[G] c:\windows\system32\drivers\usbcir.sys [PX5: F1C917F80072E8E00C9C01F57E0466006E3F30ED]
[G] c:\windows\system32\activeds.dll [PX5: 84CC65040022131D20E003D60DF56F00E7D58E78]
[G] c:\program files\icq6.5\icqdevilimg.ocx [PX5: E5B33485000ACB8E10320479C05AF0007B7E0A57]
[G] c:\windows\system32\l3codeca.acm [PX5: 4CE5BA7400740CC4F47600C5CC37C900F76A980A]
[G] c:\program files\common files\system\msadc\msadce.dll [PX5: 539ACB9A00798D32F0D106DDFFC93C00F5705E08]
[G] c:\windows\system32\wpdsp.dll [PX5: 9A87E51600F1E5D6546505F47CF765002488E144]
[G] c:\windows\system32\wbem\wmiadap.exe [PX5: 5CA561B200F3A67BCA0801D7F04CE400970D3C2D]
[G] c:\windows\system32\wuapi.dll [PX5: F7F6BE5E18EF17EC92E008D28B77C3002AC9D47D]
[G] c:\windows\system32\timedate.cpl [PX5: 6BFCA6460059197EE67D0A43DDDB9C00380677F9]
[G] c:\program files\common files\system\wab32.dll [PX5: 67458D8E00656D9CCCD60A40AFE54700DE7F24F9]
[G] c:\program files\common files\microsoft shared\dao\dao360.dll [PX5: 7DB9E0A1001F4C69503A097A72F6A8000CA37C63]
[G] c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\msascui.exe [PX5: 530D51EC38017C1562E60F8B9C240F00656D7AF5]
[G] c:\windows\system32\adtschema.dll [PX5: 3FA21025000AA2536E0D096BF6C48B00734DCEED]
[G] c:\windows\explorer.exe [PX5: 07BF9FAF0018F72BA83B2C877364470024F58C89]
[G] c:\windows\windowsmobile\wcescomm.dll [PX5: 1B7B68F3885433E8CBEB0524C01724007F54FDFA]
[G] c:\program files\divx\divx player\primosdk.dll [PX5: 76C62520F86EB9F22AAC037609EE510029A2AA3D]
[G] c:\windows\system32\wbem\wmiprov.dll [PX5: 3F1381D200180851547702877AB4000092DCA8FC]
[G] c:\windows\system32\msjtes40.dll [PX5: 5985BD6A001E6F067059041E84D9480014DE4B97]
[G] c:\windows\system32\netcfgx.dll [PX5: 213C52DB00293845E62805BFDA3115007D9EEC62]
[G] c:\windows\system32\query.dll [PX5: FAF179EC00EB953C14B41527BD98F5004F6DC239]
[G] c:\program files\avira\antivir desktop\shlext.dll [PX5: CE4E509601C20214618104C0E18D8700A6B16CF7]
[G] c:\windows\system32\inetcomm.dll [PX5: 7B747F2B00DF5CA7461A0B957396DA0090324D49]
[G] c:\windows\system32\drivers\crusoe.sys [PX5: CAE52472000F9E64A04400CDC4EAC300F700969D]
[G] c:\program files\icq6.5\aolsvcmgr.dll [PX5: 8BCEBF29004B43B618B5099D46498E00E6393B58]
[G] c:\windows\ehome\ehsso.dll [PX5: 38C7D0CB0064A885D4720143404FA900DB1D7F45]
[G] c:\program files\common files\px storage engine\pxafs.dll [PX5: 1123A753F87EC11EFAAD011B058C68003D35C439]
[G] c:\program files\windows collaboration\wincollab.exe [PX5: B4BE037300D0E1792A3006294ADEDF00E1359124]
[G] c:\windows\system32\msrating.dll [PX5: 242719B600490A06F22C0275CC7781006EFF0618]
[G] c:\users\jens knossalla\program files\dna\plugins\npbtdna.dll [PX5: 8C9BF3A60088A959C09D006DBFC96700420B6843]
[G] c:\program files\dna\plugins\npbtdna.dll [PX5: 8C9BF3A60088A959C09D006DBFC96700420B6843]
[G] c:\windows\system32\drivers\isapnp.sys [PX5: 4BD3B9CA380F3DE1C24F0038C8946A00772B628B]
[G] c:\windows\system32\wbem\wbemess.dll [PX5: B36AD55700F787A64E1905FC68405B00FDD8B691]
[G] c:\windows\ehome\mcupdate.exe [PX5: 283859F600337C0528F10287E9B48C002B0F6CA7]
[G] c:\windows\system32\drivers\mpio.sys [PX5: DD36725738AA2C1A9AA8017D427BBC00A1F88330]
[G] c:\windows\system32\wmpdxm.dll [PX5: F68E65220004267FBE8F04910783D200EED1343C]
[G] c:\windows\system32\drivers\blbdrive.sys [PX5: A798DD0A0021238BB24E006C33080A00D840FD1D]
[G] c:\windows\system32\drivers\bcm4sbxp.sys [PX5: 8262CCDF00ACB890B055009148394000147E35AC]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll [PX5: 4B06C8F300E0068356A503F787CF92005AF70259]
[G] c:\windows\branding\basebrd\basebrd.dll [PX5: 918F1771009236DCA2EC03F2CD95BF00A9492064]
[G] c:\windows\system32\diagperf.dll [PX5: E49DB1F00058B3B8769410038A4F4400FB780F42]
[G] c:\windows\system32\drivers\msdsm.sys [PX5: 0CC70FB6380C1D31729A01F71A44BD00962A3E7E]
[G] c:\program files\cdburnerxp\nmsaccessu.exe [PX5: C8EDCE31B8222D5715A6015EAEA95300545ADED3]
[G] c:\windows\system32\mswmdm.dll [PX5: E702CB8D00BC6E4CC4DF04CC7DFEDF006C8A9505]
[G] c:\program files\quicktime\qtsystem\corevideo.qtx [PX5: 356718AF00804CF3F03E0475ECDFFA0044E4D524]
[G] c:\program files\adobe\reader 8.0\reader\air\nppdf32.dll [PX5: FEFA823970AF70FB758F01747FF8900099F6F33A]
[G] c:\program files\gamenext\adventures of robinson crusoe\hookisolate.dll [PX5: F369D739009D683EF0610006BCB37400F07C9AA4]
[G] c:\program files\quicktime\qtsystem\quicktimeessentials.qtx [PX5: 2C10D37C00D0638800DD052947986D00B7C7A563]
[G] c:\program files\divx\divx player\ssldivx.dll [PX5: 335AB84100BD06CB00DB034326BAFE000581CB03]
[G] c:\program files\icq6.5\msvcr71.dll [PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[G] c:\program files\avira\antivir desktop\avnotify.exe [PX5: 4327C84F01B02B4109E903A83F7F7400C7D52CE9]
[G] c:\windows\system32\unregmp2.exe [PX5: B894DC86004AF8E7BE5604558504C3006634FA47]
[G] c:\windows\system32\wbem\wmipcima.dll [PX5: 633D511E00F53F5AA6D102C5D957D6007EBD9E60]
[G] c:\windows\windowsmobile\wmdc.exe [PX5: 187E8CD788B15DB5E3B3093D20C4DD002EC0265F]
[G] c:\program files\quicktime\qtsystem\quicktimecapture.qtx [PX5: ABB533B90055BB73F0C2049BE9FA8200F10EF2C4]
[G] c:\program files\quicktime\qtsystem\quicktime3gppauthoring.qtx [PX5: C60D8FFB00036E20A0750706093BB8005115B099]
[GP] c:\windows\swreg.exe [PX5: F583C28B008EFEE4785C023A5217460062E7F95F]
[G] c:\program files\icq6.5\flashplayercontrol.dll [PX5: CBAA436F0009F3BCF0C505E3FD502A00A6C841C1]
[G] c:\program files\quicktime\qtsystem\quicktimestreamingextras.qtx [PX5: 9843FF59002525F180BF02358A7787008D286583]
[G] c:\windows\system32\wbem\mofd.dll [PX5: F5C10B0800E2CB54E418021BC4FE620003958D97]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\drupdate.dll [PX5: 6CE7D62B00F8EF6D8813015C075C570047685E71]
[G] c:\program files\icq6.5\coolcore49.dll [PX5: 22E3A27C0081F9EFF0790BABD045E20011C77DF5]
[G] c:\program files\avira\antivir desktop\updext.dll [PX5: 24E025F10116E348356401A63062EE004F77FEE6]
[G] c:\program files\quicktime\qtsystem\quicktimemusic.qtx [PX5: 42F4666000FA975AD0ED0747C7A2FA000E4CFA0B]
[G] c:\program files\quicktime\qtsystem\quicktimewebhelper.qtx [PX5: DDB5E54B00AF0E4070A904A6FC9159002E6FAC74]
[G] c:\windows\system32\wmphoto.dll [PX5: 79A55FF300BE8FB8E85804A0C4309200187DB2D6]
[G] c:\windows\system32\drivers\nfrd960.sys [PX5: AA82FD906845CB5AB0FA0002DF6B2400D1C18DBC]
[G] c:\windows\system32\winsatapi.dll [PX5: 0C3C3182004EE680DA75054CE7B83100482A8A51]
[G] c:\program files\quicktime\qtsystem\quicktimempeg.qtx [PX5: 68335FCC00FE6E5930AB07CF6D88D80037056306]
[G] c:\windows\system32\wpc.dll [PX5: DFAA3643000CE68A88E40451BBA81F0090A865EA]
[G] c:\windows\system32\shgina.dll [PX5: A739992D003463340C0B01A9DF2AED0005CE4C83]
[G] c:\windows\system32\adsldp.dll [PX5: 7E0036E70013874FD66D0201CF200C0098B4CA90]
[G] c:\windows\system32\macromed\flash\flash10b.ocx [PX5: 606E30D7A0B4DAD2FF873A827E942F00EC058CF5]
[G] c:\windows\system32\win32spl.dll [PX5: 8EC137AC00DBC317C4A40679397A0600D2FA9C16]
[G] c:\program files\quicktime\qtsystem\quicktimempeg4.qtx [PX5: F0F869DC008049CA506D05190BDC4500A8F24A07]
[G] c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe [PX5: E2A5390080BB8765AB3500ADFD7E6300FE6919E1]
[G] c:\windows\installer\{904ccf62-818d-4675-bc76-d37eb399f917}\wmdc.exe [PX5: 187E8CD788B15DB5E3B3093D20C4DD002EC0265F]
[G] c:\windows\system32\rastls.dll [PX5: 50364837005884F3BA6103DC2AFD16007A4B153A]
[G] c:\windows\system32\cdga.dll [PX5: EACA8E0400D71DE350F105EE32A9D900C705D623]
[G] c:\windows\system32\drivers\ipmidrv.sys [PX5: 3D52DF3E004210DDFC8100E03047430007EA5626]
[G] c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe [PX5: EFD4B4BE58BDA0EE6B510DC9EBC32100184BE0D8]
[G] c:\windows\system32\wshext.dll [PX5: BAFE7E3C00B3F9A860BE0170AC99A800EF20FE16]
[G] c:\program files\samsung\easy network manager\enm.exe [PX5: 3DBF3E40A862DD843EB20CD7B4AA5700D90CCFC4]
[G] c:\program files\quicktime\qtolibrary.dll [PX5: 9A3395FA002CA5D2500B0CB43D866E007A782A28]
[G] c:\program files\quicktime\qtocontrol.dll [PX5: ED7EFC3200E0064070760DDD8C725D00C293B0D6]
[G] c:\windows\system32\iedkcs32.dll [PX5: 89B619BC00ECE8E016C20637BA2AE300C8CE6DF2]
[G] c:\windows\system32\compatui.dll [PX5: A4448745002B471D5050048C3D3A3B00A87DC279]
[G] c:\program files\icq6.5\msvcp71.dll [PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[G] c:\windows\system32\msdtc.exe [PX5: 795F167C0071D53B9EA90107166FBF00E8900F2B]
[G] c:\windows\apppatch\acgenral.dll [PX5: DEADF5EA000FE754F690201D10556D00BACC2D27]
[G] c:\windows\system32\rasppp.dll [PX5: D4C783CB0068995FF61E03089F993B00A3F4CB4D]
[G] c:\program files\cucusoft\ultimate-converter\filter\flvsplitter.ax [PX5: 0A54320900000E9940E60630683C7E006AF7D7A5]
[G] c:\windows\branding\shellbrd\shellbrd.dll [PX5: EEF6B07B003654C65E8E0D0432B75B006C2EBE67]
[G] c:\windows\system32\libmplayer.dll [PX5: 7808C83D00EA7C1C0A97062F065A1300F215DCC8]
[G] c:\program files\common files\px storage engine\px.dll [PX5: E9F7EB80F8EFAEFC6AE108C58B0F320033617411]
[G] c:\program files\cucusoft\ultimate-converter\filter\mp4splitter.ax [PX5: 2355F87F006F893C7CAC07F7637F0D005484A0D2]
[G] c:\program files\divx\divx player\dcmanager.dll [PX5: 692886DF000BA79E404C07CF7B0BBC0012F7A876]
[G] c:\windows\winsxs\x86_microsoft-windows-directx-direct3d_31bf3856ad364e35_6.0.6001.18000_none_eb4e0e435578fd76\d3dim700.dll [PX5: 49770029003C355F74520C88E58A270046C76602]
[G] c:\windows\system32\drivers\btwaudio.sys [PX5: 00379BD428E6AE1D3A9D01646EA8FA004419A1FB]
[G] c:\program files\common files\px storage engine\pxwave.dll [PX5: 35ECB0BFF8493830CACE0562A2D49200C8E4AE96]
[G] c:\program files\microsoft sql server\90\shared\sqlwriter.exe [PX5: FD032962204E77F4578E01391CB38700C8865B41]
[G] c:\program files\divx\divx player\libxml2.dll [PX5: BF273A9700550446AA940DD6C61EE30036242BF9]
[G] c:\windows\system32\nvvsvc.exe [PX5: 8C1F2BCB0045CFB7005B03A4B84C4B00C674E1AF]
[G] c:\program files\common files\intel\wirelesscommon\regsrvc.exe [PX5: 1F7EC516003A144820180778B0D2B500BA2FF843]
[G] c:\program files\malwarebytes' anti-malware\mbam.exe [PX5: B7EB0A7910AC20CD956513C21CCFAC000888A24D]
[G] c:\program files\avira\antivir desktop\avcenter.exe [PX5: 989FAC8201D6D9932DC007CE27B8E00035DFAECD]
[G] c:\program files\quicktime\qtsystem\quicktimeimage.qtx [PX5: B5AC8F940060CD9200710FD36F169B0003918086]
[G] c:\windows\system32\drivers\djsvs.sys [PX5: D04BA3CE68B22F1F16A001AF26C27900DD1DAC9A]
[G] c:\program files\divx\divx player\dmfplaybackmodule3.dll [PX5: EBFDC52C0011C3C2B0920B7DCD3686001E746178]
[G] c:\windows\system32\networkexplorer.dll [PX5: 903E7BDD00FBDC62FA4221719A429D00D5C56832]
[G] c:\program files\quicktime\qttask.exe [PX5: 5003E43B0082A76A50CC06A4E0658900B9BCF565]
[G] c:\program files\common files\adobe\updater5\adobeupdaterinstallmgr.exe [PX5: 5FC0178C7886FC3243C7013A30DB8C007EA8ACE2]
[G] c:\program files\icq6.5\pb_videoconf.dll [PX5: DFB7DEAE00082609B08404A0C523850029A9F7ED]
[G] c:\windows\system32\unicows.dll [PX5: D4781969307EAB62F19B035D1C466000A9B53449]
[G] c:\program files\malwarebytes' anti-malware\vbalsgrid6.ocx [PX5: 928AD74810B32EA3952A072600C60C0096CF6B4A]
[G] c:\windows\system32\msdtckrm.dll [PX5: C39FE51A006D947842610536275EDE00CD703B06]
[G] c:\program files\samsung\samsung update plus\supnotifier.exe [PX5: 2EEC1BD2A88BA4FC0EA70B65C5217800B70E8DC2]
[G] c:\windows\system32\drivers\bthpan.sys [PX5: D96877E100F86E80680801A3412B5700D9FF25DF]
[G] c:\program files\cucusoft\ultimate-converter\filter\ac3filter.ax [PX5: 7A56A5A6003C1B2DE07707C908EB7D000B91F322]
[G] c:\program files\avira\antivir desktop\scewxmlw.dll [PX5: 22FFC221014E55B6EF46019CF78FDF007B3966D0]
[G] c:\program files\quicktime\qtsystem\quicktimestreamingauthoring.qtx [PX5: 4B3AA23100F24774707C054BC13C3A0089205A83]
[G] c:\program files\ccleaner\uninst.exe [PX5: 9F2E2D34BDF86921D12E015809A7C5009F2A19DB]
[G] c:\program files\icq6.5\dbenderc14.dll [PX5: 887E98D70066C213902606C50C0E4500F324A3D6]
[G] c:\windows\system32\evr.dll [PX5: BA672A41000D1B4C6A050716ECE4F300FBE66C33]
[G] c:\windows\system32\wshom.ocx [PX5: 8DFB48D9008D2D0B101602C948D8660013942E7C]
[G] c:\windows\system32\wmpeffects.dll [PX5: 94B5894000E3BC45A20204E859312E00B8722C78]
[G] c:\windows\system32\wpdshext.dll [PX5: B240F67000200964B817267FA6A2BA00A3AB4A0A]
[G] c:\program files\quicktime\qtplugin.ocx [PX5: BC0020353087480EE5D60B13A416DC00CDD0E341]
[G] c:\program files\total video converter\mpeg2decfilter.ax [PX5: 44CE31120044EF1DB0B20608C55C4A00A3726FB0]
[G] c:\windows\system32\fontext.dll [PX5: 79694BAD0041E25D2C4F025BAE24740003796A33]
[G] c:\windows\system32\dvobsub.ax [PX5: 1F958DF200684D5ED01A03FE844CC400296AE958]
[G] c:\windows\system32\drivers\pxsec.sys [PX5: 449EE65D0816D5746CFC004B8A039C005B1D0006]
[G] c:\program files\common files\px storage engine\pxdrv.dll [PX5: 6E0E4E0FF870BDC2EA62071D760297001C8E4005]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll [PX5: FD5B6444004418322A910874C518AF007FC5D1FF]
[G] c:\windows\system32\rasdlg.dll [PX5: 6A27BA8E0032CB489A5A0CA288A489008B345190]
[G] c:\windows\rthdvcpl.exe [PX5: 3B76982900F3152F40865D42D6A29C007E02CE82]
[G] c:\program files\common files\px storage engine\pxmas.dll [PX5: 836DB537F812A5CADAC40291F5C86A00B583EE87]
[G] c:\program files\total video converter\realmediasplitter.ax [PX5: 3912547800619257A0D6061FBCF6A400B516B08A]
[G] c:\windows\system32\qdvd.dll [PX5: AAE6967900C231149625076EBA82AB00A3775731]
[G] c:\windows\winsxs\x86_microsoft-windows-tabletpc-inkball_31bf3856ad364e35_6.0.6002.18005_none_cbf1f985670d2173\inkball.exe [PX5: 1064A996008665FA24811361C075A90049561098]
[G] c:\windows\system32\msvcp71.dll [PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[GP] c:\windows\ehome\ehres.dll [PX5: 3CEE61B800B5F2F34A7E9A9E17D4DE00C26843A1]
[G] c:\windows\system32\netcenter.dll [PX5: FF68B609000DFDCBF68E21782FE2EE004999CE9A]
[GP] c:\program files\divx\divx player\divx player.exe [PX5: 7809923300DF89F690302DFA61CB32005A19AEDF]
[G] c:\program files\winrar\winrar.exe [PX5: F470943B00974DAAC8C30E5AFA2D8700DB4E9779]
[G] c:\program files\adobe\reader 8.0\reader\acrord32.exe [PX5: 14B1D57F70D4C970368E05E929733300A0A3AB98]
[G] c:\program files\openoffice.org 3\program\soffice.exe [PX5: 946C12B4006701B648B8711E165EC000E9F77A51]
[G] c:\windows\system32\mstask.dll [PX5: 29DA96C4000E3C7926A2035CEAA36A00BD4E34D0]
[G] c:\program files\quicktime\quicktimeplayer.exe [PX5: 2A6399483022E4E475687528D7D0B300255EDB36]
[G] c:\windows\downloaded program files\zylomgamesplayer.dll [PX5: BBB4DAB4B85356F9780702C1359ABA00C57F7D88]
[G] c:\windows\system32\qt-dx331.dll [PX5: C9F371530031E58DE000360B1F59620004BE1690]
[G] c:\program files\adobe\reader 8.0\reader\plug_ins\accessibility.api [PX5: E643E59B63AF789E6C24056426CA1E0007AF1E49]
[G] c:\program files\divx\divx player\libdivx.dll [PX5: DE702AD400451BAF80690FB22AB46300645F6904]
[G] c:\users\jens knossalla\desktop\bittorrent-6.1.2a.exe [PX5: 8A78872418E73C2BC53E1A8FE14AC6004E483D13]
[G] c:\program files\quicktime\qtsystem\quicktimeh264.qtx [PX5: 55174CB800F980DB6001373379859D005091E037]
[G] c:\program files\cdburnerxp\cdbxpp.exe [PX5: ADE5E59300DF2798707D1BC4358921005416FB23]
[G] c:\program files\quicktime\qtsystem\quicktimempeg4authoring.qtx [PX5: 68058D720032DA44E06108B724AC5E003024DB54]
[G] c:\program files\microsoft sql server\90\shared\sqlbrowser.exe [PX5: 50EECCD2200AC159AB0A031185A017003BEDFC7B]
[G] c:\program files\quicktime\qtsystem\quicktimeauthoring.qtx [PX5: EE10CD1F001CD0CE80F2225AADB01400997BD65C]
[G] c:\windows\system32\drivers\ql2300.sys [PX5: CC8042AE3807CB32209111C9A8306300CBC60F4B]
[GP] c:\program files\divx\divx web player\npdivx32.dll [PX5: 424D1C4800BBC41B54C9142E0C9A9E003ECB6537]
[G] c:\windows\system32\inetcpl.cpl [PX5: 19E1FC5500663A65E4211BF5F741E50024782B5A]
[G] c:\program files\common files\adobe\updater5\adobeupdater.exe [PX5: F8E7787878E12F70F37B233F565C7D00A9831D7E]
[G] c:\users\jens knossalla\appdata\local\temp\pxinstall219.exe [PX5: 0418016438820A3DAA8842C335276F00FC6A1BE9]
[G] c:\program files\prevx\prevx.exe [PX5: 0418016438820A3DAA8842C335276F00FC6A1BE9]
[G] c:\program files\quicktime\qtsystem\quicktimeinternetextras.qtx [PX5: C25B46E100E99120B0C50C068E6A5900D44A53D5]
[G] c:\windows\system32\divx_xx07.dll [PX5: AD284E5B0092A92190080CD60B49CE0044CD576E]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll [PX5: FBF7E00A00FEA43F027F1CB224E3800009A6F945]
[G] c:\program files\adobe\reader 8.0\reader\bib.dll [PX5: 99CD440900A7FF43825401BAA89238007CB734B3]
[G] c:\windows\system32\usercpl.dll [PX5: AF10B5FD0088B5E726BB11A91B2C610017691BC6]
[G] c:\windows\system32\sud.dll [PX5: FDED475A006B74B8AE4B120252702B00A540021B]
[G] c:\windows\system32\slcommdlg.dll [PX5: 05BF979600443FC7E24108170A310C006C53074A]
[G] c:\windows\system32\networkmap.dll [PX5: 1359CB12009D97F9E0232EAD2A153D00B12949D1]

[G] c:\windows\system32\drivers\mouclass.sys [PX5: 5D99151A385A6A4986A50054F8095B00E6DD67E3]
[G] c:\windows\system32\driverstore\filerepository\msmouse.inf_8b7c4328\mouclass.sys [PX5: 5D99151A385A6A4986A50054F8095B00E6DD67E3]
[G] c:\windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6001.18000_none_e9286d318a269033\msoeacct.dll [PX5: E91AFEA700C793582452039557E449006DB7323F]
[G] c:\windows\system32\redir.exe [PX5: BBB40CA81A6B88910B880064D16CFA00C9D4ABA4]
[G] c:\windows\system32\pdh.dll [PX5: 00AE5D1E00C1FBCFB21603C0953EC7004722FAA6]
[G] c:\windows\system32\werfault.exe [PX5: 2B08BC4900DAAEAE509A03E59A6B4B0098F43B49]
[G] c:\windows\system32\dbgeng.dll [PX5: 233DEFA600EF331854CB1C3C6D89AD00413D5934]
[G] c:\windows\system32\drivers\beep.sys [PX5: 1D9A84CD0011D68F180000F72FDC970008C067E0]
[G] c:\windows\system32\drivers\luafv.sys [PX5: 220EAB840022AF234AA701581C419F007030314A]
[G] c:\windows\system32\hal.dll [PX5: 4F0196E3E8199835B3F802D1869E9D0002471F06]
[G] c:\windows\system32\drivers\volmgr.sys [PX5: 29231B3F38615870CEFD00804498F500EFB0029F]
[G] c:\windows\system32\ping.exe [PX5: 8C49BA8900C7A7E33CE500EFFA0FD40067093BDE]
[G] c:\windows\system32\drivers\battc.sys [PX5: E9979877386881476EBE005016D117005698B8B4]
[G] c:\windows\fonts\vgasys.fon [PX5: 374F9840707DD0451C8100F3EB938400C3FB24D8]
[G] c:\windows\system32\xolehlp.dll [PX5: 6317E61B0026CA51989F00221EE7980051F79AE5]
[G] c:\windows\system32\kbdgr.dll [PX5: A07659C1005B36E0180E009E741F0B00CFD48FEB]
[G] c:\windows\system32\drivers\kbdclass.sys [PX5: BDB5C9F9381CA1918ABB00E8D3CC4D00BBFF8D47]
[G] c:\windows\system32\mssitlb.dll [PX5: 475A35D600DB75E954F501682A88B0003BF212C5]
[G] c:\windows\system32\drivers\swenum.sys [PX5: B58ED179B8D4BBBA3B9D00C6D0829F00FA442DFE]
[G] c:\windows\system32\mscdexnt.exe [PX5: 52C7505DCE68C3CE02840096EC8DC1007D8FF75A]
[G] c:\windows\system32\drivers\usbehci.sys [PX5: DA19CC1900CA77D59C9600E61152A00045688CAF]
[G] c:\program files\adobe\reader 8.0\reader\jp2klib.dll [PX5: 61ACFD7A0076E973D4ED06BE6456AA0065D27E09]
[G] c:\windows\system32\framedynos.dll [PX5: 9019FAC600984B6F20A5031D4F01170050C5C36D]
[G] c:\windows\system32\sndvol.exe [PX5: 87C19F330045B9E204F003270F764D00BFB75474]
[G] c:\windows\system32\drivers\intelppm.sys [PX5: 9E654644000831DAA2A400612C8C630077D2D298]
[G] c:\windows\system32\driverstore\filerepository\cpu.inf_ce69b789\intelppm.sys [PX5: 9E654644000831DAA2A400612C8C630077D2D298]
[GP] c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelinstallrc.dll [PX5: FA77A943701B6AAE23D300ABC8BF0A004A77B967]
[G] c:\windows\system32\drivers\mssmbios.sys [PX5: 38C5FB1438AA748E7A200080A3018F007D1F8E9E]
[G] c:\windows\system32\drivers\nvhda32v.sys [PX5: 1A899607202BDF52AEBE00EF3E2A41005D2098B8]
[G] c:\windows\system32\drivers\bthenum.sys [PX5: 9C08315600C534994C63003B3C2E0700AA99910B]
[G] c:\windows\system32\dosx.exe [PX5: CC235A0120CDAE9FD1470091A9B5640029512C93]
[G] c:\windows\system32\actionqueue.dll [PX5: E384B010006C65E38ED90277A6BA26001BFD6C54]
[G] c:\windows\system32\drivers\acpi.sys [PX5: D99F18CAD8D2D5060DD70457338C580059D34B48]
[G] c:\windows\system32\appinfo.dll [PX5: 097BA60500A9DBC282C1005A805FF8000202BA13]
[G] c:\windows\system32\procinst.dll [PX5: B2B8A1510027A4541E7A005EB771550033D8C5D3]
[G] c:\windows\system32\drivers\compbatt.sys [PX5: AAE12C9938D9F2555119008D6F2CD800C4AA0711]
[G] c:\windows\system32\mfcsubs.dll [PX5: 91D0164D002E954068B900881DA831008664256C]
[G] c:\windows\system32\muiunattend.exe [PX5: 1B91AF9A0027D9BC022B0164EF9C600005E87E7F]
[GP] c:\windows\system32\oobe\ooberesources.dll [PX5: 34CD40100047056C22302075669BCC009C755157]
[G] c:\windows\system32\drivers\i8042prt.sys [PX5: 6909F5B6006B3A25D6AB00761686CE00B815D5AC]
[G] c:\windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6001.18000_none_e9286d318a269033\acctres.dll [PX5: 259837E2009472B89AC300DA8CEFB7001B953EA4]
[G] c:\windows\system32\wercon.exe [PX5: 6E16469E00D0448172A9110094888F0062E8964C]
[G] c:\windows\system32\drivers\usbuhci.sys [PX5: 342F5E6E003C07CB5CF10081E910E100E0F7CE92]
[G] c:\windows\system32\wer.dll [PX5: A4B4055500AA2F135EBD0D70B859AD00712E36E5]
[G] c:\windows\system32\racagent.exe [PX5: 976C3EB100E6747D50B2000BEACADB00787070B2]
[G] c:\windows\winsxs\x86_microsoft-windows-r..bilityanalysisagent_31bf3856ad364e35_6.0.6001.18000_none_26c0a2eaa039cb7f\racagent.exe [PX5: 976C3EB100E6747D50B2000BEACADB00787070B2]
[G] c:\windows\system32\drivers\atapi.sys [PX5: 69620963381F22CE54800059D5653100FF8D1DD7]
[G] c:\windows\winsxs\x86_microsoft-windows-identitycrl_31bf3856ad364e35_6.0.6001.18000_none_518dd3eb3e5e6f23\ppcrlconfig.dll [PX5: C6B1B04C00E7383A3DB600BF38646D007C36D224]
[G] c:\programdata\microsoft\identitycrl\ppcrlconfig.dll [PX5: C6B1B04C00E7383A3DB600BF38646D007C36D224]
[G] c:\windows\system32\drivers\iastor.sys [PX5: E5E421C9181FE06BDEB204B2C27CCB008F471EF7]
[G] c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\searchfilterhost.exe [PX5: 0D2A726E003145F0561801A8F7656E007FC7F6DC]
[G] c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.0.6001.18000_none_55236d7549c923f0\wab32res.dll [PX5: 63C8E65F00F0FD4AC44A109CF5152300B7DFDC30]
[G] c:\windows\system32\corpol.dll [PX5: FB6FCBB400162ED1448100AD3C88330050141C57]
[G] c:\windows\system32\secur32.dll [PX5: 452A5E720008E46D1C560174A4F9690080591EBE]
[G] c:\windows\system32\drivers\cdrom.sys [PX5: BA60834E00479C3C0606014B4BC81C00B7A0A15A]
[G] c:\windows\system32\fdproxy.dll [PX5: FE1B4CBB007CED525E73006843904200C5B656C0]
[G] c:\windows\system32\wmpcm.dll [PX5: B3B66286006013E0562700349435B0003DD22CD8]
[G] c:\windows\system32\drivers\athr.sys [PX5: C82225DC00597368887C0B1674A77800E36E1617]
[G] c:\program files\quicktime\qtsystem\quicktimejavaextras.qtx [PX5: E3E12CDD00B852411461003B3C2E0700F7F19F6D]
[G] c:\windows\system32\drivers\mouhid.sys [PX5: 0CCEAC1800CD9A573EBD004882F4C5004A1CFB82]
[G] c:\windows\system32\driverstore\filerepository\msmouse.inf_8b7c4328\mouhid.sys [PX5: 0CCEAC1800CD9A573EBD004882F4C5004A1CFB82]
[G] c:\windows\system32\drivers\pci.sys [PX5: 325F550FE84315DE47A6021E811CAF002D82B07C]
[G] c:\windows\system32\userenv.dll [PX5: 27F6FC1E00D15B31A8EB01B27F897200364112CC]
[G] c:\windows\system32\iscsidsc.dll [PX5: 11780B7C005BE565C0500004B0E0E500799B250F]
[G] c:\windows\system32\mfpmp.exe [PX5: 4BF86A5C00BBC492607B00E6978F8B00D6307E99]
[G] c:\windows\system32\kmsvc.dll [PX5: 62EA918F005C1D4A0ACC01796EF06100E81413B0]
[G] c:\windows\system32\driverstore\filerepository\input.inf_a7cfdec8\hidclass.sys [PX5: E64B130B00963109980300BAAE200900E649A054]
[G] c:\windows\system32\msctfmonitor.dll [PX5: 60E6755500740C604CAE00D32AC04F00F3F994B5]
[G] c:\windows\system32\drivers\yk60x86.sys [PX5: 9046D76100271C108E89048DE8CBF300A6C7D0A6]
[G] c:\windows\system32\iconcodecservice.dll [PX5: 7C6903220060C012263900F9C81C300001924726]
[G] c:\windows\system32\wudfsvc.dll [PX5: F8B79DB2005AE1ABD81900740331D2002264DF62]
[G] c:\windows\system32\drivers\monitor.sys [PX5: CF0F7AF90085F473A4110054298A8E00288162A2]
[G] c:\windows\system32\wcescommproxy.dll [PX5: 23F1F0AB8835F0D0619200144D46A8002EE36D7D]
[G] c:\windows\hh.exe [PX5: FC606507009F635B3A89009082CF1200A2462351]
[G] c:\windows\system32\drivers\usbport.sys [PX5: 40E58F6100056B3374E2033DC12439004BBDDE44]
[G] c:\windows\system32\drivers\tdx.sys [PX5: DC1FEB280019BD4B1A4201C8BF0E6D004B7125FE]
[G] c:\program files\avira\antivir desktop\msgclient.dll [PX5: 8611BDB10151AC1F3D4800EACA6FD40048ECAA0C]
[G] c:\windows\system32\certprop.dll [PX5: F96001C300386E7F9E28006C141C1E002FD3B3F7]
[G] c:\windows\system32\netplwiz.dll [PX5: 6949BB3D009D9590C2200208AF456400000A4D80]
[G] c:\windows\system32\wcspluginservice.dll [PX5: 39CC39F9009B0A1C7E2900AF46D8E00059A7C3E0]
[G] c:\windows\system32\drivers\hidusb.sys [PX5: 8995FE7F0061B56A32D500AC05E6B0007708B68E]
[G] c:\windows\system32\drivers\volsnap.sys [PX5: B27B7894E89151F3735D037729F5610057A4326B]
[G] c:\windows\system32\drivers\hidclass.sys [PX5: 798593C1008B134C9AEF00F83301950092C08E26]
[G] c:\windows\system32\rapiproxystub.dll [PX5: 6F7DB14B88031E5D5F6C006904626300AC78FF27]
[G] c:\windows\system32\drivers\portcls.sys [PX5: 37117602002E6A7D909E02ED750ED900D9F6A63E]
[G] c:\windows\system32\sluinotify.dll [PX5: EC487D5C00677D21EE69001993CE8300BE984BEE]
[G] c:\windows\system32\drivers\msiscsi.sys [PX5: 33E57530E8157EB4C14202201BF0A2007AE3F74F]
[G] c:\windows\system32\driverstore\filerepository\input.inf_a7cfdec8\hidusb.sys [PX5: 6D98C26000517620303A00DBA29FF900ADA9C277]
[G] c:\windows\system32\pcasvc.dll [PX5: A0694926003EC6A694F4001B8AF3A7004E9BA6D8]
[G] c:\windows\system32\locator.exe [PX5: 4C5430310083E42B1E9B000033B9280085C88398]
[G] c:\windows\system32\lmhsvc.dll [PX5: A58AAF0200B7CC104A1C0056A08126006D7DA8E7]
[G] c:\windows\system32\drivers\hidparse.sys [PX5: 0F4CEA698073B27A6393009D4519F8006575AE09]
[G] c:\windows\system32\driverstore\filerepository\input.inf_a7cfdec8\hidparse.sys [PX5: 0F4CEA698073B27A6393009D4519F8006575AE09]
[G] c:\windows\system32\eapsvc.dll [PX5: 79A6323A00D0DEC8E0B4003947DACD006FF9E2A2]
[G] c:\windows\system32\wmdmps.dll [PX5: DAF6114600065BFD90A1003589B666001CF5462A]
[G] c:\windows\system32\drivers\usbhub.sys [PX5: 8EA6996F00C28054FEDE028BAAB35500E242F742]
[G] c:\windows\system32\drivers\drmk.sys [PX5: A9590F8000084B2BFC3C01B701D93100B1A3467C]
[G] c:\windows\system32\imgutil.dll [PX5: 3A6775EC009880D28EF7009DECB3C300A3270AA5]
[G] c:\windows\system32\drivers\vmc302.sys [PX5: 8FE7A3798044438FB189039D4262BA008F3EF8E7]
[G] c:\windows\system32\drivers\rtkvhda.sys [PX5: 6A6DEBDFD8DA008206F1204D6E88F30035E3A16A]
[G] c:\windows\system32\dllhost.exe [PX5: 55C20DF100B5B9391CF4003D4F0E740002408059]
[G] c:\windows\system32\snmptrap.exe [PX5: 9DD5B6C50089ED48322E00FC5882FE00A3EE64D0]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll [PX5: 3C9B909F00336528CA32008C106ED400A8F8839C]
[G] c:\windows\system32\drivers\usbccgp.sys [PX5: 60CC14E500FF8CA61E350159BAF41C00117B5B89]
[G] c:\windows\system32\riched32.dll [PX5: 011D1F37004C48FE20E7003B3C2E0700F6D12177]
[G] c:\windows\system32\drivers\syntp.sys [PX5: B8D0329FB0A32856F325025C9010A100CE317029]
[G] c:\windows\servicing\trustedinstaller.exe [PX5: 8897BE64001829099AF20090D184EF0042223D03]
[G] c:\windows\system32\drivers\hdaudbus.sys [PX5: 419B968C008F46629038088E9C3BDC0060A2F2D2]
[G] c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6002.18005_none_3d746908b76294a3\searchprotocolhost.exe [PX5: D375D83B00819597D4AC021DD07C5A00414ECA25]
[G] c:\windows\system32\msoeacct.dll [PX5: E91AFEA700C793582452039557E449006DB7323F]
[G] c:\windows\winsxs\x86_microsoft-windows-photolibrary_31bf3856ad364e35_6.0.6000.16386_none_5fc28c0e19044691\windowsphotogallery.exe [PX5: 079F655700314A441E9D022D94FFE900DCE13471]
[G] c:\windows\system32\audioses.dll [PX5: F1DE30B400D7949EC4EA011F41AF68005646DD58]
[G] c:\windows\system32\wbem\wmiutils.dll [PX5: ECC609F8008EC213487B01292F29CD0067A933DD]
[G] c:\windows\system32\edsapodll.dll [PX5: F404DE6800751E7C58510102E7148900DD809119]
[G] c:\windows\system32\wpdbusenum.dll [PX5: C9534E38005D9A6412A60112E022B400B0B28579]
[G] c:\windows\system32\drivers\nvlddmkm.sys [PX5: AD3A3B126006514B2CF073F03DB4FE0068FE4F2F]
[G] c:\windows\system32\presentationhost.exe [PX5: FDA30DF570C3E58AF1B40411CE44BB00D8EDBB51]
[G] c:\windows\system32\rundll32.exe [PX5: 15596D3C00A57F2FAE410042EEB11B00FAF9E563]
[G] c:\windows\system32\wbem\ncprov.dll [PX5: 8E9F3193005A0E5DE2FA00AFA7CC68005F671DD7]
[G] c:\program files\adobe\reader 8.0\reader\reader_sl.exe [PX5: C7DF4D8770F70EDD9BCB004605B38200E373D9BE]
[G] c:\program files\avira\antivir desktop\sched.exe [PX5: 1C7739A201248E19A77F01DFE9AC4800B507E805]
[G] c:\windows\system32\audiodg.exe [PX5: 19E12DB900A07FA65AF4017CB96088000526D5FD]
[G] c:\windows\system32\scardsvr.dll [PX5: 5B46DDFB00CB5CC374DA01BE128A9700BC05AC92]
[G] c:\windows\system32\dps.dll [PX5: EF9F6D2600AD12CB0E74029663798000BD81F282]
[G] c:\windows\system32\wdi.dll [PX5: 6BF4F11E0031B83C20E201E1C037F7000EEB79F9]
[G] c:\windows\system32\input.dll [PX5: DEC73E21004C62BE107903E799CC2C008DA92C7F]
[G] c:\windows\system32\drivers\aliide.sys [PX5: 677E54E038367F7E44C400FBC8264D0050BFBE85]
[G] c:\windows\system32\dot3svc.dll [PX5: 8C78C2F200F4FE54AE6802545566130073AC2300]
[G] c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe [PX5: F5BE9E28485C0BA1354E02CCD22C41004D4D7B5B]
[G] c:\windows\system32\drivers\kmdfmemio.sys [PX5: 668034830081045F34E8004DA1B1B3004033F07C]
[G] c:\windows\system32\scecli.dll [PX5: 6B2B118B00BE7BF6B446028C05D41A009708B100]
[G] c:\program files\avira\antivir desktop\avwinll.dll [PX5: C0C67A9F0104D7A6470C00AB48CCCC001C69C72A]
[G] c:\windows\system32\pla.dll [PX5: 5D9BB6FF00C2E529ECE7167BDAFD2A00A5A496CD]
[G] c:\windows\system32\tabsvc.dll [PX5: 56D012B400C53C120ACF0125CC25850018690F7B]
[G] c:\program files\avira\antivir desktop\lukeres.dll [PX5: 62738910010BE9DE351C00428DE7840040082785]
[G] c:\windows\system32\msfeedsbs.dll [PX5: 494A500500F1A3A0CC6C00C2344216005CBC7AB8]
[G] c:\windows\system32\wuapp.exe [PX5: 736B47F600D971A57AAD001F8472AF0015F9C150]
[G] c:\windows\system32\wbem\wmiapsrv.exe [PX5: 843D39DD006743031A4B023D5033040088A2A98F]
[G] c:\windows\system32\wbem\wmisvc.dll [PX5: 1A9286D9002583987A0C02763D7B77008E7BD6F4]
[G] c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll [PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42]
[G] c:\windows\system32\schedsvc.dll [PX5: 16C48BBF00ACBB42162C09B001B6A800DF5A92E6]
[G] c:\windows\system32\drivers\kbdhid.sys [PX5: F2CAF77A00CC38183E72001B98D593006400CEAC]
[G] c:\windows\system32\rshx32.dll [PX5: A4C245630062AFB5AAF0002BFC53F30054251D30]
[G] c:\windows\windowsmobile\bthasplugin.dll [PX5: C2E684D8881AA6217BDF001288C28B00D1AB2F8E]
[G] c:\windows\system32\rpcrt4.dll [PX5: FB1BF27500230B11FA630B66A41F9900B053016C]
[G] c:\windows\system32\wbem\wbemsvc.dll [PX5: D35CB04F005B9AB2C0C500BB230B0E00F8DAF78B]
[G] c:\windows\system32\termsrv.dll [PX5: A866CABB003EEFB1DABF062EBE17B3003BCE3902]
[G] c:\windows\system32\syncom.dll [PX5: 5DCEF2FA002D6AC9809402120CD1BB000C63D28A]
[G] c:\windows\system32\wups.dll [PX5: 6C3A0D501835396B866D00A4D094600028D4A328]
[G] c:\windows\system32\wbem\wbemprox.dll [PX5: 4A4D4D490085F078768C00355194B8000D12BF69]
[G] c:\windows\windowsmobile\wmdsyncman.dll [PX5: AFEF399988489237E3DA0003AE669D004D95D8C8]
[G] c:\windows\system32\audiosrv.dll [PX5: 8A0EB62E00E94336D030048F1D1E3900445FD9F3]
[G] c:\windows\system32\p2pcollab.dll [PX5: AF907BA800A8B7872A7706033647AE009FDDB989]
[G] c:\windows\system32\drivers\viaide.sys [PX5: 616EB9AB3884EBAC4E73005FBA01A900B03F5205]
[G] c:\windows\system32\plasrv.exe [PX5: 39B30AC200FC325C1E9B000D864AD700422C38E1]
[G] c:\windows\system32\wbem\unsecapp.exe [PX5: 413135C3009A086C947C007EDA7F1D006799F8AF]
[G] c:\windows\system32\wpdshserviceobj.dll [PX5: BA6FA2A600A53B4702BE02280454F0007A837516]
[G] c:\windows\system32\inetmib1.dll [PX5: B6782045007BD887CEE100A98F969600C8260C35]
[G] c:\windows\system32\drivers\errdev.sys [PX5: 382174E900F8553F1A35005BDDD69A0010AC0936]
[G] c:\windows\system32\uxsms.dll [PX5: 80C10EC500D5C85A728100BEF28C17002902E5D0]
[G] c:\windows\system32\sessenv.dll [PX5: 93896BC40022132F4CC1019F293EB200EF769835]
[G] c:\windows\system32\drivers\brusbmdm.sys [PX5: CCFC2FCD80207DF32FC3008422FE9400EAA462D3]
[G] c:\windows\system32\drivers\sffp_mmc.sys [PX5: F11CC253007BBCC630B300FC502EE4003A29B7B4]
[G] c:\windows\installer\{6956856f-b6b3-4be0-ba0b-8f495be32033}\applesoftwareupdateico.exe [PX5: 5DDA7F3F000D13566AA0008016B27F001CFEBC4F]
[G] c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\winmail.exe [PX5: DF558E1A0097E43310EA066AA96E5B00F2B9DE7D]
[G] c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6001.18000_none_42a95d80d7929e62\wab.exe [PX5: 7BC2024600346F6FE0AA079547208600366471D6]
[G] c:\program files\microsoft sql server\90\shared\sqladhlp90.exe [PX5: 06AF60D3D8F95B65B0CB005DD3686400954911FE]
[G] c:\windows\system32\actxprxy.dll [PX5: 06EA10E700A1F8CFFC8B04643F1CE4009ED89903]
[G] c:\windows\system32\msxml3.dll [PX5: FFA20CCC006F36190EA012D93D6093009440C5EF]
[G] c:\program files\itunes\ituneshelper.exe [PX5: C63A2B3328EBE7A275960481F11AD80087989732]
[G] c:\windows\system32\drivers\serenum.sys [PX5: 0278280100127AEC469E00C163E836008988E8D0]
[G] c:\windows\system32\drivers\sermouse.sys [PX5: 19530A5E0084CD964EF500672964DA003BF51A5E]
[G] c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll [PX5: 662CECA200670C9EB06A1AF070ABDD001F8AADD4]
[G] c:\program files\icq6.5\mbcontainer.dll [PX5: D06C022C00C0DEA35C74010D934772007F2049FC]
[G] c:\windows\system32\drivers\brfiltup.sys [PX5: F23529B080BD23ED14F20017935C96005CBA5F99]
[G] c:\windows\system32\drivers\sfloppy.sys [PX5: B14FA86B00BFC46934280036DEE5400050FC34F9]
[G] c:\windows\system32\drivers\intelide.sys [PX5: B6205E5A38154B0846CA00EDC97648004FAA7BDA]
[G] c:\program files\avira\antivir desktop\avguard.exe [PX5: 3C24B98E01B1D794D3820278FD96200004355486]
[G] c:\windows\system32\wmalfxgfxdsp.dll [PX5: 1E220177008F9FA0067F14A6B9566000EDAFC7B2]
[G] c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [PX5: 5D4659B00063EB45B45119E091F22300C65D8A33]
[G] c:\windows\system32\drivers\sffp_sd.sys [PX5: A3F88F8B00F8F7AD2E4B005A22D1DD00F0B19E4C]
[G] c:\windows\system32\wmpshell.dll [PX5: A2D258F90051EB0D8C63012F636AED00680DA0F3]
[G] c:\windows\system32\drivers\sffdisk.sys [PX5: 7D84BC7D00BD77A1349400EDDCAC7500FF50774A]
[G] c:\program files\ipod\bin\ipodservice.exe [PX5: B41ACFAD28A743C745D308B0F2EF610030C56663]
[G] c:\windows\system32\mfps.dll [PX5: E71CB18C00C00FAC82FE012F66BCED00F8EED67D]
[G] c:\windows\system32\drivers\pxscan.sys [PX5: CF322FCA08A3C93D56F800E77649BD00AEA6F0AF]
[G] c:\users\jens knossalla\appdata\local\temp\kavff1f.tmp [PX5: 7C09EF3700B52540708701240A9814000D7BD7EC]
[G] c:\windows\system32\dxtrans.dll [PX5: 762733CF00863A414650032AD871A000255FD01E]
[G] c:\windows\system32\drivers\amdide.sys [PX5: 4B6BAB9A38C412C246970022356BB8001D1C96FF]
[G] c:\windows\system32\portabledeviceclassextension.dll [PX5: 9C17C6F100C2A3517281013313A6EF003F7C973C]
[G] c:\program files\avira\antivir desktop\avscan.dll [PX5: F93A85D80126A178C1AA00D7E3A1A100DA0BF37C]
[G] c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\wcp.dll [PX5: 1FDDAFE200FAB543F6671B4651FCED001B4EAA6C]
[G] c:\windows\system32\drivers\amdk7.sys [PX5: 338737B500258F60A20000C31296D9002EEC34B2]
[G] c:\windows\system32\consent.exe [PX5: F662874E00041E0D4052017AD6AC06002B83E05C]
[G] c:\program files\common files\microsoft shared\ink\tiptsf.dll [PX5: EC3D45CB00CEA434CE2605DF633030005DC1C4A5]
[G] c:\program files\windows mobile device handbook\windows mobile device handbook\bin\devicehandbook.exe [PX5: 843A330600EDF95A00C115FF18EDE300E0AEEDE4]
[G] c:\windows\system32\drivers\wmiacpi.sys [PX5: D37240480030EFB62CFA006F00C35900EE1E3AC0]
[G] c:\windows\system32\drivers\usb8023x.sys [PX5: 0A538D3E00BE6E243E9400270481EF006E3C4A77]
[G] c:\windows\system32\drivers\cmdide.sys [PX5: 292FEC593805C1784A7C003B40D86A007611AC15]
[G] c:\program files\avira\antivir desktop\avgnt.exe [PX5: 7682773C01F3E84E31D1031FFA25F300A889A0C2]
[G] c:\windows\system32\drivers\brusbser.sys [PX5: 6677F6E180564D4F2EF4002700C6CE00BA54352C]
[G] c:\windows\system32\drivers\usbprint.sys [PX5: DEB1D67E001C9E2C4A1E00BD21F79700B9E97221]
[G] c:\windows\system32\drivers\ndisuio.sys [PX5: 48ADD75C00D91FC042FA000AE7420000D6B34296]
[G] c:\windows\system32\qutil.dll [PX5: 0147EC9000233161365F0196FA469D001AF420B8]
[G] c:\windows\system32\drivers\parvdm.sys [PX5: 9700674E00B38CB3229F0022F202600073A12FE9]
[G] c:\windows\system32\drivers\btwrchid.sys [PX5: F7F7B1D8289F30903FC600B03A5D4100BEF815EB]
[G] c:\windows\system32\rapi.dll [PX5: CA53244488281B0E9B07013EC13822006E1FD5A5]
[G] c:\windows\system32\drivers\brfiltlo.sys [PX5: E7CBD7A900A2E0BF35E7002A96AA7B0041ECE0DD]
[G] c:\windows\system32\drivers\flpydisk.sys [PX5: CA746197004768B25036002AECF4E9000F8CCF7B]
[G] c:\program files\quicktime\qtsystem\exportcontrollerps.dll [PX5: 684C63540083B68AF0EA004A6BAE04009089273D]
[G] c:\windows\system32\drivers\ntrigdigi.sys [PX5: 646665BE809DD10150DD0038ED4D2A009F1AB341]
[G] c:\windows\system32\remotepg.dll [PX5: 636025710024E24FE4E6005009CB6C00F0FC6313]
[G] c:\windows\system32\puiapi.dll [PX5: 2DE9E71400CB2DCD8AF0020EDFBEDD00FC4A9228]
[G] c:\windows\system32\drivers\pciide.sys [PX5: B343AAAF385A500D408700037CADDB008BC5E372]
[G] c:\windows\system32\drivers\usbohci.sys [PX5: E7C0C8200055FD2A4C7F005FB6B5BB007CCFB5EE]
[G] c:\windows\system32\dxtmsft.dll [PX5: 255C55D300A7748B4C9F05330DA46100250A4D3F]
[G] c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.18005_none_5a6a3a92226bedf8\msoe.dll [PX5: 2E0BC55100BD54BBACC71870C8D7890028004778]
[G] c:\windows\system32\webcheck.dll [PX5: 3FB0F9EE0014D4C59278035422856700CB4EE6C8]
[G] c:\windows\system32\xactsrv.dll [PX5: 83A65E8E00A11153741A011526382000772B3A44]
[G] c:\program files\common files\microsoft shared\web folders\msonsext.dll [PX5: B23962AD39AFC5B8208508E3395A0B00BC799650]
[G] c:\program files\samsung\samsung update plus\hmxml.dll [PX5: D86FE4BA00D3F33370600260C92554007FA08DEC]
[G] c:\windows\system32\drivers\iteraid.sys [PX5: EA884E83683067F98CD400D284729000D3245D6A]
[G] c:\program files\quicktime\qtsystem\quicktime3gpp.qtx [PX5: 9062FC2700BB0681602605D5BF5D26008F6FC5DE]
[G] c:\windows\zip.exe [PX5: 6A67689000B47A4A0A0D017314D3030032CE2915]
[G] c:\windows\windowsmobile\inetrepl.dll [PX5: E70356AE88187624B1B1022D3402F200747BB7B4]
[G] c:\program files\internet explorer\ieuser.exe [PX5: B396002900F9AD2E92C7040AA3BB580038C4B1B8]
[G] c:\windows\system32\ieapfltr.dll [PX5: 0EE34D6E0056C2B3D08D05AF13BC6100375D017B]
[G] c:\windows\system32\wmpps.dll [PX5: 806CCE78009B983D006E0214D4BB5800B12F06E5]