wmsncs.exe mit kolabc.bkf infiziert

rolf54 · 23.02.2009, 15:43

Frage
win 2k

wmsncs.exe mit kolabc.bkf infiziert. was hat das für auswirkungen?
habe alle dateien gelöscht, zeigt momentan nichts mehr an,
wozu braucht man wmsncs.exe ?
Gruß rolf54

Chris4You · 23.02.2009, 15:54

Hi,

die Meldung ist gut (Der Wurm ist mit einem Wurm infiziert

) ...
wmsncs.exe -> http://www.prevx.com/filenames/X3388853001040075551-X1/WMSNCS2EEXE.html
und
http://www.threatexpert.com/report.aspx?md5=874a95f4dd49d872537a8fbba5e6cf7e

Das hört sich insgesamt nicht so gut an...

Malwarebytes Antimalware (MAM).
Anleitung&Download hier: http://www.trojaner-board.de/51187-malwarebytes-anti-malware.html
Fullscan und alles bereinigen lassen! Log posten.
Alternativer Download: http://filepony.de/download-malwarebytes_anti_malware/, http://www.gt500.org/malwarebytes/mbam.jsp

chris

rolf54 · 23.02.2009, 17:54

hallo und danke für die schnelle antwort

habe alles so gemacht, hier der text:

-----------------

Malwarebytes' Anti-Malware 1.34
Datenbank Version: 1795
Windows 5.0.2195 Service Pack 1

23.02.2009 17:46:01
mbam-log-2009-02-23 (17-45-54).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 112836
Laufzeit: 17 minute(s), 29 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 8
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\dlp.dlpobj (Adware.WebDir) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1} (Adware.WebDir) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{b1e22eb8-2ae8-4e8e-96ae-74f2a1764533} (Adware.WebDir) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} (Adware.WebDir) -> No action taken.
HKEY_CLASSES_ROOT\dlp.dlpobj.1 (Adware.WebDir) -> No action taken.
HKEY_CLASSES_ROOT\AppID\DLP.DLL (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NET Runtime Optimization Service v2.1.41329_X86 (Trojan.Agent) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\IECODECPL.DLL (Adware.WebDir) -> No action taken.
----------------

habe die infizierten schlüsssel und die datei *.dll
gelöscht.

Wars das nun oder was ist noch zu tun ?

Gruß rolf

Chris4You · 23.02.2009, 20:23

Hi,

prüfe bitte noch mit:
http://www.trojaner-board.de/51871-anleitung-superantispyware.html
und ein HJ-Log gemäß dem Link in der Signatur

chris

rolf54 · 24.02.2009, 13:25

hallo Chris,
vielen dank nochmal für die Anleitung,
dauert alles immer ein wenig, da ich noch nebenbei arbeite.

ein excel-programm läuft nicht, wegen Laufzeit...
Biblithek nicht .... deshalb gesucht mit AVir nochmal auf Laufzeitpacker überprüft,
wurde mindestens einer entdeckt,
den habe ich erst mal in Quarantäne gelegt,
Datei
wmsoft47824.exe

excel-programm läuft trotzdem noch nicht....

muss noch was erklären, habe seit 10 Jahren nur win 98 benutzt, aber irgendwann
muss man halt umstellen, und auf win 2k aktualisiert,
dieser pc hat schon immer mal probleme gemacht, mein anderer ist besser aber langsamer,
der hängt nicht am internet und läuft gut.
hier habe ich noch keinen servicepack installiert, habe sp 1 da,
könnte das was helfen, sowas gabs bei win 98 nicht

vielen dank nochmal für die Anleitung,
die neue version sieht etwas anders aus, kann auch deutsch
hier der scan text:

------------------------
runtime error
alles cookies gewesen 35 st.
---------------------------
nochmal und dateri gefunden:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/24/2009 at 01:16 PM

Application Version : 4.25.1012

Core Rules Database Version : 3772
Trace Rules Database Version: 1731

Scan type : Quick Scan
Total Scan Time : 00:33:39

Memory items scanned : 347
Memory threats detected : 0
Registry items scanned : 293
Registry threats detected : 0
File items scanned : 42577
File threats detected : 35

Adware.Tracking Cookie
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@webmasterplan[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@doubleclick[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@tradedoubler[1].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@ads.heias[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@ads.quartermedia[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@adopt.euroclick[1].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@apmebf[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@euros4click[2].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@2o7[3].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@43836137[1].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@sales.liveperson[1].txt
C:\Dokumente und Einstellungen\Thomae\Cookies\thomae@fastclick[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@easymobile.122.2o7[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@mediavantage[2].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@komtrack[2].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@webstats4u[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@doubleclick[2].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@doubleclick[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@adtech[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@atdmt[2].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@tradedoubler[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@adopt.euroclick[1].txt
C:\Dokumente und Einstellungen\Default User\Cookies\thomae@2o7[2].txt
.doubleclick.net [ C:\Dokumente und

Einstellungen\Thomae\Anwendungsdaten\Mozilla\Profiles\default\h8m2wq8z.slt\cookies.txt ]
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@2o7[2].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@adopt.euroclick[1].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@tradedoubler[1].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@atdmt[2].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@adtech[1].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@doubleclick[1].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@doubleclick[2].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@webstats4u[1].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@komtrack[2].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@mediavantage[2].txt
C:\Dokumente und Einstellungen\Administrator\Cookies\thomae@easymobile.122.2o7[1].txt

soll ich alle cookies löschen, kein problem.

Gruß Rolf

Chris4You · 24.02.2009, 14:56

Hi,

versuche die Datei Wiederherzustellen und dann online prüfen zu lassen.
Was meldet Excel für einen Fehler?
Erstelle bitte gemäß dem Link in meiner Signatur ein HJ-Log!

Onlineprüfung:

Dateien Online überprüfen lassen:

Als erstes versteckte Dateien anzeigen lassen! (nur Punkt 1 durchführen!)

Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:

Code:

ATTFilter

wmsoft47824.exe

Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Du solltest auf jeden Fall die Servicepacks installieren!

System Reparieren:
Ggf. orher Backup machen
Lade Dir "Advanced Windowscare Professional" von folgender Adresse:
http://www.iobit.com/advancedwindowscareper.html?Str=download
Installieren auf Deutsch, Yahoo-Toolbar etc. abwählen.
Erstelle einen Systemwiederherstellungspunkt
(Start->Programme->Zubehör->Systemprogramme->Systemwiederherstellung->einen Wiederherstellungspunkt erstellen->weiter, Beschreibung ausdenken->Erstellen) oder lasse ihn automatisch erstellen.
Führe dann einen Update der Signatur/Reperaturdateien aus.
Lasse dann das gesamte System scannen und Bereinigen sowie
Immunisieren.
Damit werden einige Einträge wieder gerade gebogen, die von
Trojaneren/Viren verbogen worden sind...

chris

rolf54 · 24.02.2009, 15:39

hallo erst mal der packer:
--------------------------
Datei wmsoft47824.exe empfangen 2009.02.24 15:33:53 (CET)
Status: Laden ... Wartend Warten Überprüfung Beendet Nicht gefunden Gestoppt

Ergebnis: 8/39 (20.52%)

Laden der Serverinformationen...
Ihre Datei wartet momentan auf Position: ___.
Geschätzte Startzeit ist zwischen ___ und ___ .
Dieses Fenster bis zum Abschluss des Scans nicht schließen.
Der Scanner, welcher momentan Ihre Datei bearbeitet ist momentan gestoppt. Wir warten einige Sekunden um Ihr Ergebnis zu erstellen.
Falls Sie längern als fünf Minuten warten, versenden Sie bitte die Datei erneut.
Ihre Datei wird momentan von VirusTotal überprüft,
Ergebnisse werden sofort nach der Generierung angezeigt.

Filter
Drucken der Ergebnisse

Datei existiert nicht oder dessen Lebensdauer wurde überschritten
Dienst momentan gestoppt. Ihre Datei befindet sich in der Warteschlange (position: ). Diese wird abgearbeitet, wenn der Dienst wieder startet.
SIe können auf einen automatischen reload der homepage warten, oder ihre email in das untere formular eintragen. Klicken Sie auf "Anfragen", damit das System sie benachrichtigt wenn die Überprüfung abgeschlossen ist. Email:

Antivirus Version letzte aktualisierung Ergebnis a-squared4.0.0.932009.02.24-AhnLab-V32009.2.24.02009.02.24-AntiVir7.9.0.882009.02.24PCK/PESpinAuthentium5.1.0.42009.02.24-Avast4.8.1335.02009.02.23-AVG8.0.0.2372009.02.24-BitDefender7.22009.02.24-CAT-QuickHeal10.002009.02.22-ClamAV0.94.12009.02.24-Comodo9862009.02.20-DrWeb4.44.0.091702009.02.24BackDoor.IRC.Sdbot.3756eSafe7.0.17.02009.02.19Suspicious FileeTrust-Vet31.6.63692009.02.23-F-Prot4.4.4.562009.02.24W32/Damaged_File.gen!EldoradoF-Secure8.0.14470.02009.02.24Suspicious:W32/Malware!GeminiFortinet3.117.0.02009.02.24-GData192009.02.24-IkarusT3.1.1.45.02009.02.24-K7AntiVirus7.10.6392009.02.21-Kaspersky7.0.0.1252009.02.24-McAfee55342009.02.23-McAfee+Artemis55342009.02.23-Microsoft1.43062009.02.24-NOD3238852009.02.24-Norman6.00.062009.02.24-nProtect2009.1.8.02009.02.24Worm/W32.Kolabc.140800Panda10.0.0.102009.02.23-PCTools4.4.2.02009.02.24-Prevx1V22009.02.24-Rising21.18.12.002009.02.24-SecureWeb-Gateway6.7.62009.02.24Packer.PESpinSophos4.39.02009.02.24-Sunbelt3.2.1856.22009.02.24-Symantec102009.02.24Suspicious.MH690.ATheHacker6.3.2.5.2642009.02.24-TrendMicro8.700.0.10042009.02.24-VBA323.12.10.02009.02.24-ViRobot2009.2.24.16212009.02.24-VirusBuster4.5.11.02009.02.24- weitere Informationen File size: 108544 bytesMD5...: 07a6ef48392fe99b1bb22ebd657b1585SHA1..: 03c03a9d010da351313d3195804edbd11cb929f9SHA256: 7befc969515b44e4e1a0e9427f0cbedc1f19c426d49c30af704ce0b92717acc7SHA512: 5f97e17a193b484cee467800637c19f8e271b2afba93485c89f0f262c26c2f29
be4cc8ca0342f57efe2eb66b39faa29e80e2d02b4df658d7138612d9133e9b8essdeep: 1536:0kIrgj0rvsO27CEAEI2xSqRPE93cxoXtarMCblwpHIuyQohUdxg8POBhNBB
wJkde:tGgIjp2IEbEf9cg/hPyX+g8QE9adgB
PEiD..: -TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x6360d4
timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX 0x1000 0x233000 0x1c600 8.00 1615cf6a533e35f3b0358b1f854e8dc4
.rsrc 0x234000 0x2000 0x1200 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX 0x236000 0x4b26 0x4c00 0.00 d41d8cd98f00b204e9800998ecf8427e

( 0 imports )

( 0 exports )
packers (Kaspersky): PE_Patch

---------------------------------------

soll ich den löschen ?
......soooo einen kopf ran........

Gruß rolf

rolf54 · 24.02.2009, 15:50

......ich weis nicht, ob ich das alles richtig mache.....
das wurde angezeigt :
--------
Logfile of HijackThis v1.99.1
Scan saved at 15:46:28, on 24.02.2009
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MSTask.exe
C:\Programme\Securepoint Personal Firewall\driver\spfirewallsvc.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\explorer.exe
C:\Programme\PTBSync\PTBSync.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\programme\securepoint personal firewall\bin\sppfw.exe
C:\WINDOWS\system32\hpzstatx.exe
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRAMME\7-ZIP\7zFM.exe
C:\DOKUME~1\Thomae\LOKALE~1\Temp\7zO15.tmp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [PTBSync] C:\Programme\PTBSync\PTBSync.exe /Start
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Securepoint Personal Firewall] c:\programme\securepoint personal firewall\bin\sppfw.exe
O4 - Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{30848BB8-E7DA-404B-868B-37E68B5EB099}: NameServer = 192.168.120.252,192.168.120.253
O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\PROGRAMME\FRITZ!\de_serv.exe
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Securepoint Personal Firewall (spfirewallsvc) - Securepoint Latinoamerica S.A. de C.V. - C:\Programme\Securepoint Personal Firewall\driver\spfirewallsvc.exe
--------------------
soweit erstmal
Gruß rolf

rolf54 · 24.02.2009, 16:35

und noch das mit dem Excel:

(Ja wenn ich das richtig sehe steht da schon sp1 installiert oder nicht ?
dann war das schon auf der cd,)

der Fehler bei ( vorerst nur einer Excel - datei )
ist :
----------------
Laufzeitfehler: 214......779 ( 8002801d)
Automatisierungsfehler
Bibliothek nicht registriert
---------------------
debuggen ?

in visual basic

Gruß rolf

und besten dank nochmal.....

Chris4You · 24.02.2009, 16:47

Hi,

ja, Datei umgehend löschen ist ein Backdoor.
Damit ist der Rechner eigentlich nicht mehr sicher...

Du solltest unbedingt das System updaten, die Servicepacks sind mittlerweile bei 3 (für XP, für 2000 -> http://www.chip.de/downloads/Windows-2000-SP4_13005552.html) angekommen und der Internetexplorer bei der Version 7 (Du hast 5!);

So, folgendes mit HJ-fixen:

Hijackthis, fixen:
öffne das HijackThis -- Button "scan" -- vor den nachfolgenden Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
Beim fixen müssen alle Programme geschlossen sein!

Code:

ATTFilter

O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=

Danach ein neues HJ-Log;

Scanne bitte mit Prevx:
http://www.prevx.com/freescan.asp
Funde bitte als Screenshot posten, das Log ist zu unübersichtlich...

Stelle Avira wie folgt ein: http://www.trojaner-board.de/54192-anleitung-avira-antivir-agressive-einstellungen.htm
Führe einen Systemscan durch und poste das Ergebnis!

chris

rolf54 · 24.02.2009, 17:13

hallo sieht nicht so aus wie beschrieben :
Hijackthis, fixen:
öffne das HijackThis -- Button "scan" -- vor den nachfolgenden Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

sind 6 möglichkeiten buttons , v 2,02
danach scann er gleich los??

ist das das richtige programm
v 2,02 eben runtergeladen

rolf54 · 24.02.2009, 17:36

Teil 1 viel zu lang ::::::

Log Generated: 24/2/2009 17:24, Type: 0,0
Windows 2000 Professional Service Pack 1 (Build 2195) 32bit|1031
Some non-malicious files are not included in this log.

Last Scan: Tue 2009-02-24 17:22:51 Westeuropäische Normalzeit. Number of Scans: 1. Last Scan Duration: 2 minutes.
[U] (ACTIVE) c:\windows\system32\smss.exe [PX5: C443BDC210FB786EB17A00E3FF3B0000EC2E04EC]
[U] (ACTIVE) c:\windows\system32\ntdll.dll [PX5: 891488ED10B5B56AC31C077EBDC5BB007DAA3558]
[U] (ACTIVE) c:\windows\system32\sfcfiles.dll [PX5: 7484C8D110ACCB8C3BA40F864A098D0000A6ABE7]
[U] (ACTIVE) c:\windows\system32\csrss.exe [PX5: 92D4697B107DB30615B6008F20B9C900F50C94BC]
[U] (ACTIVE) c:\windows\system32\csrsrv.dll [PX5: 7F29D184108668E0872000D6F3F6AD0074B87B20]
[U] (ACTIVE) c:\windows\system32\basesrv.dll [PX5: 543E6230100A6ADA8DFB009282351700746E0861]
[U] (ACTIVE) c:\windows\system32\winsrv.dll [PX5: 3B13971510D1E8B5D90303EE64086C008C9E6CF3]
[U] (ACTIVE) c:\windows\system32\user32.dll [PX5: A709F59C100886672569069E76299700B862F828]
[U] (ACTIVE) c:\windows\system32\kernel32.dll [PX5: 18F1FD6510E14D5801D00C6819F4F700B6B1D51C]
[U] (ACTIVE) c:\windows\system32\gdi32.dll [PX5: C0818D791049A58093BA03C8906FB00007AAF21D]
[U] (ACTIVE) c:\programme\securepoint personal firewall\bin\spfwengine.dll [PX5: 36860B4700078DCE38D1067BC47F1C004A5B5953]
[U] (ACTIVE) c:\windows\system32\advapi32.dll [PX5: DBA8628310903C9877C505BADA7BF20012792652]
[U] (ACTIVE) c:\windows\system32\rpcrt4.dll [PX5: C6287992106FCF81D1FC062FE96F9F007645BC3C]
[U] (ACTIVE) c:\windows\system32\comctl32.dll [PX5: D19F187B1059FB0367D0088E0BAA5100ACEDDF56]
[U] (ACTIVE) c:\windows\system32\winlogon.exe [PX5: 86ADD382100A2CFDC1F0024D0E81F00006133E9A]
[U] (ACTIVE) c:\windows\system32\msvcrt.dll [PX5: 52D27EDB58154EE980D0041824BFDC00510F7A68]
[U] (ACTIVE) c:\windows\system32\userenv.dll [PX5: B0FC1BE410667577B37205E31BFA0B00D0ED9106]
[U] (ACTIVE) c:\windows\system32\nddeapi.dll [PX5: BDF6DC1510F888553F61002D9A342000B1E5CAE3]
[U] (ACTIVE) c:\windows\system32\sfc.dll [PX5: EACFC4303876134E702301121F9F9200DB1BE3BA]
[U] (ACTIVE) c:\windows\system32\secur32.dll [PX5: C39F1007106BE05DBDC5003442BE20002B958D92]
[U] (ACTIVE) c:\windows\system32\profmap.dll [PX5: 95149D82101A1EA4755D0034328662003295DE60]
[U] (ACTIVE) c:\windows\system32\netapi32.dll [PX5: D5C6CF73105D711FBDBC04B0464F4C0082187CB6]
[U] (ACTIVE) c:\windows\system32\netrap.dll [PX5: C74FE8AE107EB5C82D2D009583A7BD006F6D2AF8]
[U] (ACTIVE) c:\windows\system32\samlib.dll [PX5: B3FA138010610D53B9AC00BCDBD13300BAC416DE]
[U] (ACTIVE) c:\windows\system32\ws2_32.dll [PX5: 95520CD310F3993E13FC010C0CB4B600014D2D0A]
[U] (ACTIVE) c:\windows\system32\ws2help.dll [PX5: 0FC79034102ED19147A7005407667700D52CDE87]
[U] (ACTIVE) c:\windows\system32\wldap32.dll [PX5: 481A102A1051B55F6F2D02AD4161FF0087F1C969]
[U] (ACTIVE) c:\windows\system32\dnsapi.dll [PX5: 77C1CADA10F37F99FFA3014D5B9EAD000995B3CC]
[U] (ACTIVE) c:\windows\system32\wsock32.dll [PX5: E3B1EDB410C4FF335D090082C4EC3C00F4490AE2]
[U] (ACTIVE) c:\windows\system32\msgina.dll [PX5: 41B4041D10608B1123A305A06D5EBC00C0ACB3A2]
[U] (ACTIVE) c:\windows\system32\shlwapi.dll [PX5: 88BED6A210D057436B5904C9E3469E00CAF52166]
[U] (ACTIVE) c:\windows\system32\winmm.dll [PX5: 95B3461210C09511EB7002E02B9B02005E79485E]
[U] (ACTIVE) c:\windows\system32\setupapi.dll [PX5: B8759465103C9CBED32C08FE74AFB1005A045090]
[U] (ACTIVE) c:\windows\system32\version.dll [PX5: 082D9B8C104A52E43F5D004744DDD100AABFB127]
[U] (ACTIVE) c:\windows\system32\lz32.dll [PX5: 5A0847E0105351D227040090D870A3000F49CC17]
[U] (ACTIVE) c:\windows\system32\imagehlp.dll [PX5: 0455D3D210569E5AF5D901F56F666D00B94912D1]
[U] (ACTIVE) c:\windows\system32\wininet.dll [PX5: DC5B48E21045CDF135A007F74F67A7002971982E]
[U] (ACTIVE) c:\windows\system32\comdlg32.dll [PX5: 1ED788AC1019BB74C34F03C13669DD00C0069050]
[U] (ACTIVE) c:\windows\system32\wintrust.dll [PX5: 513478EE10F9AC2A891402E5F552490010C07A4B]
[U] (ACTIVE) c:\windows\system32\msasn1.dll [PX5: 7E3E0D2C10817E5BCD7D00C3808A64004D878B69]
[U] (ACTIVE) c:\windows\system32\psapi.dll [PX5: F4C7E7D11018D63C712100D24A8A3400939A75E2]
[U] (ACTIVE) c:\windows\system32\clbcatq.dll [PX5: 5B1FE56C108EA5FAC1DC07D40F3BEC00139DE9CA]
[U] (ACTIVE) c:\windows\system32\wdmaud.drv [PX5: 2F929AA610315E7D55A9007DACD3A000A723B346]
[U] (ACTIVE) c:\windows\system32\winscard.dll [PX5: 2230EE2210DC4FFD39D301DDF9B7670048A90BEF]
[U] (ACTIVE) c:\windows\system32\rsaenh.dll [PX5: AE842FC510090B460D4D023BD974FA0098DFF01A]
[U] (ACTIVE) c:\windows\system32\cscui.dll [PX5: 7DA09F2F1035EBAA9F9903C13AD5D400F072303B]
[U] (ACTIVE) c:\windows\system32\msacm32.drv [PX5: 9090AF5A102C150B538600FB247381006FFDBA8C]
[U] (ACTIVE) c:\windows\system32\msacm32.dll [PX5: 289D816610417B6C052E01C0A3CD7A00DC151080]
[U] (ACTIVE) c:\windows\system32\msv1_0.dll [PX5: 56DFC9CF105D6912739D019F16688B00D026EF49]
[U] (ACTIVE) c:\windows\system32\umpnpmgr.dll [PX5: 376A74A710CE0C835B8501B88E3C710057050A0C]
[U] (ACTIVE) c:\windows\system32\scesrv.dll [PX5: 4A6C57EF1002F317A7C3038D828FC200D908A835]
[U] (ACTIVE) c:\windows\system32\ntdsapi.dll [PX5: 28B5C8D910A68CE3E11A0072B6AB1600F9708E14]
[U] (ACTIVE) c:\windows\system32\eventlog.dll [PX5: 63CCD36810A95E40AF46002A70FAF3007B7F9B38]
[U] (ACTIVE) c:\windows\system32\dhcpcsvc.dll [PX5: 8CC5ACA310DD4E85659201B9A030AE00AAD91532]
[U] (ACTIVE) c:\windows\system32\icmp.dll [PX5: 99CD1EC610EA4AB81D1A0001B57F0C00BC693339]
[U] (ACTIVE) c:\windows\system32\iphlpapi.dll [PX5: E7C4A97A100B60E411BC01BA18BF3400C931C01F]
[U] (ACTIVE) c:\windows\system32\mprapi.dll [PX5: EBDA03E910838DB63DA8012A5FC6DC00AD78A821]
[U] (ACTIVE) c:\windows\system32\activeds.dll [PX5: 1081C80210069B41B57402E9717EF80087BE7592]
[U] (ACTIVE) c:\windows\system32\adsldpc.dll [PX5: 8DB0B4631015ACBAF7F301743D840E003724D6AF]
[U] (ACTIVE) c:\windows\system32\rtutils.dll [PX5: 91FCDD7310A84BEBAFB5007A925AD300CA2F78B0]
[U] (ACTIVE) c:\windows\system32\rasapi32.dll [PX5: B70EA05310727A64F70802FF49621100E98D6A2D]
[U] (ACTIVE) c:\windows\system32\rasman.dll [PX5: 1345C03110D7511DDBCE00A7D51DE800618B784B]
[U] (ACTIVE) c:\windows\system32\tapi32.dll [PX5: 500FDECE103753D9EDF201A64FF85D009D471B54]
[U] (ACTIVE) c:\windows\system32\dnsrslvr.dll [PX5: D4663F9D10603C0563ED0167629D370044354159]
[U] (ACTIVE) c:\windows\system32\lmhsvc.dll [PX5: F81B63F2108B7F3425C0001DEA5EEF00274A3283]
[U] (ACTIVE) c:\windows\system32\winsta.dll [PX5: 4B5E1BEE10AAAA319174008636B1D4008506255C]
[U] (ACTIVE) c:\windows\system32\dmserver.dll [PX5: C4A63F7E103C6F6531C300637343B40090A3D31B]
[U] (ACTIVE) c:\windows\system32\cfgmgr32.dll [PX5: D2BFDAEA102F565643CD0074C551C600B0DD5DEB]
[U] (ACTIVE) c:\windows\system32\srvsvc.dll [PX5: 6D388C6210F89D173DAA017D831F4E0024FDAA39]
[U] (ACTIVE) c:\windows\system32\wkssvc.dll [PX5: 1069427F10AF1C517D4D0137C781BA00E97D0686]
[U] (ACTIVE) c:\windows\system32\cryptdll.dll [PX5: 878969F110FE9609A55000EF6A91FF00916AAD3B]
[U] (ACTIVE) c:\windows\system32\cryptsvc.dll [PX5: 14EEC8E710B95527F9490003A6D1850025E6B2C5]
[U] (ACTIVE) c:\windows\system32\psbase.dll [PX5: 573103AE108DF78AC5A90199CA12F3004DD4E4F6]
[U] (ACTIVE) c:\windows\system32\seclogon.dll [PX5: 1FA124E410605A263FA600F74973A2000DD0BD3F]
[U] (ACTIVE) c:\windows\system32\trkwks.dll [PX5: E3568737109559B163520149E22D9800ACAF34CB]
[U] (ACTIVE) c:\windows\system32\wmicore.dll [PX5: F2F913161037E0AF1B960107F9E92200B78114BF]
[U] (ACTIVE) c:\windows\system32\msafd.dll [PX5: 4D1BE0B61099E5279B77014C7F1FF8008E025BE2]
[U] (ACTIVE) c:\windows\system32\lsasrv.dll [PX5: FF5D0DF010142A759793073EF60025006C0500FC]
[U] (ACTIVE) c:\windows\system32\samsrv.dll [PX5: 34738608102C91AF6D23053337D05F00CE437BD4]
[U] (ACTIVE) c:\windows\system32\msprivs.dll [PX5: 54D93B72002CEE19A6C100042E759A003B5CE3A8]
[U] (ACTIVE) c:\windows\system32\kerberos.dll [PX5: 6BE6371D109C0D67176D03ECE5ECE5005C168294]
[U] (ACTIVE) c:\windows\system32\netlogon.dll [PX5: 2B5F944A10341B40717C057F61D88E00034EFA48]
[U] (ACTIVE) c:\windows\system32\schannel.dll [PX5: A26D637710B29F112119025B5B620E00DC22251D]
[U] (ACTIVE) c:\windows\system32\rsabase.dll [PX5: A74FE1E81058231F05AB0291337FE30030F95087]
[U] (ACTIVE) c:\windows\system32\mpr.dll [PX5: 02AB81CC107903C7D5BF0068E1B2AB00E9A4B5B6]
[U] (ACTIVE) c:\windows\system32\polagent.dll [PX5: 2D58F65910906428C785010C02714900EAF27519]
[U] (ACTIVE) c:\windows\system32\oakley.dll [PX5: BEA47A28103F5E41F9CF05930322F20063B2B988]
[U] (ACTIVE) c:\windows\system32\mfc42loc.dll [PX5: AF07C04D00B434C3E04400AE9962B10033422AAA]
[U] (ACTIVE) c:\windows\system32\dssenh.dll [PX5: 8C07E75710F267233B35023261048000D966B4B6]
[U] (ACTIVE) c:\windows\system32\mswsock.dll [PX5: 216DF0D5107B86550332013315BFB10073CED1B9]
[U] (ACTIVE) c:\windows\system32\rnr20.dll [PX5: B6ED9962104BD8E88F9700D4F8215600E9FE165B]
[U] (ACTIVE) c:\windows\system32\winrnr.dll [PX5: B4CED50410E8B7FF4BC0003394C96C0003972F03]
[U] (ACTIVE) c:\windows\system32\rasadhlp.dll [PX5: AB5AF2CA108B46B51DC8008F735F0900CE61C6A3]
[U] (ACTIVE) c:\windows\system32\spoolss.dll [PX5: 747D5DFC10F829FFF73200DB3608C400CF91CD6F]
[U] (ACTIVE) c:\windows\system32\localspl.dll [PX5: 23CC1EAB1061DBC6E103036DD140230039BACA1B]
[U] (ACTIVE) c:\windows\system32\cnbjmon.dll [PX5: D0C1EFA410878C4BBD76005549588F004EF4D1F8]
[U] (ACTIVE) c:\windows\system32\cpwmon2k.dll [PX5: 489B1D9500678F20561B016ECFC5D100211C1377]
[U] (ACTIVE) c:\windows\system32\fritzcolorport.dll [PX5: 1D6BA49F00FB7AB3903300E75EF5AF00465BF75D]
[U] (ACTIVE) c:\windows\system32\fritzport.dll [PX5: 74A4A30D00163E7A908500D2B43D9F00E60B1861]
[U] (ACTIVE) c:\windows\system32\pjlmon.dll [PX5: 92A5B13B10717D47338800D5259DD50072AC1C53]
[U] (ACTIVE) c:\windows\system32\tcpmon.dll [PX5: DF5DA57310506261A79C000D1427FC00D4ED8542]
[U] (ACTIVE) c:\windows\system32\usbmon.dll [PX5: B6699BB0108E25622DE800868F8D2900521388E9]
[U] (ACTIVE) c:\windows\system32\win32spl.dll [PX5: 4106C899105E18AA71C3013BF782F700B83238F1]
[U] (ACTIVE) c:\windows\system32\inetpp.dll [PX5: DDFD5CAB109809420758013B034C97005B17A4C3]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\msvcr71.dll [PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\msvcp71.dll [PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\schedr.dll [PX5: 5DCA8EFB0150A4DF216800682761D1001054D847]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\avevtlog.dll [PX5: E4999D070107A0F8D11B01A88AF70D00E46ADB02]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\sqlite3.dll [PX5: C028A8800040DCC9302C050FDBBC76001DFC5407]
[U] (ACTIVE) c:\windows\system32\wtsapi32.dll [PX5: 84C0EF13101889D639B800DE6489CA004F6FEC7D]
[U] (ACTIVE) c:\windows\system32\utildll.dll [PX5: DF1449191059834569880027BC6E2B00FDE70571]
[U] (ACTIVE) c:\windows\system32\regapi.dll [PX5: AF2C257E1036A31D8DA000CB21610B0066ACFA60]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\guardmsg.dll [PX5: EF288B7201010401D1A2000965ABD5004B5A1C3B]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\avpref.dll [PX5: A35F45C701B8E20197C2009D4FEC220096A67B25]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\smtplib.dll [PX5: 875FB297016B68E5716800C6F106B600C50FD755]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\avgio.dll [PX5: 192B2C4B01BADD4FE52501C1544ACD0039E655AA]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aecore.dll [PX5: E1F91BA17565F334A1E002C4885A0D00FB419DBE]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aevdf.dll [PX5: 3C37389574AA1471910D015F83B1170083ECD5F3]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aescript.dll [PX5: D3C69E797C60AC31115405C46A896800655C26D1]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aescn.dll [PX5: 9B81DCDB734835E4E18C015DEDC822006C470CFE]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aerdl.dll [PX5: 77AC0D37750439F0B1B9067478853300ADAFDF39]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aepack.dll [PX5: 0226F08F77B6EE81012606E2FC2B3A004AE6F2D9]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\unacev2.dll [PX5: 39713B85000FE97F2E430131F74A9D001029A567]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aeoffice.dll [PX5: A12729377A345CD101A903A23672FC0042EC343F]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aehelp.dll [PX5: 53C4618C755589B8D1150144A77A1F00490BFA5A]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aegen.dll [PX5: 8F7C6E4C738D47ACE15504426E83C800D878B23B]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aeemu.dll [PX5: 9512BD83748EE606010B067179C2FF008879FDB3]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aeheur.dll [PX5: E62DA04A769C17F4B130161ECA1AA50007B79E05]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\aebb.dll [PX5: 18BC3638723DD02ED18F001F1F716A00015AC3D5]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\avipc.dll [PX5: 1D9A633A0191AE09215E013A325AB300C26116FB]
[U] (ACTIVE) c:\windows\system32\txfaux.dll [PX5: 323C5FC3100617DF55B3056CF3235C00C5E1FF78]
[U] (ACTIVE) c:\windows\system32\comsvcs.dll [PX5: C51E54C1107373DE995A13DE09884D002204391F]
[U] (ACTIVE) c:\windows\system32\msdtcprx.dll [PX5: 4B3C470710B74E8EFBF9098F94451500A4B7880C]
[U] (ACTIVE) c:\windows\system32\mtxclu.dll [PX5: FE9716C010B4C8C6C95500DD3BB74C007B4D761C]
[U] (ACTIVE) c:\windows\system32\clusapi.dll [PX5: FF53669410DBE3F0D9ED00BA2A3AA90019AC55F9]
[U] (ACTIVE) c:\windows\system32\resutils.dll [PX5: 1F90753510F087A19F1300D36F727A00649BFA9E]
[U] (ACTIVE) c:\windows\system32\netshell.dll [PX5: 407FD39310950EF249A6076D40336B00D5D8F8F5]
[U] (ACTIVE) c:\windows\system32\wmi.dll [PX5: 06DD6A1C10EAF6E919AB004EAC001B00D905DACC]
[U] (ACTIVE) c:\windows\system32\netcfgx.dll [PX5: 61FBC70810FE89E1717D084B9ECA3A00CDC6206E]
[U] (ACTIVE) c:\windows\system32\rasdlg.dll [PX5: ACE54D0410BF70B559D60832430515003F6AD7B6]
[U] (ACTIVE) c:\windows\system32\rastapi.dll [PX5: 6D122BF510791090D13D00E438B944005A6B63C5]
[U] (ACTIVE) c:\windows\system32\unimdm.tsp [PX5: F6328C05107779B515D70358048B8D00F6173494]
[U] (ACTIVE) c:\windows\system32\uniplat.dll [PX5: 574764C410C8B444374E0078AF39DA008299A63C]
[U] (ACTIVE) c:\windows\system32\ntmarta.dll [PX5: 6477EB861005FEF78D15010B87EE06005A194587]
[U] (ACTIVE) c:\windows\system32\unimdmat.dll [PX5: FFD9E79710A769DD191D013D3D367D00A9A893BD]
[U] (ACTIVE) c:\windows\system32\modemui.dll [PX5: D8E705DF1034D9F789C401ADD8540900EC574109]
[U] (ACTIVE) c:\windows\system32\kmddsp.tsp [PX5: 1F9210F5100231984731000C018F13009EEA73FE]
[U] (ACTIVE) c:\windows\system32\ndptsp.tsp [PX5: AB00B00210F6810B9BA90055255A54009D88A6E8]
[U] (ACTIVE) c:\windows\system32\ipconf.tsp [PX5: 0A7388201097E7912B9700B270B72D000CD77FC7]
[U] (ACTIVE) c:\windows\system32\h323.tsp [PX5: 6230DFB010BEE70FE3A7033E2E0BE900D0D28D2E]
[U] (ACTIVE) c:\windows\system32\ntlsapi.dll [PX5: 73B30CC410195F991B4A00A2E5F1A500D03CDBE1]
[U] (ACTIVE) c:\windows\system32\atl.dll [PX5: E045D51C3A8D3A62E6DC00F3D4902B006676BD86]
[U] (ACTIVE) c:\windows\system32\ntmsdba.dll [PX5: 5E6F2A09102BD285A3D40289D8C6BC00E631CAFF]
[U] (ACTIVE) c:\windows\system32\msidle.dll [PX5: A7B296581076533E19BC006BFE43D7008A9302F1]
[U] (ACTIVE) c:\windows\system32\wbem\wbemcomn.dll [PX5: BCC3731843013728D01D0ADC5B21D600060E7550]
[U] (ACTIVE) c:\windows\system32\wbem\wbemcore.dll [PX5: 7BDC0D8444BE8A04D00509A3D571FB00EFC9B942]
[U] (ACTIVE) c:\windows\system32\wbem\fastprox.dll [PX5: F07932885007A48740940229B08C5C00F73EE4BF]
[U] (ACTIVE) c:\windows\system32\wbem\wbemess.dll [PX5: 05A7DCEB445AFA4DB019055333B0760027AB6950]
[U] (ACTIVE) c:\windows\system32\wbem\wbemsvc.dll [PX5: 72E983504CA3A31AA074002DDDE82A00E66678CF]
[U] (ACTIVE) c:\windows\system32\wbem\cimwin32.dll [PX5: A2B4E513508FC98E60D4106E508E3A00F608A848]
[U] (ACTIVE) c:\windows\system32\wbem\framedyn.dll [PX5: 0F0037D2383335FB903B0218CA403C00A39F4A69]
[U] (ACTIVE) c:\windows\system32\browseui.dll [PX5: 4811BD07101E5A1C53190C55C2639E007E7B75E6]
[U] (ACTIVE) c:\windows\system32\mydocs.dll [PX5: 1276D6651002CFCEE15700FC459D0200E6943181]
[U] (ACTIVE) c:\windows\system32\webcheck.dll [PX5: 59AE2A781029EBA7FFBD0349886AE000B569E0A6]
[U] (ACTIVE) c:\windows\system32\stobject.dll [PX5: 992C3AB6108C75373F9501327D0BFC0017F3EAB1]
[U] (ACTIVE) c:\windows\system32\batmeter.dll [PX5: A473F49410BF6B7151A7004B38657400411C3976]
[U] (ACTIVE) c:\windows\system32\powrprof.dll [PX5: DE18E03D10560F2B355D00969360F80057FBFD56]
[U] (ACTIVE) c:\windows\system32\ntlanman.dll [PX5: 8940D2621084F6738D8F0012CCB50400CBA672AD]
[U] (ACTIVE) c:\windows\system32\netui0.dll [PX5: 014A764F10839F6C1F1401EC9468240067E96519]
[U] (ACTIVE) c:\windows\system32\netui1.dll [PX5: FB9C087710C961FF49CC03A1B489EF0038A3279B]
[U] (ACTIVE) c:\windows\system32\ntshrui.dll [PX5: 9DFDBDC7100FAFEEBF06002673F9F8003173A643]
[U] (ACTIVE) c:\windows\system32\msi.dll [PX5: 3A967211006394506EF11E3B3C2E0700336D61BF]
[U] (ACTIVE) c:\windows\system32\linkinfo.dll [PX5: 2E7232D8106D88383FE900E660E6CE00313A151B]
[UP] (ACTIVE) c:\programme\ptbsync\trayclock.dll [PX5: 93FB2148007BD6497E25009A7FE54F000E0D29A3]
[U] (ACTIVE) c:\programme\superantispyware\sasseh.dll [PX5: D019759F00C2D91B308701D83CF5A400155A0562]
[U] (ACTIVE) c:\programme\ahead\incd\incdshx.dll [PX5: E6ACD75674766E6A50C602C40FDD1E00314CA60A]
[U] (ACTIVE) c:\windows\system32\mobsync.dll [PX5: 698C525F10DACFC4994502EEBC8DFE00618FCD83]
[U] (ACTIVE) c:\windows\system32\browselc.dll [PX5: 1B2986B0001CE88798B000782FF32B00F80098D5]
[U] (ACTIVE) c:\programme\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx [PX5: 625F1664B0E594EF937100C27C2C0C007684DAD6]
[U] (ACTIVE) c:\windows\system32\urlmon.dll [PX5: DFD70B5A10E2C6F1EB190627610F2100F7943529]
[U] (ACTIVE) c:\windows\system32\docprop2.dll [PX5: 3422043B1096627BAD9304EAAD86250070960A15]
[U] (ACTIVE) c:\windows\system32\msvfw32.dll [PX5: 366398B5105245C6CB1F0140C6E55D007044C429]
[U] (ACTIVE) c:\windows\system32\avifil32.dll [PX5: 1DCDE13810C01066315E01A2E83D1D00F8F761FE]
[U] (ACTIVE) c:\windows\system32\faxshell.dll [PX5: 7CF2F9C410CE43E621CD00327F47C700249789CC]
[U] (ACTIVE) c:\programme\malwarebytes' anti-malware\mbamext.dll [PX5: 2636393D903EDB421E1701B5D563E600F46C31CB]
[U] (ACTIVE) c:\programme\superantispyware\sasctxmn.dll [PX5: CECCAB09000923FAF004003875F09900C99E9126]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\shlext.dll [PX5: FE997410012EA45B016301F2644AFF002A9A53D4]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\mfc71u.dll [PX5: 037598C700D68B82FC2F0F8DECC9D10082E94C28]
[U] (ACTIVE) c:\programme\7-zip\7-zip.dll [PX5: 98C116BB00C1B9741E7C02308518A300BD437AB4]
[U] (ACTIVE) c:\windows\system32\actxprxy.dll [PX5: 447356F9104B7663190C0178399E3800218EF443]
[U] (ACTIVE) c:\windows\system32\mfc42.dll [PX5: 7A691C1037D4213030570FF1DCC13600F0F14537]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\cclib.dll [PX5: 17ACDE3301AF7B3B7116025F2CA25F00EB4DFD85]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgen.dll [PX5: A0A6A92401CE36CA216C04AC8F483E00600DB702]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgenrc.dll [PX5: 1D6A835D015D42F149B800BA66859B00C44D29D2]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccguard.dll [PX5: FD16253F01001A87412D035FB0D3E8003BD97831]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgrdrc.dll [PX5: 3F844311015D3C19559500A28E5DD600AFA6A874]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccupdate.dll [PX5: 973EDB9C01526883B1290119AB2922009DB20F23]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccupdrc.dll [PX5: F41D4B9601F6037533F200E10A891B00E97F9C4C]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\cclic.dll [PX5: 6A623A0F012A03CDD1F000219044290019BF39DC]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\cclicrc.dll [PX5: 63EDF61201582C7F174200A7C38992009C65CA60]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccmsg.dll [PX5: 1A3A755C01F877C26158020312C16E0021599483]
[U] (ACTIVE) c:\windows\system32\olepro32.dll [PX5: 08B5DC44106A3B1281A802CF26569400262F8629]
[U] (ACTIVE) c:\programme\securepoint personal firewall\bin\spfwrv32.dll [PX5: 985E1C010093F39080BB09B9CEB0730064250352]
[U] (ACTIVE) c:\programme\securepoint personal firewall\language\de\language.dll [PX5: 985E1C010093F390B4BB00E04F88C100083FD8A6]
[U] (ACTIVE) c:\programme\ati technologies\ati control panel\atiptaxx.exe [PX5: E2564D41007D6215305405F1A916E9006F31EB18]
[U] (ACTIVE) c:\programme\ati technologies\ati control panel\atipdsxx.dll [PX5: 645158D100CF5E5EE06503C220888D00BC75BC4A]
[U] (ACTIVE) c:\programme\ati technologies\ati control panel\atrpuixx.deu [PX5: 639CDB6600F0C56860AF02C12A6E0F004CDAFFB3]
[U] (ACTIVE) c:\programme\ati technologies\ati control panel\atipdxxx.dll [PX5: 4F1D44D800F9052B204701CF9E3F7A004F791C35]
[U] (ACTIVE) c:\windows\system32\dinput8.dll [PX5: 19E1781C00C6500A245F0AACC163D200BDDCC4C1]
[U] (ACTIVE) c:\windows\system32\hid.dll [PX5: 326AE3841094308E43A100951476F500ACA571E2]
[U] (ACTIVE) c:\windows\system32\cidaemon.exe [PX5: 6A6CEC9710228573259100C1703E4E00BBA0CE76]
[U] (ACTIVE) c:\windows\system32\infosoft.dll [PX5: 36CD040510D0AAB423810317D912B200D39DD847]
[U] (ACTIVE) c:\windows\system32\inetcomm.dll [PX5: 3BB641B910791C52ADF10884942749009C413210]
[U] (ACTIVE) c:\windows\system32\msoert2.dll [PX5: 59D2DAB710A00EAD09FF01D8FD5DCE001E16DA8B]
[U] (ACTIVE) c:\windows\system32\inetres.dll [PX5: D43A21C2005763CFC6B3006DAC81610060B13638]
[U] (ACTIVE) c:\windows\system32\mlang.dll [PX5: D0122D1B10704671FB4F07F3C47342004AAE8251]
[U] c:\windows\system32\systray.exe [PX5: 79B2D3FB10C860580FD0002F40273400B79BCD14]
[U] c:\windows\system32\mobsync.exe [PX5: D4F3515210474EC1B7CD019B4E983A00B729505E]
[UP] c:\programme\ptbsync\ptbsync.exe [PX5: 67855A38007A9A1E4A5A011B3C9A7900FFF59393]
[U] c:\programme\avira\antivir personaledition classic\avgnt.exe [PX5: DC10F4170184C6E01118048C340EAC0079BC33AB]
[U] c:\windows\system32\drwtsn32.exe [PX5: 88CAAC7B101948931DE101E041984400A4809317]
[U] c:\programme\securepoint personal firewall\bin\sppfw.exe [PX5: 1092F3FC0080FF2A36B11BCE7F730F0010655C09]
[U] c:\windows\system32\ntsd.exe [PX5: 65572C811081BF2A7FE202D792581C00FFB8246F]
[U] c:\windows\system32\userinit.exe [PX5: 365F556710412B7D436C007B59071D00943F56A8]
[U] c:\windows\system32\rundll32.exe [PX5: C19B97D9102C0CD027FB00F54ABD27008E5B3988]
[U] c:\programme\prevx\prevx.exe [PX5: 3FBBB7F23829381956FE3FD6DA407C00AB2D9B1E]
[U] c:\windows\system32\shell32.dll [PX5: 29E5AE2710C360695BEF241B764B2A003073ABE7]
[U] c:\windows\explorer.exe [PX5: F4CE2A1010F0163FBBD303F59B58380024FCC23C]
[U] c:\windows\system32\fdeploy.dll [PX5: 58B48CC610D8BDA2CF4400370321240073A03945]
[U] c:\windows\system32\dskquota.dll [PX5: A50D4F971001D502713E0168BC5F220087AD3320]
[U] c:\windows\system32\gptext.dll [PX5: B92877E810E5AAB2D34B01862E79B30065BD64CC]
[U] c:\windows\system32\scecli.dll [PX5: 881410CF1099B05CB77801C4B77E690097D29F97]
[U] c:\windows\system32\iedkcs32.dll [PX5: 7182DFDA10DD6FC40BA70332A14270000349551B]
[U] c:\windows\system32\appmgmts.dll [PX5: 4EA8E270101C0936EB00016664D57000B4772BAD]
[U] c:\programme\superantispyware\saswinlo.dll [PX5: 8FF1FEFA00F39B437059057BD4279100FA8B971E]
[U] c:\windows\system32\crypt32.dll [PX5: F5A72E4E108842A04DFB07860C4D38003D4EEBA5]

rolf54 · 24.02.2009, 17:37

teil 2 :
-----

[U] c:\windows\system32\cryptnet.dll [PX5: C3BF2CF410AE1AEDA71100EEFD787B000A8C0EE3]
[U] c:\windows\system32\cscdll.dll [PX5: B91356D1103A71568DF50190CBBF4D00A171621C]
[U] c:\windows\system32\sclgntfy.dll [PX5: B594731810EC6F0D5B0A00CD5654E20033A58CD6]
[U] c:\windows\system32\wlnotify.dll [PX5: 3B1E7E8B10846715D75A00368A8C840044E98E40]
[U] c:\windows\system32\progman.exe [PX5: 43553E7510B2F178854102E69D32B200335C1291]
[U] c:\windows\system32\drivers\acpi.sys [PX5: 76BE7354F0CD15297CF80255D74BE3004F1783EE]
[U] c:\windows\system32\drivers\afd.sys [PX5: E06D8C815005E2ABDC6501DCD39F2400EFFA5A98]
[U] c:\windows\system32\services.exe [PX5: 3E217BDE1064F8395B2E012E9F9DE400A7F77761]
[U] c:\programme\avira\antivir personaledition classic\sched.exe [PX5: AB8ED87E010A3A5B0DE20105AC451D004FD09A13]
[U] c:\programme\avira\antivir personaledition classic\avguard.exe [PX5: 87A4DC6F010FA0CB4FDB02E2FA80BA00336555A0]
[U] c:\windows\system32\drivers\asyncmac.sys [PX5: EE66807E7032B2B141F2007C04FCFE00BCBF5141]
[U] c:\windows\system32\drivers\atapi.sys [PX5: 629B0FE850444E2D4C04018E0AEA40004560B4D1]
[U] c:\windows\system32\ati2evxx.exe [PX5: FEB49C5C009194E2F0E50549237B34001E32E17B]
[U] c:\windows\system32\ati2sgag.exe [PX5: 9F38DED600F9131AE0DB07838AB3D600753FF2D0]
[U] c:\windows\system32\drivers\ati2mtag.sys [PX5: F7945D61004DE172022D0C21EF76AD001F1252C2]
[U] c:\windows\system32\drivers\atmarpc.sys [PX5: 8CE5CB1130A364D3E22E00347F33870075109A53]
[U] c:\windows\system32\drivers\audstub.sys [PX5: E07A9B2450095A1C0BD0006DB9CBB100B79BCD14]
[U] c:\windows\system32\drivers\avgntdd.sys [PX5: C8D24692C0651F32FBAB0049CEC49700282E053E]
[U] c:\windows\system32\drivers\avgntmgr.sys [PX5: 92F045E5407182A548690037C71F4500BA00A730]
[U] c:\windows\system32\drivers\avipbb.sys [PX5: 1CE3C4D840973638258A01E4C3EEF5001983B698]
[U] c:\windows\system32\drivers\avmport.sys [PX5: F13FE52380920F06E8F500E96BC897003742CC58]
[U] c:\windows\system32\drivers\avmwan.sys [PX5: 5BA488AE1008D97475AC006CD98098005C941C07]
[U] c:\windows\system32\drivers\ccdecode.sys [PX5: FC6490AA00B8E53840FF00415C5FC300C0CC2A07]
[U] c:\windows\system32\drivers\cdrom.sys [PX5: 66AE91B0F03251296A3E00E0B66F1E007EE649E3]
[U] c:\windows\system32\cisvc.exe [PX5: 33BA91151002160115C30008D149EC0061ADD493]
[U] c:\windows\system32\clipsrv.exe [PX5: 26610645103891207B4900E4A472D60041B158F2]
[U] c:\windows\system32\drivers\cmuda.sys [PX5: 5A5BB20380540892837F0B266693D70015905D1F]
[U] c:\windows\system32\query.dll [PX5: 09C5A60A10FAD52AA10715658AF16400C2A8931B]
[U] c:\programme\fritz!\de_serv.exe [PX5: E0F0F24839B48B7900F303AA904F10003932CF7D]
[U] c:\windows\system32\drivers\disk.sys [PX5: 0B292B8270D01CE66B5E002179FEE80002E2E790]
[U] c:\windows\system32\dmadmin.exe [PX5: 1999FD1710D62FB241BD027EEBC2C300D1B33401]
[U] c:\windows\system32\drivers\dmboot.sys [PX5: 823EA982F0D461469E6105A976B63E00CEDC44FD]
[U] c:\windows\system32\drivers\dmio.sys [PX5: 39079B5830A0DE9D17B80282A663F200F6A1B0FF]
[U] c:\windows\system32\drivers\dmload.sys [PX5: C0F426F09036C6DB1C04006CFD9A4F006D8D1D7A]
[U] c:\windows\system32\drivers\dmusic.sys [PX5: 01063D3AD0378DC9C7F2000380DAEF001D6A436C]
[U] c:\windows\system32\svchost.exe [PX5: 1B22BACE10EED0FF1F7D00CCBFFEA60097011545]
[U] c:\windows\system32\es.dll [PX5: 733D8E2510496BFEA31503652D46F500301AFB22]
[U] c:\windows\system32\faxsvc.exe [PX5: 1B6308AA101EFBA87DEB01D9F5CC4000456B8DEF]
[U] c:\windows\system32\faxperf.dll [PX5: 5F68EEEE10A95BB51997002C240718000970CA80]
[U] c:\windows\system32\drivers\fdc.sys [PX5: 4A5FFA0250AF0260668600D9BB586F007F0C0603]
[U] c:\windows\system32\drivers\fpcibase.sys [PX5: BC62BABA902AEB92D7EE07A7C817290088A7B681]
[U] c:\windows\system32\drivers\ftdisk.sys [PX5: 71140516906A88D8C6B601474A964300B6064049]
[U] c:\windows\system32\drivers\gameenum.sys [PX5: 3DEB575350BEF31B2564008556D39800CCBFC720]
[U] c:\windows\system32\drivers\genusb.sys [PX5: 3900C37D30B2B3D976CD005D6C9EDC00CEE4516B]
[U] c:\windows\system32\drivers\msgpc.sys [PX5: A84A8F82F06438EB87C5005A5F8A7000F30732E4]
[U] c:\windows\system32\drivers\hidusb.sys [PX5: 1F0A9C5950E835AF363000170905E000EF738B98]
[U] c:\windows\system32\drivers\i8042prt.sys [PX5: 4B74FBE0D0D337B4B3E200EAC3CCC40016E5F02A]
[U] c:\windows\system32\iasperf.dll [PX5: 9CE4987D10C3CC9851BA0005BC8361002957672F]
[U] c:\windows\system32\drivers\ipfltdrv.sys [PX5: C589E9C570244448861F006A87314C0010DD5875]
[U] c:\windows\system32\drivers\ipinip.sys [PX5: AFAA99AA101AF3FB4E9E00703183FE0081914986]
[U] c:\windows\system32\drivers\ipnat.sys [PX5: AC0A5A1F70D13D50ECC900E8EA9F3400D27ED931]
[U] c:\windows\system32\drivers\ipsec.sys [PX5: E0529AE6108BBB4C4B1D01FC232B9D000A273AC7]
[U] c:\windows\system32\drivers\isapnp.sys [PX5: 47A94082301D6D85B8590034121ADC0095F627BA]
[U] c:\windows\system32\drivers\kbdclass.sys [PX5: 8A5FBFE5B047016A618900D6B05501001421E8F3]
[U] c:\windows\system32\drivers\kmixer.sys [PX5: CFDDCAC4702A69CF4053028CC1E14C006ED2203A]
[U] c:\windows\system32\mnmsrvc.exe [PX5: F24B37671048C35555E000ACAE2690003AD8EEE6]
[U] c:\windows\system32\drivers\mouclass.sys [PX5: F12D1853D0F1911956D8009A9B781B00B82D9E9F]
[U] c:\windows\system32\drivers\mouhid.sys [PX5: 4A15CF14F022491E2D3700D0DA34650039C9FB07]
[U] c:\windows\system32\drivers\mpe.sys [PX5: D17795E0007996F93BE2004595E37B005EB882F6]
[U] c:\windows\system32\drivers\mrxsmb.sys [PX5: 5F8D04D670544A40D1A705D735E3F50075BF107F]
[U] c:\windows\system32\msdtc.exe [PX5: 499C316710C4D54D1B8D00E48F11AC002E453123]
[U] c:\windows\system32\msdtcui.dll [PX5: 61CEAAC8104250CE35E602D08704950024DF1C73]
[U] c:\windows\system32\msiexec.exe [PX5: C8B81B07003172C2F81000AA5F40CE000A89A9AE]
[U] c:\windows\system32\drivers\mskssrv.sys [PX5: AA698644003FC7D61D20001D3E787B00D0EAF88C]
[U] c:\windows\system32\drivers\mspclock.sys [PX5: 267744C380AE5E6014B600642E42770067D89E5F]
[U] c:\windows\system32\drivers\mspqm.sys [PX5: 29B8F923D0CB9B8B12F900155B84E200DF13C804]
[U] c:\windows\system32\drivers\mstee.sys [PX5: 6C955769800BC1B8156C000EC356BE00E296BC73]
[U] c:\windows\system32\drivers\nabtsfec.sys [PX5: 36A0AA5C0062B6A3483F0129F41B0A00CFA32B2F]
[U] c:\windows\system32\drivers\ndistapi.sys [PX5: 7E79741730BB8C08237200BC53C59800F6388955]
[U] c:\windows\system32\drivers\ndiswan.sys [PX5: 4F77108FF0ED94E262F5011EFE8C4E000CB0A42B]
[U] c:\windows\system32\drivers\netbios.sys [PX5: DEAD5C90B0833CF782F4004BB9FD3200E32DBAB7]
[U] c:\windows\system32\wshnetbs.dll [PX5: 8A618A96100A4EA51F0B007BA9112E0028BE5359]
[U] c:\windows\system32\drivers\netbt.sys [PX5: 486161BD307ECD92329F025DCBE94E002E605525]
[U] c:\windows\system32\netdde.exe [PX5: C0CEC993104BD975CF9E017141DA650093CD2A2F]
[U] c:\windows\system32\drivers\netdtect.sys [PX5: 078B7DF1D08FD89A25AD00D42371E900A1445A15]
[U] c:\windows\system32\drivers\netfritz.sys [PX5: B4CF4EA3000A05AF6E4C039919A10B000E94F563]
[U] c:\windows\system32\lsass.exe [PX5: E3DDF6CB102567119921002554AB3A00E767742D]
[U] c:\windows\system32\netman.dll [PX5: E0C1EB64109374C765240116A45A5F00DDBF420C]
[U] c:\windows\system32\ntmssvc.dll [PX5: 423CFC9610DDB90225E60684EF933300A1589F6F]
[U] c:\windows\system32\drivers\nwlnkflt.sys [PX5: C8A7EC8A10D8BB9531C2003040840C0022A24456]
[U] c:\windows\system32\drivers\nwlnkfwd.sys [PX5: 98F3475210A51E8F8A8A00FFF4BBCD00D65F70B8]
[U] c:\windows\system32\drivers\openhci.sys [PX5: 5716BB647078559860F000D28FF4C10094A31AB0]
[U] c:\windows\system32\drivers\parallel.sys [PX5: 1A892C3590F76B70EB300083122741002B4482B1]
[U] c:\windows\system32\drivers\parport.sys [PX5: 72893FA2F017DDB8622700A34C406500DF9F75C7]
[U] c:\windows\system32\drivers\pci.sys [PX5: 2CFAE09450073198E5C800A61CA8E5002481838D]
[U] c:\windows\system32\drivers\pciide.sys [PX5: 85EC54F310671A500C88009379B0E200B79BCD14]
[U] c:\windows\system32\perfdisk.dll [PX5: 0C802E54108A36815B3000DE41ADD40085602454]
[U] c:\windows\system32\perfnet.dll [PX5: E8C5DA681036F330472900E2C83520007454E502]
[U] c:\windows\system32\perfos.dll [PX5: 530D713810E027475746000C8F8E5F00F9AADADC]
[U] c:\windows\system32\perfproc.dll [PX5: 1B2420BF10B582516F810019D771B300D4C69017]
[U] c:\windows\system32\drivers\raspptp.sys [PX5: 6988B809F01E1552BAF40075D6DD950050DAFE38]
[U] c:\windows\system32\drivers\ptilink.sys [PX5: 94243E8BF0F707E244CD009FCA72DC00584DCD32]
[U] c:\windows\system32\drivers\pxscan.sys [PX5: 11EEE13208526D6558A400F26A394F00E75A87AE]
[U] c:\windows\system32\drivers\rasacd.sys [PX5: 33D6D51B50974E411FB3003244930F009BC0CF4D]
[U] c:\windows\system32\rasauto.dll [PX5: 86C3D97E103DC26B2F0501D778542B007D605244]
[U] c:\windows\system32\drivers\rasl2tp.sys [PX5: 714A120A70E9744DC6F50032364FED0045998AA6]
[U] c:\windows\system32\rasmans.dll [PX5: 1FB2183E10BA7F414B3E022CAAA2E900DB76F794]
[U] c:\windows\system32\rasppp.dll [PX5: CCB4603A107FB0A00177039EC2551400713BDB00]
[U] c:\windows\system32\raschap.dll [PX5: DD2565F910F970518B50006286980F00EAE0E863]
[U] c:\windows\system32\rastls.dll [PX5: 1ED88CFE10BE200CC11500F2655967001B027E95]
[U] c:\windows\system32\drivers\raspti.sys [PX5: 9C1B16AAF0A7B01A4177001F56E1C200C6B5D235]
[U] c:\windows\system32\drivers\rca.sys [PX5: E014C5B3D00AF8A0541D008C4121A20011EFA786]
[U] c:\windows\system32\drivers\rdbss.sys [PX5: 168018DCF062243A14EB023A60A6C900EA143E12]
[U] c:\windows\system32\drivers\redbook.sys [PX5: 71FA7A9670AEB87389710078E4B0E60038763AAC]
[U] c:\windows\system32\rasrad.dll [PX5: 675A1A5010D063395D2A00EF361CF300C90C39A2]
[U] c:\windows\system32\rasauth.dll [PX5: 846854B01075AA31253C00DCFCD7580039FF4B4B]
[U] c:\windows\system32\mprddm.dll [PX5: B004A170108A8676114E015411733B009D4282CF]
[U] c:\windows\system32\mprdim.dll [PX5: 8C4D11181012EBD6B73E00FCF86D6000691D61E8]
[U] c:\windows\system32\rasctrs.dll [PX5: 596F095410D2BD60335F00AC17CB440080D73D09]
[U] c:\windows\system32\iprtrmgr.dll [PX5: F025633310D8EB0A6F590254FA009B00502905E9]
[U] c:\windows\system32\regsvc.exe [PX5: 0B5537DA10347EB3055201D9716A0300B8C0EAAB]
[U] c:\windows\system32\drivers\rootmdm.sys [PX5: 7F769B66900417601727001BD7D09C00FA5DD66F]
[U] c:\windows\system32\locator.exe [PX5: AC2A3884107CCACE1BEE01C0F0597B00BE63400D]
[U] c:\windows\system32\rpcss.dll [PX5: 9902949F10D2AB8C952803FDB06A8D00815C864D]
[U] c:\windows\system32\rsvp.exe [PX5: 406A9EF01093BDF2B32A0273FDD6AC0046D84207]
[U] c:\windows\system32\rsvpperf.dll [PX5: 5D3012B210EB07252B8500982BEF7100DE381BD0]
[U] c:\programme\superantispyware\sasdifsv.sys [PX5: 6E0C50D4F076E7FA220F004015C4D80087E5B64D]
[U] c:\programme\superantispyware\sasenum.sys [PX5: 82393A45F0ED8C5D1CBD00DCD39A270058424E29]
[U] c:\programme\superantispyware\saskutil.sys [PX5: F2404227F06EABB6D6AC008EEDCF0500234902B8]
[U] c:\windows\system32\scardsvr.exe [PX5: E79CE4781045A018915C015452276000E45267B8]
[U] c:\windows\system32\mstask.exe [PX5: 79DAB54510356B38D16E01300F43EA004D6223A0]
[U] c:\windows\system32\sens.dll [PX5: 57FF9E2F108F2236933400E616BA230012837A9B]
[U] c:\windows\system32\drivers\serenum.sys [PX5: D336AE1DB0BA19373564003C29122A003C52204D]
[U] c:\windows\system32\drivers\serial.sys [PX5: 2F40DE6E9020E3E1F7DB00B6A17981003949B8AF]
[U] c:\windows\system32\ipnathlp.dll [PX5: E86A87B810C71C19C5A20622CB6C33005D09E130]
[U] c:\windows\system32\drivers\sisnic.sys [PX5: FB00D45163544C158A7C00AAAFF24F006AD07BBF]
[U] c:\windows\system32\drivers\slip.sys [PX5: 4CA11AF780A072572A5C000228FF50000E1075AF]
[U] c:\programme\securepoint personal firewall\driver\spfirewallsvc.exe [PX5: C3E638C800890C2960BE008C4632DC00DD2A3193]
[U] c:\windows\system32\drivers\spfw.sys [PX5: EC68DC4180D774A07D9E00976EAC93000F5BEC98]
[U] c:\windows\system32\spoolsv.exe [PX5: 6C1E418C10EBF045AF2500F84DE14F005971B84C]
[U] c:\windows\system32\winspool.drv [PX5: 44DB4A8C108E050EB94301A41ADF9300DE4C3C28]
[U] c:\windows\system32\drivers\srv.sys [PX5: F855659B505B7F09A89803C854AE7F005E4ECADA]
[U] c:\windows\system32\drivers\ssmdrv.sys [PX5: 195D2E3C0086DC0A53A20026A9CC7D006E7734E1]
[U] c:\windows\system32\drivers\streamip.sys [PX5: 5991239C80E14A0F3A7C000594B7FB0061A4BFE7]
[U] c:\windows\system32\drivers\swenum.sys [PX5: 7273709900D12B1110BE006E18BEA500B79BCD14]
[U] c:\windows\system32\drivers\swmidi.sys [PX5: EDD4EE52F0B60F90CA0200CC07AF6700BE00489E]
[U] c:\windows\system32\drivers\sysaudio.sys [PX5: 55973ED2B024DD5CB8B0005DE571B0003CDD5426]
[U] c:\windows\system32\smlogsvc.exe [PX5: 7C6047CB109342D36D41015B31457500C4D6A94E]
[U] c:\windows\system32\tapisrv.dll [PX5: 3C293DB410FBB0E5A3740204C21CD100B15A7C05]
[U] c:\windows\system32\tapiperf.dll [PX5: EE5D6CDE1049D06B195A00CDE996F2009F769116]
[U] c:\windows\system32\drivers\tcpip.sys [PX5: A9A08034B01168FCE2DA046BB9284600AED4A711]
[U] c:\windows\system32\wshtcpip.dll [PX5: B7376F7310DD971245DC00319358A90073DFDA69]
[U] c:\windows\system32\perfctrs.dll [PX5: EAA177531002421CAFF90074F4D15E00A9BE00DD]
[U] c:\windows\system32\tlntsvr.exe [PX5: 5E08A66D105A3C89BD1A025E4FD90200C4D0DA39]
[U] c:\windows\system32\drivers\uhcd.sys [PX5: 1FF36CF9902569E97DEF00DEAF138B00C6492734]
[U] c:\windows\system32\drivers\update.sys [PX5: 43579F7370DCA1579AA001A7675FA2009A76F26E]
[U] c:\windows\system32\ups.exe [PX5: 8980EF9410F4B792453C006853E2D500E1B0BC6B]
[U] c:\windows\system32\drivers\usbehci.sys [PX5: 0835960E1073D2F04B8900053DB9D400A91E9777]
[U] c:\windows\system32\drivers\usbhub.sys [PX5: D2DE5001D032A2819C1C0011C40CF000C7BE3878]
[U] c:\windows\system32\drivers\usbhub20.sys [PX5: 74538E06F035D95DC0CB005B1FE7D800C9560D2C]
[U] c:\windows\system32\drivers\usbprint.sys [PX5: 68FD5A9630BCB3CC560300877ECD0F00946CB6C4]
[U] c:\windows\system32\drivers\usbstor.sys [PX5: 650606DC3015901A4D13002FBE0A1E006C5F7AEA]
[U] c:\windows\system32\utilman.exe [PX5: 62461A211061998D59C900D34EC720001A6A7EE6]
[U] c:\windows\system32\drivers\vga.sys [PX5: F27CC67F905BD36B36080056DAF07500DCE052D5]
[U] c:\windows\system32\drivers\wanarp.sys [PX5: 9A3F957370E0733A7A1800AD6A2F83009E49FE18]
[U] c:\windows\system32\drivers\wdmaud.sys [PX5: 0A4D8082B0EC922521A8018B75394100E21A9378]
[U] c:\windows\system32\wbem\winmgmt.exe [PX5: F4D0BC514D8822040002031C72AF53003261C6AC]
[U] c:\windows\system32\drivers\wstcodec.sys [PX5: 43CDA222001B7960490B0042F1633B00E7BDE8D0]
[U] c:\windows\system32\internat.exe [PX5: F5E2C90010E9EF9F51B4004B4A9FB100EE2D5B5F]
[U] c:\programme\internet explorer\connection wizard\icwconn1.exe [PX5: 817906B9102D371EE552026664B22D008CFDFF30]
[U] c:\windows\system32\oleaut32.dll [PX5: E19D0791105CA314615709817752D60095786D8A]
[U] c:\windows\system32\mfc42u.dll [PX5: 950F518638CBDD4230DD0FE1CC4399005FC07FD9]
[U] c:\windows\system32\mapi32.dll [PX5: E5BDCE5300FF7E69205F02AA787C010069765F85]
[U] c:\windows\system32\shdocvw.dll [PX5: 5187206810BF1F3CD9F010812879D400B88536D7]
[U] c:\windows\system32\ole32.dll [PX5: E7E5809610B6895C15BD0F55B21B8F007AAD9E66]
[U] c:\windows\system32\msjava.dll [PX5: 1BD313AC10CD213D69300EFB790660004F33C0DF]
[U] c:\programme\gemeinsame dateien\microsoft shared\vgx\vgx.dll [PX5: 9727D37248C74723C0171AB1D19531001EAD2844]
[U] c:\windows\system32\msieftp.dll [PX5: 631DD34F10529CA5D10D035087400B00FB993074]
[U] c:\windows\system32\advpack.dll [PX5: B31CB4931041C2F763BD0104FE311F003D823514]
[U] c:\programme\outlook express\setup50.exe [PX5: 79DBB8B41090F2DA275701E6CC2055000320E6F6]
[U] c:\windows\system32\regsvr32.exe [PX5: DE09E27710703F0F273D00B1E26E3100B68EE55C]
[U] c:\windows\system32\ie4uinit.exe [PX5: 0EA03B43106DAF406D0400AF78961200D0EFEB35]
[U] c:\windows\system32\logon.scr [PX5: 86731C4F10C366F4FFF901F6D47C0600C6186BC4]
[U] c:\windows\system32\comm.drv [PX5: 9E1AC3AB3068553F296F00C1B4CA02004F1226BB]
[U] c:\windows\system32\mmsystem.dll [PX5: 13F138D8703AA6F00FC70109C974C5002D197CE3]
[U] c:\windows\system32\keyboard.drv [PX5: 6CB625B5D0F88AFD079800FE801B1000B79BCD14]
[U] c:\windows\system32\mouse.drv [PX5: 2CA0BAE7F0FB384407BE001CC7C15C00B79BCD14]
[U] c:\windows\system32\wfwnet.drv [PX5: BDD4ECE8E0606C55358600D28FC59A0047FA2715]
[U] c:\windows\system32\system.drv [PX5: 856C88A52043BEDB0DB000882BF42500B79BCD14]
[U] c:\windows\system32\user.exe [PX5: E410FC6CC07792CDBADC00946DABDB007D31A884]
[U] c:\windows\system32\gdi.exe [PX5: BB92D02B00FB641B60350044D7FA81004CA4B203]
[U] c:\windows\system32\ntvdm.exe [PX5: 7C427E3410630A880B7E06394E3D67007863707A]
[U] c:\windows\system32\krnl386.exe [PX5: E4353A6E003E392669AC01E7A118DD0071798E65]
[U] c:\windows\system32\commdlg.dll [PX5: 385C3371105D9AA972F7008D3DBE9E00E0520F97]
[U] c:\windows\system32\ctl3dv2.dll [PX5: C84734B440655DC66A4D00304EF8AC0014627D07]
[U] c:\windows\system32\ddeml.dll [PX5: EFF743470024F9B09C5600182C74130053E20D73]
[U] c:\windows\system32\lanman.drv [PX5: 979919E9109F8F89739803C59F91BE005572B13A]
[U] c:\windows\system32\netapi.dll [PX5: 3B2621E2C04DF3B2A77E0156CAF52A00A1424563]
[U] c:\windows\system32\olecli.dll [PX5: F5FB40F500858B0244DF0121D0BC3200B432085A]
[U] c:\windows\system32\olesvr.dll [PX5: 7E49C8F7005B226C5ED3007EE3C9D200684E73DA]
[U] c:\windows\system32\pmspl.dll [PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93]
[U] c:\windows\system32\shell.dll [PX5: 53AC2DBC00AAF3E414C80046192BB900A93E982E]
[U] c:\windows\system32\sound.drv [PX5: F9FF5718D0FA7A1D06FF00647C846400B79BCD14]
[U] c:\windows\system32\toolhelp.dll [PX5: A522FE8B408333743659009B30E21C00221119B9]
[U] c:\windows\system32\vga.drv [PX5: B52C49E880CC42FA089200899FF1E700B79BCD14]
[U] c:\windows\system32\win87em.dll [PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F]
[U] c:\windows\system32\winoldap.mod [PX5: 36DECA4D202676D208C7007A96167E00B79BCD14]
[U] c:\windows\system32\winsock.dll [PX5: 7D61F2C730E4D9A60B5300D9F4D9CD00B79BCD14]
[U] c:\windows\system32\winspool.exe [PX5: FB404CEE40E5748C08D6000D9B7C5F00B79BCD14]
[U] c:\windows\system32\wowdeb.exe [PX5: 705E3496D0A80A260ABB008D71503B00B79BCD14]
[U] c:\windows\system32\timer.drv [PX5: 0BBCB20CD0736CAE0F2F001D12465B004F233901]
[U] c:\windows\system32\compobj.dll [PX5: 359E2CBDD0BCD8E77562007DCF26A6004F09B1BF]
[U] c:\windows\system32\storage.dll [PX5: A73608D270E3252C10B800FAEBBF4D00692F2AE6]

rolf54 · 24.02.2009, 17:38

teil 3 :
------------------

[U] c:\windows\system32\ole2.dll [PX5: 31C9C97C30F7ED979B0300629364AB00EEA00D1E]
[U] c:\windows\system32\ole2disp.dll [PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7]
[U] c:\windows\system32\ole2nls.dll [PX5: 09B13294B021FA9E558F026E08072F00900228B5]
[U] c:\windows\system32\typelib.dll [PX5: C0620321C004C14EB60D020DCCE16200701F9AEA]
[U] c:\windows\system32\msvideo.dll [PX5: 0BB88544806833B9F080012F00509C00B96AD7CE]
[U] c:\windows\system32\avifile.dll [PX5: BB3BC8C000ED90A4A6420190F27E170073244A5B]
[U] c:\windows\system32\msacm.dll [PX5: 9509859960B48961EF3C0048E192C7001E1E2D02]
[U] c:\windows\system32\mciavi.drv [PX5: FD5C7DEA20EEA2C72056011DA830F200A7FFE5D6]
[U] c:\windows\system32\mciseq.drv [PX5: 29BE5A79D02501D962B1006D9F644A004DC598FB]
[U] c:\windows\system32\mciwave.drv [PX5: 4D15592B0006473D6E3900034B93AF002C41B6EA]
[U] c:\windows\system32\avicap.dll [PX5: 6D67EC12E084E54E124201FFF5F62900B422894F]
[U] c:\windows\system32\mapi.dll [PX5: 8FD1B5C920AAA3E5FE3707B6FD82F000963FFF15]
[U] c:\windows\system32\mmsys.cpl [PX5: 1B2B5D3E10730643B14204B44C7DD800AB16F172]
[U] c:\windows\system32\icmui.dll [PX5: 1BFB0B8A1003B498C9AD007B7F59C600DAFE5722]
[U] c:\windows\system32\rshx32.dll [PX5: ECCC93EA10BDFDB687B600222CDE0C00394F5DBD]
[U] c:\windows\system32\docprop.dll [PX5: 34308B7910D83CBBAD1C001FE4DB5600DD0B3221]
[U] c:\windows\system32\plustab.dll [PX5: FB1252AB100ED9B153F8003F462A0400671FAE66]
[U] c:\windows\system32\deskadp.dll [PX5: 63B662861012396F3564003B3C2E07004EDCD0EC]
[U] c:\windows\system32\deskmon.dll [PX5: 4F349DE41070F79A39C0009EE57C8400E23C6240]
[U] c:\windows\system32\dssec.dll [PX5: D6585D5F10B92DEB738C002F6F062B00F81DF8FF]
[U] c:\windows\system32\shscrap.dll [PX5: 9284E50A108E12E85F8E00A463C947009A58D403]
[U] c:\windows\system32\diskcopy.dll [PX5: 020EE0B010AEEE9941E60088ACC4D500F9C94069]
[U] c:\windows\system32\ntlanui2.dll [PX5: 737ACF1010939CD23F1C00D0E7C14C001DE548A6]
[U] c:\windows\system32\printui.dll [PX5: 2FA86CEA10E4A8A3FD31056066DACE0014A82A48]
[U] c:\windows\system32\dskquoui.dll [PX5: 83B26EF610387A9E4F1702CA837C7F00EEA2E3AC]
[U] c:\windows\system32\syncui.dll [PX5: 3877C63D10E701C9A34902BA6BA132004DF5E0D8]
[U] c:\windows\system32\hticons.dll [PX5: 3C40AE6D10729289553700DC10D0C8006590B7DD]
[U] c:\windows\system32\fontext.dll [PX5: F102B31D10C083381B40033F712379006070250A]
[U] c:\windows\system32\deskperf.dll [PX5: 1039CE39102839993723002144D7D300C565DD6A]
[U] c:\windows\system32\wshext.dll [PX5: 4857F053003C48F4B0CF003FEDB615003E64178C]
[U] c:\windows\system32\cryptext.dll [PX5: 6654AF4410DBD926C33B007CED7B820038C3B676]
[U] c:\windows\system32\mstask.dll [PX5: E2B91592100B39F963840335417FC900DB611672]
[U] c:\windows\system32\sendmail.dll [PX5: B46565A5103B58BD49580042F04C6E007FFED8FE]
[U] c:\windows\system32\occache.dll [PX5: 8EFC12B910DC54BA5B1501A9620A04000410CA07]
[U] c:\windows\system32\thumbvw.dll [PX5: 07803D79105DB095DD740225E7A8D800D695129F]
[U] c:\windows\system32\appwiz.cpl [PX5: 5771F5BF10FE685F930D04F49E1F57009F07147A]
[U] c:\windows\system32\cdfview.dll [PX5: A9CFA4B810DCA4042F55023A922E5900E93F6518]
[U] c:\windows\system32\dsfolder.dll [PX5: 694AF7A11062ECCBA31600E2EDAA7A00303D57B2]
[U] c:\windows\system32\dsquery.dll [PX5: 573B447D103C73D1693E026F2B73CD0008AC26F6]
[U] c:\windows\system32\dsuiext.dll [PX5: 3AD8E4B810934744AF4E01010C5E7E00940A362F]
[U] c:\windows\system32\mmcshext.dll [PX5: AC19C0C1104467A7614C008C4B608D000C54567E]
[U] c:\windows\system32\cabview.dll [PX5: 8A4AB7E01031205C7DFF000C3A1EFB00C7EE767C]
[U] c:\programme\ahead\nero\neroshx.dll [PX5: 83B359DC00FC9D1B30B804D1B3262B00D4055230]
[U] c:\windows\system32\msapsspc.dll [PX5: E39A0F9E0030B5D539600171AA357400012D8BB9]
[U] c:\windows\system32\digest.dll [PX5: 890D189E10075D4FB5BF00CBED66C5005A1B9B63]
[U] c:\windows\system32\msnsspc.dll [PX5: DE897DD9303B9BD3C8B001F35DE8E800EDB75407]
[U] c:\windows\system32\cmd.exe [PX5: EDEF1E6510489CBCCD7A03A8B79FAE00636FC8CB]
[U] c:\windows\system32\mmdrv.dll [PX5: A5962827105A12032F7E001C864576005E261B85]
[U] c:\windows\system32\midimap.dll [PX5: 35F2D99A1094A9004B7500CB9FCF0F00B9D57ED4]
[U] c:\windows\system32\imaadp32.acm [PX5: 467096FE10DB3EEE413A00C22A6BAC00585D7E76]
[U] c:\windows\system32\msadp32.acm [PX5: 562135B7103D3F3D3BD0007BAD00E300BF812CC8]
[U] c:\windows\system32\msg711.acm [PX5: C9681C0C1023326B2943003651F35600CA856168]
[U] c:\windows\system32\msgsm32.acm [PX5: 37181CF710A10B7D593400F53BFDE700B84BA641]
[U] c:\windows\system32\tssoft32.acm [PX5: 625AF19E100FC3CF2581007C9980A300597F230F]
[U] c:\windows\system32\iccvid.dll [PX5: 6E5737C90051F64FB0580107F0E68A0062D84F96]
[U] c:\windows\system32\ir32_32.dll [PX5: 25BCBC5D001F41CE0A600310BECCA50095C286C7]
[U] c:\windows\system32\msrle32.dll [PX5: 42FE3C6010AE90972B57007C2084F700F39D554B]
[U] c:\windows\system32\msvidc32.dll [PX5: 0355E638105E625A6D3000DA7A383500611118DB]
[U] c:\windows\system32\lhacm.acm [PX5: 84C7062710493D8485EE00CA07640900A41EA229]
[U] c:\windows\system32\msg723.acm [PX5: 629AB58310CD167CAB430180EA12FC00791E9160]
[U] c:\windows\system32\msh263.drv [PX5: 2158F7CB10C3611FF16F0322E1168000DCA6DF69]
[U] c:\windows\system32\msh261.drv [PX5: 47542F2A106940158F6B0287E26F3900B01FA5B4]
[U] c:\windows\system32\iac25_32.ax [PX5: BA804C0200083FAB0CC003FEBCF46C00AD219E84]
[U] c:\windows\system32\ir50_32.dll [PX5: 7011D8930080C54586170B262FCE75000B583A5A]
[U] c:\windows\system32\l3codeca.acm [PX5: 29088BE70099BF88700A0426A3266D008E350E66]
[U] c:\windows\system32\msyuv.dll [PX5: 0BD2C0FE000E4BBF427F00672A02C40048A9EF9A]
[U] c:\windows\system32\rsvpsp.dll [PX5: D282536810D3AACB2BD701B6B4463500A4050ADC]
[U] c:\windows\system32\ipxrip.dll [PX5: A69AC87210A0D07159E000FF83D85600118C9A2E]
[U] c:\windows\system32\ipxsap.dll [PX5: 4267549B10804ACB0DA2011C17A23E00ABBF729C]
[U] c:\windows\system32\ipxrtmgr.dll [PX5: 959BAF8110EB0AABA3380066C369D200FA5F67E5]
[U] c:\windows\system\cmicnfg.cpl [PX5: 248DC69D002DC8DF20F1234979DEF800929F6AA5]
[U] c:\programme\avira\antivir personaledition classic\avconfig.cpl [PX5: AAC5407401E9E37C11A001E93710970046DA2E33]
[U] c:\windows\system32\magnify.exe [PX5: FAF93BC7101CA0A3AD5B00ECABC508008AB5B66B]
[U] c:\windows\system32\osk.exe [PX5: 23EA0AC210795FBBE9FF026382434E0042BEE265]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\msconv97.dll [PX5: DC78DBA710B4E16531F502F1E7067C00C9BD0F75]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\gifimp32.flt [PX5: C328617500C70F573061047A1E442800ED9B8E80]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\jpegim32.flt [PX5: 57BBA17700B55409402A047B83CD50004DBF1D5C]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\tiffim32.flt [PX5: 7566982D00277B9F80D50350DD67830032E3B036]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\bmpimp32.flt [PX5: 4F2B1BA800C3BC1C503E01E3DCE39E00FFCE7329]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\cdrimp32.flt [PX5: F5860D2100815E64407A035FC0659800B533307B]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\epsimp32.flt [PX5: 9C00306300B556BB40CF01A4750F2E00628619C7]
[U] c:\programme\zubehör\pcximp32.flt [PX5: 6FD339E900CFB53B682900A6A941B2004E17054C]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\pictim32.flt [PX5: CAEE0767000B5226005F0249FF272000F62CAB26]
[U] c:\programme\gemeinsame dateien\microsoft shared\grphflt\wmfimp32.flt [PX5: 971F6A2B00A27CEF908B002DDDE82A00CF262EDE]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\html32.cnv [PX5: 27F39D6A10F5A5E31152068DB02DF3009C11DF04]
[U] c:\windows\system32\msencode.dll [PX5: B92E2C9A10F995D171EC01C5B615FB00F5A9F892]
[U] c:\programme\gemeinsame dateien\microsoft shared\msinfo\msinfo32.exe [PX5: D6AF82BB100AFFF241CD003225F5E300CBE27CD0]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\wrd6ex32.cnv [PX5: A5D0E0CE00755942B04F1033453FD8003CB438EA]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\write32.wpc [PX5: 71A6A3C410C4AC08B11A01656F55D10073DDE98C]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\mswrd632.wpc [PX5: 255241CE108E0D0D41E903D813E15E00A70B1455]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\mswrd832.cnv [PX5: 7F2638A5106ED8124105046AE7616C005B72B81D]
[U] c:\programme\gemeinsame dateien\microsoft shared\textconv\recovr32.cnv [PX5: 24DA58C900332748E04600DB083342008BF20FF8]
[U] c:\windows\system32\msdxm.ocx [PX5: 620C84E710FFAE5CEF660CDF0A203E00CDAC281D]
[U] c:\windows\system32\mshta.exe [PX5: 332C76FB1021529F756F0030ADBEF300973E7B12]
[U] c:\windows\system32\wscript.exe [PX5: 559DC54C0065EDEC603901449E96000037F086E1]
[U] c:\windows\system32\mmc.exe [PX5: 0824EB8F109EC5FF437C093AEE59B100931B4703]
[U] c:\programme\outlook express\msimn.exe [PX5: 10B15FF61054D8A6A9A100A3CCCD75000D32172B]
[U] c:\programme\internet explorer\iexplore.exe [PX5: 0F4FA71810622CC6ED76003B3C2E0700C948676B]
[U] c:\windows\system32\drivers\atmlane.sys [PX5: C22668EE50EAF9C1BC2F00896FACB90012B46C99]
[U] c:\windows\system32\drivers\atmuni.sys [PX5: 1015F620B0AF6B530B630592E0EBCE00676F78DE]
[U] c:\windows\system32\drivers\beep.sys [PX5: 12EB5A99F0509FDC0F1800AB92FB3C00B79BCD14]
[U] c:\windows\system32\drivers\cdaudio.sys [PX5: 20011D8490022EB34A7E004A5030B7008936BFA4]
[U] c:\windows\system32\drivers\cdfs.sys [PX5: 0B1FE73090C5A7F8EEDC000EDBE15800E42220E6]
[U] c:\windows\system32\drivers\cinemst2.sys [PX5: F7CED05E70CB719B288904F391CB7100D3DBE1D9]
[U] c:\windows\system32\drivers\class2.sys [PX5: 5CA8AC9C50B64269323600443738A10063E5CF10]
[U] c:\windows\system32\drivers\classpnp.sys [PX5: 1CB0403270942DED832300B82D4DD70074CF3DAD]
[U] c:\windows\system32\drivers\diskdump.sys [PX5: 9018C09450261EF8370C00F1DE3F8100651DD8F2]
[U] c:\windows\system32\drivers\diskperf.sys [PX5: 64A788A11095CB3F1D4D002E0DC594008E8C2454]
[U] c:\windows\system32\drivers\dxapi.sys [PX5: 278233A050F6DF95278300F7D1F75A0061E1CAB1]
[U] c:\windows\system32\drivers\flpydisk.sys [PX5: F00136A690F3E2EC4B790087DE878300453AF4B3]
[U] c:\windows\system32\drivers\fs_rec.sys [PX5: E3512B17D0855CE31CE2000F39CA97004DC5888F]
[U] c:\windows\system32\drivers\irda.sys [PX5: CB36155FB0CC2A6DDE5D0043BC3C1E00787B734B]

rolf54 · 24.02.2009, 17:41

teil 4 :

-------------------

[U] c:\windows\system32\drivers\irsir.sys [PX5: D154D3A8B07C6D4C4D3A00B06C84F6001E5ABA1E]
[U] c:\windows\system32\drivers\mnmdd.sys [PX5: 34499F6B90F55E1D1055005B86A86A000BAB8914]
[U] c:\windows\system32\drivers\modem.sys [PX5: 6FC1888E103217DE71420021B9CFB200F82BD60A]
[U] c:\windows\system32\drivers\mountmgr.sys [PX5: 2255CEE2902DA0B272420072572D110021643BC8]
[U] c:\windows\system32\drivers\msfs.sys [PX5: 96476E75508DCB3D53BC004A7232B60000374A8C]
[U] c:\windows\system32\drivers\nbf.sys [PX5: E7D653D61094EA6F8F86012DA4F28200C7B30F35]
[U] c:\windows\system32\drivers\ndproxy.sys [PX5: F8C106E5F07B13D89D9300AEBA6AF40025E9A3DA]
[U] c:\windows\system32\drivers\nmnt.sys [PX5: E08F53223094278C928900A3E5A27300ABF16C02]
[U] c:\windows\system32\drivers\npfs.sys [PX5: 69ABAA7EB0C3817C90FE0095D6FA66005259CC30]
[U] c:\windows\system32\drivers\null.sys [PX5: 0B9DC2C1F0AC78910A000079830ABB00B79BCD14]
[U] c:\windows\system32\drivers\nwlnkspx.sys [PX5: 578DEA8C7016E460E4C10067A3A0B600334E5EF2]
[U] c:\windows\system32\drivers\nwrdr.sys [PX5: AB34525390CA69216B0502C94FFE0900D1D74FE3]
[U] c:\windows\system32\drivers\partmgr.sys [PX5: AC3341EE90A22A092C2900C2137EC900192504ED]
[U] c:\windows\system32\drivers\parvdm.sys [PX5: F2A67F3A10CCE8A41A24006466D3AF00ADB2B68F]
[U] c:\windows\system32\drivers\pciidex.sys [PX5: 67727BB0B09EC8BA55EE0059C2ED2F005EE1C210]
[U] c:\windows\system32\drivers\psched.sys [PX5: E980FEE2D0D91645E8CC00E53CD9F800F1220D66]
[U] c:\windows\system32\drivers\rasirda.sys [PX5: 7F7EFAB0B0EFA4AD4DD4003D3FFCF1003EEA901D]
[U] c:\windows\system32\drivers\rawwan.sys [PX5: BE7796C0D0546405886C00E08A056200C38452F6]
[U] c:\windows\system32\drivers\sfloppy.sys [PX5: 6DD0089D506F09B028F00093F80C6400D0917A22]
[U] c:\windows\system32\drivers\sfmatalk.sys [PX5: FCB5071BB0994830408502FE0A0B8F00C7BFD36E]
[U] c:\windows\system32\drivers\smclib.sys [PX5: 7CDC164DF0BEE01139E900E6228B94001543E618]
[U] c:\windows\system32\drivers\sonydcam.sys [PX5: B34B5ACC10CDC6A6566C0046FAAF3700EFD263E4]
[U] c:\windows\system32\drivers\streams.sys [PX5: 5BF448B870B63BAF9DC501374166E80016F403B2]
[U] c:\windows\system32\drivers\tape.sys [PX5: B426D0CCF0232D7F293D006E215008001C871333]
[U] c:\windows\system32\drivers\tosdvd.sys [PX5: 03FAF10B5039F77CCBC2006CD783540091BA62A2]
[U] c:\windows\system32\drivers\tsbvcap.sys [PX5: DBBC4642F0353F87552E00223D02BF005F12C1F8]
[U] c:\windows\system32\drivers\usbcamd.sys [PX5: 03518A3F50F1C8DA5DEA00CB3688E5003F4A0B5D]
[U] c:\windows\system32\drivers\vdmindvd.sys [PX5: C9DA0508905805CEE7A50093019EAF00E760764C]
[U] c:\windows\system32\drivers\wmilib.sys [PX5: FD4D25B2902E09A110D00001F404AE00E78686E7]
[U] c:\windows\system32\drivers\ws2ifsl.sys [PX5: 29FFD4B1F043C7362E9000F8D9B24100F222A027]
[U] c:\windows\system32\drivers\fsvga.sys [PX5: A4BE2E12B04D13DF30F700B5E1B43700E069A7CF]
[U] c:\windows\system32\drivers\lvcam.sys [PX5: 2236A686F01AE9CB5A4601594E065B0078FAF9E9]
[U] c:\windows\system32\drivers\lvcodek.sys [PX5: AA2DF023105AF9C4350201CA31B83B008CCB4B91]
[U] c:\windows\system32\drivers\lvsound.sys [PX5: FA45076C10349F0B442B00F545DC69008F292221]
[U] c:\windows\system32\drivers\usbintel.sys [PX5: 98B3479810F6A8983B0A00EAD2E960004689D986]
[U] c:\windows\system32\drivers\acpiec.sys [PX5: D34301C51097DA982DCD007B9254C500F8459206]
[U] c:\windows\system32\drivers\hidparse.sys [PX5: 4AE1AC04F050694E599C00F35982A700B33D40A5]
[U] c:\windows\system32\drivers\usbd.sys [PX5: 6A4240B07047837C501300149E963E00416F1577]
[U] c:\windows\system32\drivers\dlc.sys [PX5: A6523EFAF0B7180BDAD500D5EC2EB40068CC1B00]
[U] c:\windows\system32\drivers\efs.sys [PX5: D7094DF930CBF5036B7800270A656F00D4B02E99]
[U] c:\windows\system32\drivers\fastfat.sys [PX5: 7FD8CAD5F0EDA387239002999BC91C00D077E1E1]
[U] c:\windows\system32\drivers\ksecdd.sys [PX5: 98DBF24FB086DE490CF701D6F98DBB00FEECB71E]
[U] c:\windows\system32\drivers\mf.sys [PX5: E00F17A2905A85CFDFC80072EE93D200014F08C9]
[U] c:\windows\system32\drivers\mup.sys [PX5: 8771D5F7F0243AD752DD0170CD7056007ACE4F0D]
[U] c:\windows\system32\drivers\ndis.sys [PX5: 7A0EC98D90A419057C7902307C8A500027F14624]
[U] c:\windows\system32\drivers\ntfs.sys [PX5: 0FCC5878F04F0D381B4108B4362A54007EAB9F5F]
[U] c:\windows\system32\drivers\nwlnkipx.sys [PX5: 04DABC3AF0A4ED296A2E011089B9A800CEB74316]
[U] c:\windows\system32\drivers\nwlnknb.sys [PX5: 80376FF5F0B0A0D5FFF90092AF24250068A8932B]
[U] c:\windows\system32\drivers\pcmcia.sys [PX5: 54548DEC70F7E859A8240181DE5D53003587A547]
[U] c:\windows\system32\drivers\scsiport.sys [PX5: DBD55737D0A212151A9101C481548400A0A4CBFD]
[U] c:\windows\system32\drivers\tdi.sys [PX5: 7636FDDD509C75B23F7F00F98BBB0E00984715B1]
[U] c:\windows\system32\drivers\udfs.sys [PX5: C0E99EF530C9998DF05E009F64CD1F0010F54F4E]
[U] c:\windows\system32\drivers\videoprt.sys [PX5: 368C06C63074AD13C5FE00A088525800E7531142]
[U] c:\windows\system32\drivers\hidclass.sys [PX5: 3D3F04F250EA0C4C60B2009EBBCD450025A89583]
[U] c:\windows\system32\drivers\ks.sys [PX5: 3B4CCBA300B95328FD1701897EF9A000D626B3D2]
[U] c:\windows\system32\drivers\bdasup.sys [PX5: F405875D803BC1AB2CD90035FF18DE00C9595DE2]
[U] c:\windows\system32\drivers\ndisip.sys [PX5: FBB7CB4080195BB3273D00FC6E5798001EC4907B]
[U] c:\windows\system32\drivers\msdv.sys [PX5: 68CF492F00C4DD89DEB900DCBC91AE00B9632C3D]
[U] c:\windows\system32\drivers\asushwio.sys [PX5: A73AAFA5C01706ED1657005184698A000DFF3991]
[U] c:\windows\system32\drivers\ppsio2.sys [PX5: 86F3CAE900EDA4E657080023B9F5FF00423E2720]
[U] c:\windows\system32\drivers\usbport.sys [PX5: 5FDE7A45F0D60AA7129A02A192BA9800595ED1BE]
[U] c:\windows\system32\drivers\stream.sys [PX5: A8917605808BC0C8BD05009559C97B000CFEA922]
[U] c:\windows\system32\drivers\portcls.sys [PX5: EDC88E4AB053279645D40291CBCD5A005CADD164]
[U] c:\windows\system32\drivers\mbamswissarmy.sys [PX5: 980187E66004A2499637002917ED4200CB3F38FA]
[U] c:\windows\system32\drivers\mbam.sys [PX5: 9D85F0E290EA43593C6000FF35635F00A764C5B5]
[U] c:\io.sys [PX5: 021322BAB6433B2664EB03AC250C4500DECB6B7D]
[U] c:\windows\w_zipper.exe [PX5: BBD447B6000241EC70FE025266517800C2A82AF1]
[U] c:\windows\nsuninst.exe [PX5: 41142C839026A5C2447601532494F6008FDABA92]
[U] c:\windows\setver.exe [PX5: 74056191BBDEFE634AD000B2561BEE0070E8141E]
[U] c:\windows\notepad.exe [PX5: 1903EF491027ED15C91500285D4BD90087EAA15B]
[U] c:\windows\taskman.exe [PX5: 47DE667C101C17418D48002BCF3B470054B3F8BF]
[U] c:\windows\delttsul.exe [PX5: 75363E6A104E25A8150A00412FBBEE0093859209]
[U] c:\windows\system32\wshde.dll [PX5: 340D302F30FBFDE7E091004BD2E1A300D59EBF2F]
[U] c:\windows\system32\updcrl.exe [PX5: 85CD4CE1007E19B91CD7003B3C2E0700A9A364A2]
[U] c:\windows\system32\sisnic.sys [PX5: FB00D45163544C158A7C00AAAFF24F006AD07BBF]
[U] c:\windows\system32\accwiz.exe [PX5: 79EFA680107E155D59210249B3D924006BE67675]
[U] c:\windows\system32\write.exe [PX5: 88AF6DAD1080409619AE00D6CBA4DD00F132598D]
[U] c:\windows\system32\atidemgr.dll [PX5: 9EE4961C000334EF50D302EBC3CAA400BEA443F5]
[U] c:\windows\system32\mscrlrev.dll [PX5: 707665A60043446E18F90075CA758A00064FA332]
[U] c:\windows\system32\icfg95.dll [PX5: DE3F9C201063BE1D3BB5000605EA3400566DC440]
[U] c:\windows\system32\enhsig.dll [PX5: 529564E0109EC81311D6000F8551A50023FA44BA]
[U] c:\windows\system32\atiicdxx.sys [PX5: A2E6AFA000BA99A115600013D52356007C844E2A]
[U] c:\windows\system32\atiiiexx.dll [PX5: FF4EF028003000D2802F04697A5C0500CC4A8D55]
[U] c:\windows\system32\devenum.dll [PX5: 4A929145009B9B1C06FD0218DF6D00009BE01F1A]
[U] c:\windows\system32\chcp.com [PX5: 27BE477F10E99487215700D89BB1400053AA33E5]
[U] c:\windows\system32\d3dim700.dll [PX5: 7AB059CB009B01652A7F0CD56B2B820022021E6D]
[U] c:\windows\system32\d3dpmesh.dll [PX5: DF7DF09A10FF6A6593C700273414300016136AFF]
[U] c:\windows\system32\d3dramp.dll [PX5: 269A189A1057B568058D097CE5C28F00DBBACDC6]
[U] c:\windows\system32\d3dxof.dll [PX5: C7B54BEA100F9E85C1D90075918514008BCC9C4D]
[U] c:\windows\system32\ddraw.dll [PX5: 607FB665007ECFC5780704545D877500DBA747AD]
[U] c:\windows\system32\dinput.dll [PX5: A157781F00C880ACD8950913881F0100C3316C1A]
[U] c:\windows\system32\mciqtz32.dll [PX5: A32C38AA00175A398666007D4BB2080060385AEE]
[U] c:\windows\system32\diskcomp.com [PX5: DC3794A610FDDC29295D00E3873F5500F0336819]
[U] c:\windows\system32\diskcopy.com [PX5: CF1AE46010F49A21210900D7FC9AF200558B4F28]
[U] c:\windows\system32\dmcompos.dll [PX5: 34B50C2B0048595AE4BA0024386D87004288F06D]
[U] c:\windows\system32\dmime.dll [PX5: 2AAEC07E007E7B78C4FD022798B2AA00CD8274DB]
[U] c:\windows\system32\dmloader.dll [PX5: 2D40FD00005FBAFB82D000DA678C490043F31C4D]
[U] c:\windows\system32\dmstyle.dll [PX5: 5EF8771A00C54B7E82F40143CB76F900D28EBEBB]
[U] c:\windows\system32\dmsynth.dll [PX5: 28FC0B3B00A301D78A1B01DE4870EC008DBCCE96]
[U] c:\windows\system32\dmusic.dll [PX5: F9371815008C4EE4E0F301D1FB924A00721CA9F0]
[U] c:\windows\system32\dplaysvr.exe [PX5: 1CE2918E00B333966E8B00493F82D700EDA59A5B]
[U] c:\windows\system32\dplayx.dll [PX5: AEB6222C00CC55998461034333572C00BF805AD5]
[U] c:\windows\system32\dpmodemx.dll [PX5: 6EDD407A00923672306B0190C84F9D00551F8805]
[U] c:\windows\system32\dpwsockx.dll [PX5: 90F81EDA00FD65D8360F01D3FFCF4D006862457A]
[U] c:\windows\system32\dsound.dll [PX5: 61897464008370CDD47405D8D769FF00F76D3506]
[U] c:\windows\system32\dsound3d.dll [PX5: 980A40B6006C2F38C0A913867AB51E006B6E5A40]
[U] c:\windows\system32\dx7vb.dll [PX5: 3BB28E7000B7E0FA3256090D31D7F000B3A39191]
[U] c:\windows\system32\gcdef.dll [PX5: 68677643009C65E4263703249F74AC00C85F84D6]
[U] c:\windows\system32\pid.dll [PX5: 21D1C98A00D4E7287C4300F1131A8C00D367CBD0]
[U] c:\windows\system32\format.com [PX5: 6241C5381069E4A185D300AFDA08E20007CE9EB4]
[U] c:\windows\system32\amstream.dll [PX5: B0270CB2002555B1FC47008524553A00BC0356B4]
[U] c:\windows\system32\graftabl.com [PX5: 69AF5476104B60C987D0004EC1713D00D4B07FBF]
[U] c:\windows\system32\dpnaddr.dll [PX5: E0DBD8660010C6CD0C3300621ACE5300B79BCD14]
[U] c:\windows\system32\mode.com [PX5: 55548F5C101F1EB35135007DDC126300D6439303]
[U] c:\windows\system32\more.com [PX5: B5232F47108D520C416C007710592C006D270D59]
[U] c:\windows\system32\qcap.dll [PX5: 50E16FAB00F2F339EC2D03EEAC0B7100461713A5]
[U] c:\windows\system32\qdv.dll [PX5: 98E4228900BC867BD67904D519EACA009407AE61]
[U] c:\windows\system32\qdvd.dll [PX5: AA37ED9C000A602C2EF707071F45EB00D4966542]
[U] c:\windows\system32\quartz.dll [PX5: 74BF271500F9CE44F27B1D8EDE243A007C298525]
[U] c:\windows\system32\dxdiag.exe [PX5: 267AC2DB00853EBEE06E0EE2D359D300C1AB9E34]
[U] c:\windows\system32\tree.com [PX5: 3C0D342810FF013C3167000BE161C50080A7F04F]
[U] c:\windows\system32\win.com [PX5: FF2B222B10A707C6611B004432987E0045B79E12]
[U] c:\windows\system32\edit.com [PX5: B542A12F6E6E0DA415520148D1845800ED9F60B4]
[U] c:\windows\system32\d3drm.dll [PX5: 8B7027BE1008FB1D91A6058E25779F00CF208C93]
[U] c:\windows\system32\d3dim.dll [PX5: B90D494F105D04CDCF7F06D05736EF00DF7D0911]
[U] c:\windows\system32\dmband.dll [PX5: B90BB50A0070447F6AB900DAF18111008EBCA418]
[U] c:\windows\system32\spcmdcon.sys [PX5: ECC4287A50203942F62202EDA6445D006016FA8F]
[U] c:\windows\system32\win32k.sys [PX5: 1751B105104734FE60AE1AE9F41D4E00130BB26E]
[U] c:\windows\system32\storprop.dll [PX5: F69C4ADF10CC3C758F4F0092D9B3D10061052F77]
[U] c:\windows\system32\msoeacct.dll [PX5: 1A8D467F105BE1A3112C0362D0CD220085471D1E]
[U] c:\windows\system32\d3d8.dll [PX5: D5A1F67700C1420054AE12F76559950043D83035]
[U] c:\windows\system32\acctres.dll [PX5: BB66620900C7669DFCEB00459A9AE700772FEBE5]
[U] c:\windows\system32\icfgnt5.dll [PX5: 3D2B98821020433B17A5003D0A6A5B009D01EEE7]
[U] c:\windows\system32\batt.dll [PX5: 54167C3B10D02451190A00572E3B1D00CC2D21E5]
[U] c:\windows\system32\inetcfg.dll [PX5: 35E08547106A5545E78003F32A1E5900C7AFC03D]
[U] c:\windows\system32\isign32.dll [PX5: F976B0AD100BFEE71D82014263E47C002F8A3A89]
[U] c:\windows\system32\eqnclass.dll [PX5: B254306210A516ABB14D021D5CF59E002F887F60]
[U] c:\windows\system32\icwdial.dll [PX5: CDECF7DD10CA8D11E159006D056C390061BE06C6]
[U] c:\windows\system32\spxcoins.dll [PX5: 3E2C719A00187A0F4CCC02136218E7000A20260B]
[U] c:\windows\system32\icwphbk.dll [PX5: 1114EEEF100223F5C1F40018EDD141007B404845]
[U] c:\windows\system32\dgsetup.dll [PX5: F0E552FF106D761853640139CC501900C298465C]
[U] c:\windows\system32\dgrpsetu.dll [PX5: 8E8CB5C700A2835BE41C0149DB9BEF00B187D17C]
[U] c:\windows\system32\mstinit.exe [PX5: A5A087A4106A820E27750026DBB52F004ED31BE2]
[U] c:\windows\system32\msconf.dll [PX5: 17C5A38F10EF7468D30600BF145ED20080620A41]
[U] c:\windows\system32\nmmkcert.dll [PX5: 44B4BC9B10B16EE9317D00CF3FC06E00730AF468]
[U] c:\windows\system32\kbdycl.dll [PX5: 9B57B50D100924941D9A00FC52412300D9749DE4]
[U] c:\windows\system32\kbdal.dll [PX5: D750F141102F2C871DDB0081EA0BB400396FAFC5]
[U] c:\windows\system32\mnmdd.dll [PX5: 0448A7BD7026480580EE00419F3CD30014A3E806]
[U] c:\windows\system32\kbdcr.dll [PX5: F79211B110A4F1C41D3000509162D6001A8D5275]
[U] c:\windows\system32\nmevtmsg.dll [PX5: 11253C0200A16FF40C1B00BA34A05B00B79BCD14]
[U] c:\windows\system32\kbdcz.dll [PX5: 334C66EE102DF39A1F71006486AA3100414A78E0]
[U] c:\windows\system32\kbdcz1.dll [PX5: 7AAD78CB10DA6E2B1D1D00EDB73D980060E3E287]
[U] c:\windows\system32\ils.dll [PX5: 5219DBB81081B388F76600A70173E60049875DC2]
[U] c:\windows\system32\kbdcz2.dll [PX5: 7FDB046510ECB1C01D31003B681CC600D730A297]
[U] c:\windows\system32\kbdhu.dll [PX5: 82E758591067E0A91D6E00B25BDD0B0030D2FD4E]
[U] c:\windows\system32\kbdhu1.dll [PX5: 4B8008C7107C5BD7192400EE6A9CCD00D446127B]
[U] c:\windows\system32\kbdpl1.dll [PX5: 21DA6F1610596ABE19BC007FA29A93001A5447F1]
[U] c:\windows\system32\kbdpl.dll [PX5: 7AE6E5F7105841491D0800189D050E006BFBFD6D]
[U] c:\windows\system32\kbdro.dll [PX5: F0BEAF4A10E4D3AC19E8003792F9FF00F4A07FE2]
[U] c:\windows\system32\kbdsl.dll [PX5: 7CF1C813108F95771D06002A155A8E007C429F1B]
[U] c:\windows\system32\migicons.exe [PX5: EC4AFC55102FE8B5EB8B0921FA1A4800DEB3A9B3]
[U] c:\windows\system32\kbdsl1.dll [PX5: 307AD3B010F00B9C1D3C003CE0EAD700701F34DF]
[U] c:\windows\system32\awdvstub.exe [PX5: 55E7D57510D402A54DEE01FB90AA80006DE7DBF6]
[U] c:\windows\system32\kbdest.dll [PX5: 564533AB1050D84A1B50001F532B7B0043BD9F50]
[U] c:\windows\system32\d3d8thk.dll [PX5: CBA1AB1C0009B05F1CB900440E44FB000168A0C0]
[U] c:\windows\system32\kbdlv.dll [PX5: 1DC31014101145681B5C0051B81878005153910F]
[U] c:\windows\system32\kbdlv1.dll [PX5: 36550B8210F2121F1B99000C966C270072803703]
[U] c:\windows\system32\d3d9.dll [PX5: EDC630FC007FF4D500BE1A24754AFA000381FBFD]
[U] c:\windows\system32\diactfrm.dll [PX5: 8F07C3070091D0DF028D07F4214772004DD94476]
[U] c:\windows\system32\kbdlt.dll [PX5: B64CDE671074FB93193600F943F8F5004C204653]
[U] c:\windows\system32\dimap.dll [PX5: 42DDE96000A9A404ACC00021CCB52200C14D392F]
[U] c:\windows\system32\kbdlt1.dll [PX5: 7D20835710D1736F190800E53C42EF000CCAA7FD]
[U] c:\windows\system32\dpnhupnp.dll [PX5: 142582960052925B0AB2014A74D6E9001077A51A]
[U] c:\windows\system32\dpnhpast.dll [PX5: EA13B04B009A306A80D4003163800B001910A05E]
[U] c:\windows\system32\dpnet.dll [PX5: AF60E5A000BEBCEF0C0B0B858D4FB10013B0E622]
[U] c:\windows\system32\dpnlobby.dll [PX5: A16BEF800052D6F80C810083ADC9D400B79BCD14]
[U] c:\windows\system32\kbdhe.dll [PX5: DC69B64A10EC76811BAC0089EFF3D50007D2C932]
[U] c:\windows\system32\dpnsvr.exe [PX5: 6170A974003488D64266002433EF1900A53C99C9]
[U] c:\windows\system32\kbdgkl.dll [PX5: 989FEF6D10E568451BD60086B5706100C381E13D]
[U] c:\windows\system32\dpvacm.dll [PX5: 49990569006414184E4F00CFF6C027006FC847FF]
[U] c:\windows\system32\kbdhe220.dll [PX5: 3C2D4FE810F741E91B5E00C2EB4C8200CC40824A]
[U] c:\windows\system32\dpvoice.dll [PX5: 3A8AE86C00EACBD8D49D0588F431B9006B0A5689]
[U] c:\windows\system32\kbdhe319.dll [PX5: 13F1EF1F1097AC86198C00781F7BD900B02242C7]
[U] c:\windows\system32\dpvsetup.exe [PX5: 58D07DB500FEAA353C1901A6B6D72700F3017CF6]
[U] c:\windows\system32\kbdhela2.dll [PX5: 194D602B10CD7D481B09008679874500EA1B6D11]
[U] c:\windows\system32\dpvvox.dll [PX5: B29632FF00CA1834B6400105AF081F0042C75176]
[U] c:\windows\system32\kbdhela3.dll [PX5: E48A4B5E10BA60971B04002594E1D600B63567E2]
[U] c:\windows\system32\kbdhept.dll [PX5: 323DEEFB10188290232900CAB2CBBC000481E8C6]
[U] c:\windows\system32\dx8vb.dll [PX5: F889F9D80073B0B728B312B21F7BC000F874449B]
[U] c:\windows\system32\encapi.dll [PX5: 3E1F0E0E008071344ABB005BCB4F31004CA20818]
[U] c:\windows\system32\msdmo.dll [PX5: D97B50FC00A906AC346400EA1A2104006DB17409]
[U] c:\windows\system32\dxdiagn.dll [PX5: FD9105D500BABCDB00BF1B5A40C8DB00B37E1538]
[U] c:\windows\system32\mswebdvd.dll [PX5: CE5D637600CFF0F1F28904E81DBAA1002BF59120]
[U] c:\windows\system32\kbdblr.dll [PX5: F3CDADA410B979C11967001F5F66ED00C865D0FD]
[U] c:\windows\system32\qasf.dll [PX5: B81C2F4900692D4BA4070252F5A8A5008D45D121]
[U] c:\windows\system32\kbdbu.dll [PX5: D1FC045510DF586419C600F48CFC7F005628C699]
[U] c:\windows\system32\qedit.dll [PX5: CE689F0A005A9DBC70321BD4AB8B3B009897BD0F]
[U] c:\windows\system32\kbdru.dll [PX5: 128F49C510344106192700BD8C88450039A38BF1]
[UP] c:\windows\system32\qedwipes.dll [PX5: 9E8DB6B7002E86BD30B20B075BC967006CD794E9]
[U] c:\windows\system32\kbdru1.dll [PX5: 992773CC101AAA7719AE00E1B7FFA7005330D369]
[U] c:\windows\system32\dmscript.dll [PX5: 9401A627008B7CFB2CDE0102F8C919007408B04B]
[U] c:\windows\system32\kbdycc.dll [PX5: 287BB3C010FCBC11191100FC4595DF008E7EEFFA]
[U] c:\windows\system32\dswave.dll [PX5: BE11CBC6003C11FB48AF005648BEAD0061604B6C]
[U] c:\windows\system32\kbdur.dll [PX5: 4D2C1F5010EC327C19DF00FBD54DBD00C67BFEE3]
[U] c:\windows\system32\dsdmo.dll [PX5: 9789CC4600E7560EDA5C0242BE73E0007EFDAB45]
[U] c:\windows\system32\kbdkaz.dll [PX5: 99C3EB1910C5D8A419BE00889704B2004F57EED0]
[U] c:\windows\system32\dsdmoprp.dll [PX5: A847D57200179209800907B8B8DC6B00EA5FA7EC]
[U] c:\windows\system32\kbduzb.dll [PX5: 47C543D0109B059F193800B4B3B3DD009736450B]
[U] c:\windows\system32\dxdllreg.exe [PX5: E090FDE000EA07AAB6D2003D2A263100A3FEF7DC]
[U] c:\windows\system32\kbdaze.dll [PX5: 8C296BAF10DF4565193B00374BE5180048AAE00B]
[U] c:\windows\system32\kbdtat.dll [PX5: 3F0B596B10973DE7197900837CFA290067E98D8A]

hoffentlich sieht man da durch ...
gruß Rolf

wmsncs.exe mit kolabc.bkf infiziert

Plagegeister aller Art und deren Bekämpfung: wmsncs.exe mit kolabc.bkf infiziert