Home » Viren, Trojaner & Malware Forum » Trojan.Win32.Agent.azsy und weitere Viren » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2

Antworten

Trojan.Win32.Agent.azsy und weitere Viren

11.05.2009, 19:33

Navigator

Member

Beiträge: 11

#1 Hallo,

heute bin ich durch Zufall auf die Seite www[dot]computerscanv1[dot]com weitergeleitet worden und seit dem haeufen sich die Trojaner- und Viruswarnungen bei mir nur so. Auf meinem Rechner sollen an die 500 Trojaner sein und ich weiss nicht wirklich, wie ich sie am besten beseitige und zwar so, dass sie endgueltig zerstoert sind. Mein AntiVir hat mir von all diesen Trojanern bisher nichts erzaehlt.

Um einige der Viren, die sich auf meinem Computer befinden mal zu nennen:
TR/Dropper.Gen
Trojan.Win.Agent.azsy
TR/ATRAPS.Gen
W32.SilliFDC.BAZ
Trojan.Mdropper.AC
GAME/Dldr.TryMedia.Gen
W32.Ackantta.B@mm

Ausserdem kam die Meldung, dass trojans programms downloaded from unionsseek.com und iframeurl.biz

Seit ich diesen Computerscan gemacht habe, wird ebenfalls mein Internet Explorer immerwieder geblockt, zumindest dann, wenn ich einen Onlinescan durchziehen will.

Ich waere uber jede Hilfe, die ich bekommen kann, sehr dankbar. Und wuerde mich freuen, wenn mein PC bald wieder trojaner- und virenfrei waere.

Viele Gruesse
Navigator

11.05.2009, 19:43

Swisstreasure

Moderator

Beiträge: 5694

#2 Hallo

Du hattest anfangs etwas harmloses auf deinem System. Dann hst du Dir ein FAkEprogramm runtergeladen und damit gescannt dabei hast du Dir erst dir richtige Infektion geholt. Die Meldungen bezüglich den erwähnten Vien dürften alle erlogen sein so dass du dir dann dieses FAKEProgramm lädst.

Mache folgendes und poste die Logs:
http://board.protecus.de/t23188.htm

Gruss Swiss

11.05.2009, 23:02

Swisstreasure

Moderator

Beiträge: 5694

#3 >>
Versteckte Dateien sichtbar machen:
1. Klicke unter Start auf Arbeitsplatz.
2. Klicke im Menü Extras auf Ordneroptionen.
3. Dateien und Ordner/Erweiterungen bei bekannten Dateitypen ausblenden --> Haken entfernen
4. Geschützte und Systemdateien ausblenden --> Haken entfernen
5. Versteckte Dateien und Ordner/Alle Dateien und Ordner anzeigen --> Haken setzen.

Bei "Geschützte Systemdateien ausblenden" darf kein Häkchen sein und "Alle Dateien und Ordner anzeigen" muss aktiviert sein.
http://virus-protect.org/invisible.html

>>
Lasse folgende Datei bei www.VIRUSTOTAL.com/de prüfen und poste das Ergebnis:

Zitat

c:\windows\system32\drivers\71833341.sys
c:\dokumente und einstellungen\Besitzer\Desktop\Virus Removal Tool\is-UDDII\startup.exe

Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> hier kopieren

>>
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere in das weisse Feld:

Zitat

Folders to delete:
C:\Programme\PAV

- schliesse alle offenen Programme (denn nach Anwendung des Avengers wird der Rechner neustarten)

- Klicke: Execute

- bestätige, dass der Rechner neu gestartet wird - klicke "yes"
- nach dem Neustart erscheint automatisch ein Log vom Avenger - (C:\avenger.txt), kopiere es ab - mit rechtem Mausklick - kopieren - einfügen

>>
loesche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb

>>
Lade bitte SDfix, wende es im abgesicherten Modus an + poste hier den Report, der nach Neustart erscheint
http://virus-protect.org/artikel/tools/sdfix.html

Gruss swiss

12.05.2009, 11:51

Navigator

Member

Themenstarter

Beiträge: 11

#4 Hier kommen nun die entsprechenden Logs:

Logs von VIRUSTOTAL:

Datei 71833341.sys empfangen 2009.05.12 10:36:56 (CET)
Status: Beendet
Ergebnis: 0/39 (0%)

Antivirus Version letzte aktualisierung Ergebnis

a-squared 4.0.0.101 2009.05.12 -
AhnLab-V3 5.0.0.2 2009.05.12 -
AntiVir 7.9.0.166 2009.05.12 -
Antiy-AVL 2.0.3.1 2009.05.12 -
Authentium 5.1.2.4 2009.05.12 -
Avast 4.8.1335.0 2009.05.11 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.12 -
CAT-QuickHeal 10.00 2009.05.12 -
ClamAV 0.94.1 2009.05.12 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.12 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6500 2009.05.11 -
F-Prot 4.4.4.56 2009.05.11 -
F-Secure 8.0.14470.0 2009.05.12 -
Fortinet 3.117.0.0 2009.05.12 -
GData 19 2009.05.12 -
Ikarus T3.1.1.49.0 2009.05.12 -
K7AntiVirus 7.10.732 2009.05.11 -
Kaspersky 7.0.0.125 2009.05.12 -
McAfee 5612 2009.05.11 -
McAfee+Artemis 5612 2009.05.11 -
McAfee-GW-Edition 6.7.6 2009.05.12 -
Microsoft 1.4602 2009.05.12 -
NOD32 4066 2009.05.12 -
Norman 6.01.05 2009.05.11 -
nProtect 2009.1.8.0 2009.05.12 -
Panda 10.0.0.14 2009.05.11 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.12 -
Rising 21.29.11.00 2009.05.12 -
Sophos 4.41.0 2009.05.12 -
Sunbelt 3.2.1858.2 2009.05.12 -
Symantec 1.4.4.12 2009.05.12 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.12 -
ViRobot 2009.5.12.1730 2009.05.12 -
VirusBuster 4.6.5.0 2009.05.11 -

Datei startup.exe empfangen 2009.05.12 10:44:22 (CET)
Status: Beendet
Ergebnis: 5/40 (12.5%)

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.101 2009.05.12 -
AhnLab-V3 5.0.0.2 2009.05.12 -
AntiVir 7.9.0.166 2009.05.12 -
Antiy-AVL 2.0.3.1 2009.05.12 -
Authentium 5.1.2.4 2009.05.12 -
Avast 4.8.1335.0 2009.05.11 -
AVG 8.5.0.327 2009.05.11 -
BitDefender 7.2 2009.05.12 -
CAT-QuickHeal 10.00 2009.05.12 -
ClamAV 0.94.1 2009.05.12 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.12 -
eSafe 7.0.17.0 2009.05.10 Win32.GenericPWS.y
eTrust-Vet 31.6.6500 2009.05.11 -
F-Prot 4.4.4.56 2009.05.11 -
F-Secure 8.0.14470.0 2009.05.12 -
Fortinet 3.117.0.0 2009.05.12 -
GData 19 2009.05.12 -
Ikarus T3.1.1.49.0 2009.05.12 -
K7AntiVirus 7.10.732 2009.05.11 Trojan-
Spy.Win32.KeyLogger.bhg
Kaspersky 7.0.0.125 2009.05.12 -
McAfee 5612 2009.05.11 Generic PWS.y
McAfee+Artemis 5612 2009.05.11 Generic PWS.y
McAfee-GW-Edition 6.7.6 2009.05.12 -
Microsoft 1.4602 2009.05.12 -
NOD32 4066 2009.05.12 -
Norman 6.01.05 2009.05.11 -
nProtect 2009.1.8.0 2009.05.12 -
Panda 10.0.0.14 2009.05.11 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.12 Medium Risk Malware
Rising 21.29.11.00 2009.05.12 -
Sophos 4.41.0 2009.05.12 -
Sunbelt 3.2.1858.2 2009.05.12 -
Symantec 1.4.4.12 2009.05.12 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.12 -
VBA32 3.12.10.4 2009.05.12 -
ViRobot 2009.5.12.1730 2009.05.12 -
VirusBuster 4.6.5.0 2009.05.11 -

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Folder "C:\Programme\PAV" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

SDFix: Version 1.240
Run by Besitzer on 12.05.2009 at 11:34

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-12 11:41:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programme\Franzis\Alcohol Virtual CD + DVD\"
"h0"=dword:00000000
"ujdew"=hex:71,0a,7f,d9,1e,d8,24,cd,2d,4c,2c,53,30,a9,6c,91,04,a6,46,89,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programme\Franzis\Alcohol Virtual CD + DVD\"
"h0"=dword:00000000
"ujdew"=hex:71,0a,7f,d9,1e,d8,24,cd,2d,4c,2c,53,30,a9,6c,91,04,a6,46,89,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programme\Franzis\Alcohol Virtual CD + DVD\"
"h0"=dword:00000000
"ujdew"=hex:71,0a,7f,d9,1e,d8,24,cd,2d,4c,2c,53,30,a9,6c,91,04,a6,46,89,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:d3433db4
"s2"=dword:a388245b
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programme\Franzis\Alcohol Virtual CD + DVD\"
"h0"=dword:00000000
"ujdew"=hex:71,0a,7f,d9,1e,d8,24,cd,2d,4c,2c,53,30,a9,6c,91,04,a6,46,89,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Programme\Franzis\Alcohol Virtual CD + DVD\"
"h0"=dword:00000000
"ujdew"=hex:71,0a,7f,d9,1e,d8,24,cd,2d,4c,2c,53,30,a9,6c,91,04,a6,46,89,15,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen"
"C:\\Programme\\ICQ6\\ICQ.exe"="C:\\Programme\\ICQ6\\ICQ.exe:*:Enabled:ICQ6"
"C:\\WINDOWS\\system32\\msiexec.exe"="C:\\WINDOWS\\system32\\msiexec.exe:*:Enabled:Windows® installer"
"C:\\Programme\\Opera\\Opera.exe"="C:\\Programme\\Opera\\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Programme\\2K Games\\Firaxis Games\\Sid Meier's Railroads!\\RailRoads.exe"="C:\\Programme\\2K Games\\Firaxis Games\\Sid Meier's Railroads!\\RailRoads.exe:*:Enabled:Sid Meier's Railroads!"
"C:\\Programme\\Sierra Entertainment\\Empire Earth III\\EE3.exe"="C:\\Programme\\Sierra Entertainment\\Empire Earth III\\EE3.exe:*:Enabled:Empire Earth III"
"C:\\Programme\\iTunes\\iTunes.exe"="C:\\Programme\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programme\\Skype\\Phone\\Skype.exe"="C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Programme\\Spiele\\Anno 1701\\Anno1701.exe"="C:\\Programme\\Spiele\\Anno 1701\\Anno1701.exe:*:Enabled:Anno 1701"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :

Files with Hidden Attributes :

Thu 1 Nov 2007 88 ..SHR --- "C:\WINDOWS\system32\ED3D0B23D8.sys"
Thu 1 Nov 2007 2,516 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 20 Nov 1998 3,776 A..H. --- "C:\Programme\DATA BECKER\Das groáe Schriftenpaket 2500\CALL32.DLL"
Tue 4 Sep 2007 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv01.tmp"

Finished!

Gruss
Navigator

12.05.2009, 19:09

Swisstreasure

Moderator

Beiträge: 5694

#5 >>
Auf dem Desktop befindet sich folgendes Programm:
c:\dokumente und einstellungen\Besitzer\Desktop\Virus Removal Tool\is-UDDII\startup.exe
Kennst du es? Dürfte vermutlich das Fakeprogramm sein welches du Dir installiert hast.

>>
Lade Dir Registry Search by Bobbi Flekman

und doppelklicken, um zu starten.
in das Feld: "Enter search strings" (reinschreiben oder reinkopieren)

is-UDDII

in edit und klicke "Ok".
Notepad wird sich öffnen -- kopiere den Text ab und poste ihn.

>>
scanne mit smitfraudfix (option 1 und 2) - poste beide scanreporte
http://virus-protect.org/artikel/tools/smitfrautfix.html

>>
Erstelle eine Uninstall Liste
Starte Hijackthis, waehle "Open the Misc Tools section", oeffne "Open Uninstall Manager", drücke dort "Save list...". Sobald die Liste gespeichert wird, öffnet sich ein Fenster mit den entsprechenden Eintraegen. Bitte diese auch in den eigenen Thread kopieren.

Gruss Swiss

12.05.2009, 21:16

Navigator

Member

Themenstarter

Beiträge: 11

#6 Hier kommen nun die entsprechenden Logs:

Registry Search by Bobbi Flekman:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 12.05.2009 19:44:09 for strings:
; 'is-uddii'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_IS-UDDIIDRV]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_IS-UDDIIDRV\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_IS-UDDIIDRV\0000]
"Service"="is-UDDIIdrv"
"DeviceDesc"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_IS-UDDIIDRV\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_IS-UDDIIDRV\0000\Control]
"ActiveService"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv]
"DisplayName"="is-UDDIIdrv"
"Description"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Instances]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Instances]
"DefaultInstance"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Instances\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Parameters\909]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Parameters\909\Filters]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\is-UDDIIdrv\Enum]
"0"="Root\\LEGACY_IS-UDDIIDRV\\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\qbsl]
; Contents of value:
; .NET CLR Data
; .NET CLR Networking
; .NET Data Provider for Oracle
; .NET Data Provider for SqlServer
; .NETFramework
; Abiosdsk
; abp480n5
; ACPI
; ACPIEC
; adpu160m
; aec
; AFD
; Aha154x
; aic78u2
; aic78xx
; Alerter
; ALG
; AliIde
; AmdK8
; amsint
; AntiVirSchedulerService
; AntiVirService
; Apple Mobile Device
; AppMgmt
; asc
; asc3350p
; asc3550
; ASP.NET
; ASP.NET_1.1.4322
; ASP.NET_2.0.50727
; aspnet_state
; AsyncMac
; atapi
; AtcL001
; Atdisk
; atksgt
; Atmarpc
; AudioSrv
; audstub
; avgio
; avgntflt
; avipbb
; BattC
; Beep
; bgsvcgen
; BITS
; Browser
; cbidf2k
; CCDECODE
; cd20xrnt
; Cdaudio
; Cdfs
; cdrbsdrv
; Cdrom
; Changer
; CiSvc
; ClipSrv
; clr_optimization_v2.0.50727_32
; CmdIde
; COMSysApp
; ContentFilter
; ContentIndex
; Cpqarray
; CryptSvc
; dac2w2k
; dac960nt
; DcomLaunch
; Dhcp
; Disk
; dmadmin
; dmboot
; dmio
; dmload
; dmserver
; DMusic
; Dnscache
; dpti2o
; drmkaud
; ERSvc
; Eventlog
; EventSystem
; Fastfat
; FastUserSwitchingCompatibility
; Fdc
; Fips
; FirebirdServerMAGIXInstance
; Flpydisk
; FltMgr
; FontCache3.0.0.0
; Fs_Rec
; Ftdisk
; GEARAspiWDM
; Gpc
; HDAudBus
; helpsvc
; HidServ
; HidUsb
; hpn
; HTTP
; HTTPFilter
; i2omgmt
; i2omp
; i8042prt
; idsvc
; Imapi
; ImapiService
; inetaccs
; ini910u
; Inport
; IntcAzAudAddService
; IntelIde
; Ip6Fw
; IpFilterDriver
; IpInIp
; IpNat
; iPod Service
; IPSec
; IRENUM
; is-UDDIIdrv
; ISAPISearch
; isapnp
; JavaQuickStarterService
; Kbdclass
; kmixer
; KSecDD
; lanmanserver
; lanmanworkstation
; lbrtfdc
; ldap
; LicenseService
; lirsgt
; LmHosts
; LVcKap
; LVCOMSer
; LVMVDrv
; LVPr2Mon
; LVPrcSrv
; LVSrvLauncher
; Messenger
; mnmdd
; mnmsrvc
; Modem
; Mouclass
; mouhid
; MountMgr
; mraid35x
; MRxDAV
; MRxSmb
; MSDTC
; MSDTC Bridge 3.0.0.0
; Msfs
; MSIServer
; MSKSSRV
; MSPCLOCK
; MSPQM
; mssmbios
; MSTEE
; MTsensor
; Mup
; NABTSFEC
; NDIS
; NdisIP
; NdisTapi
; Ndisuio
; NdisWan
; NDProxy
; Nero BackItUp Scheduler 4.0
; NetBIOS
; NetBT
; NetDDE
; NetDDEdsdm
; Netlogon
; Netman
; NetTcpPortSharing
; Nla
; Npfs
; Ntfs
; NtLmSsp
; NtmsSvc
; Null
; nv
; NVSvc
; NwlnkFlt
; NwlnkFwd
; ose
; Parport
; PartMgr
; ParVdm
; PCI
; PCIDump
; PCIIde
; Pcmcia
; PDCOMP
; PDFRAME
; PDRELI
; PDRFRAME
; perc2
; perc2hib
; PerfDisk
; PerfNet
; PerfOS
; PerfProc
; PlugPlay
; PolicyAgent
; PptpMiniport
; Processor
; ProtectedStorage
; ProtexisLicensing
; PSched
; Ptilink
; PxHelp20
; qbsl
; ql1080
; Ql10wnt
; ql12160
; ql1240
; ql1280
; RasAcd
; RasAuto
; Rasl2tp
; RasMan
; RasPppoe
; Raspti
; Rdbss
; RDPCDD
; RDPDD
; RDPNP
; RDPWD
; RDSessMgr
; redbook
; RemoteAccess
; RpcLocator
; RpcSs
; RSVP
; rtl8029
; SamSs
; SCardSvr
; Schedule
; Secdrv
; seclogon
; SENS
; serenum
; Serial
; ServiceModelEndpoint 3.0.0.0
; ServiceModelOperation 3.0.0.0
; ServiceModelService 3.0.0.0
; sfdrv01
; sfhlp02
; Sfloppy
; sfsync04
; SharedAccess
; ShellHWDetection
; Simbad
; SLIP
; SMSvcHost 3.0.0.0
; Sparrow
; splitter
; Spooler
; sptd
; sr
; srservice
; Srv
; SSDPSRV
; SSHDRV61
; ssmdrv
; StarWindService
; stisvc
; streamip
; swenum
; swmidi
; SwPrv
; symc810
; symc8xx
; sym_hi
; sym_u3
; sysaudio
; SysmonLog
; TapiSrv
; Tcpip
; TDPIPE
; TDTCP
; TermDD
; TermService
; Themes
; TosIde
; TrkWks
; TSDDD
; Udfs
; ultra
; Update
; upnphost
; UPS
; usbaudio
; usbccgp
; usbehci
; usbhub
; usbprint
; usbscan
; USBSTOR
; usbuhci
; usbvideo
; VgaSave
; ViaIde
; videX32
; VolSnap
; VSS
; W32Time
; W3SVC
; Wanarp
; WDICA
; wdmaud
; WebClient
; Windows Workflow Foundation 3.0.0.0
; winmgmt
; Winsock
; WinSock2
; WinTrust
; WmdmPmSN
; WmiApRpl
; WmiApSrv
; WMPNetworkSvc
; WS2IFSL
; wscsvc
; WSTCODEC
; wuauserv
; WudfPf
; WudfRd
; WudfSvc
; WZCSVC
; xfilt
; xmlprov
; YMIDUSB
; {238DEBCE-F388-4A35-B880-384AD698B74E}
; {8C075A56-7116-44B4-AE36-03AD466E419E}
; {BA887454-6EEE-4EC1-AF94-A28BB4F0B0B1}
; {DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}
; a1fe8770
;
"webkagxu"=hex(7):2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,44,00,\
61,00,74,00,61,00,00,00,2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,\
00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,00,00,2e,00,\
4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,\
00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,4f,00,72,00,61,00,\
63,00,6c,00,65,00,00,00,2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,\
00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,\
72,00,20,00,53,00,71,00,6c,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,2e,\
00,4e,00,45,00,54,00,46,00,72,00,61,00,6d,00,65,00,77,00,6f,00,72,00,6b,00,\
00,00,41,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,61,00,62,00,70,\
00,34,00,38,00,30,00,6e,00,35,00,00,00,41,00,43,00,50,00,49,00,00,00,41,00,\
43,00,50,00,49,00,45,00,43,00,00,00,61,00,64,00,70,00,75,00,31,00,36,00,30,\
00,6d,00,00,00,61,00,65,00,63,00,00,00,41,00,46,00,44,00,00,00,41,00,68,00,\
61,00,31,00,35,00,34,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,\
00,00,00,61,00,69,00,63,00,37,00,38,00,78,00,78,00,00,00,41,00,6c,00,65,00,\
72,00,74,00,65,00,72,00,00,00,41,00,4c,00,47,00,00,00,41,00,6c,00,69,00,49,\
00,64,00,65,00,00,00,41,00,6d,00,64,00,4b,00,38,00,00,00,61,00,6d,00,73,00,\
69,00,6e,00,74,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,63,\
00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,\
63,00,65,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,65,00,72,\
00,76,00,69,00,63,00,65,00,00,00,41,00,70,00,70,00,6c,00,65,00,20,00,4d,00,\
6f,00,62,00,69,00,6c,00,65,00,20,00,44,00,65,00,76,00,69,00,63,00,65,00,00,\
00,41,00,70,00,70,00,4d,00,67,00,6d,00,74,00,00,00,61,00,73,00,63,00,00,00,\
61,00,73,00,63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,33,\
00,35,00,35,00,30,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,00,00,\
41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,31,00,2e,00,31,00,2e,00,34,\
00,33,00,32,00,32,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,\
32,00,2e,00,30,00,2e,00,35,00,30,00,37,00,32,00,37,00,00,00,61,00,73,00,70,\
00,6e,00,65,00,74,00,5f,00,73,00,74,00,61,00,74,00,65,00,00,00,41,00,73,00,\
79,00,6e,00,63,00,4d,00,61,00,63,00,00,00,61,00,74,00,61,00,70,00,69,00,00,\
00,41,00,74,00,63,00,4c,00,30,00,30,00,31,00,00,00,41,00,74,00,64,00,69,00,\
73,00,6b,00,00,00,61,00,74,00,6b,00,73,00,67,00,74,00,00,00,41,00,74,00,6d,\
00,61,00,72,00,70,00,63,00,00,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,\
76,00,00,00,61,00,75,00,64,00,73,00,74,00,75,00,62,00,00,00,61,00,76,00,67,\
00,69,00,6f,00,00,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,\
61,00,76,00,69,00,70,00,62,00,62,00,00,00,42,00,61,00,74,00,74,00,43,00,00,\
00,42,00,65,00,65,00,70,00,00,00,62,00,67,00,73,00,76,00,63,00,67,00,65,00,\
6e,00,00,00,42,00,49,00,54,00,53,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,\
00,72,00,00,00,63,00,62,00,69,00,64,00,66,00,32,00,6b,00,00,00,43,00,43,00,\
44,00,45,00,43,00,4f,00,44,00,45,00,00,00,63,00,64,00,32,00,30,00,78,00,72,\
00,6e,00,74,00,00,00,43,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,43,00,\
64,00,66,00,73,00,00,00,63,00,64,00,72,00,62,00,73,00,64,00,72,00,76,00,00,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,43,00,68,00,61,00,6e,00,67,00,65,00,\
72,00,00,00,43,00,69,00,53,00,76,00,63,00,00,00,43,00,6c,00,69,00,70,00,53,\
00,72,00,76,00,00,00,63,00,6c,00,72,00,5f,00,6f,00,70,00,74,00,69,00,6d,00,\
69,00,7a,00,61,00,74,00,69,00,6f,00,6e,00,5f,00,76,00,32,00,2e,00,30,00,2e,\
00,35,00,30,00,37,00,32,00,37,00,5f,00,33,00,32,00,00,00,43,00,6d,00,64,00,\
49,00,64,00,65,00,00,00,43,00,4f,00,4d,00,53,00,79,00,73,00,41,00,70,00,70,\
00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,46,00,69,00,6c,00,74,00,\
65,00,72,00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,49,00,6e,00,64,\
00,65,00,78,00,00,00,43,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,\
43,00,72,00,79,00,70,00,74,00,53,00,76,00,63,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,\
00,00,44,00,63,00,6f,00,6d,00,4c,00,61,00,75,00,6e,00,63,00,68,00,00,00,44,\
00,68,00,63,00,70,00,00,00,44,00,69,00,73,00,6b,00,00,00,64,00,6d,00,61,00,\
64,00,6d,00,69,00,6e,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,74,00,00,00,64,\
00,6d,00,69,00,6f,00,00,00,64,00,6d,00,6c,00,6f,00,61,00,64,00,00,00,64,00,\
6d,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,44,00,4d,00,75,00,73,00,69,\
00,63,00,00,00,44,00,6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,64,00,\
70,00,74,00,69,00,32,00,6f,00,00,00,64,00,72,00,6d,00,6b,00,61,00,75,00,64,\
00,00,00,45,00,52,00,53,00,76,00,63,00,00,00,45,00,76,00,65,00,6e,00,74,00,\
6c,00,6f,00,67,00,00,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,\
00,65,00,6d,00,00,00,46,00,61,00,73,00,74,00,66,00,61,00,74,00,00,00,46,00,\
61,00,73,00,74,00,55,00,73,00,65,00,72,00,53,00,77,00,69,00,74,00,63,00,68,\
00,69,00,6e,00,67,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,\
6c,00,69,00,74,00,79,00,00,00,46,00,64,00,63,00,00,00,46,00,69,00,70,00,73,\
00,00,00,46,00,69,00,72,00,65,00,62,00,69,00,72,00,64,00,53,00,65,00,72,00,\
76,00,65,00,72,00,4d,00,41,00,47,00,49,00,58,00,49,00,6e,00,73,00,74,00,61,\
00,6e,00,63,00,65,00,00,00,46,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,\
00,00,46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,46,00,6f,00,6e,00,74,00,43,\
00,61,00,63,00,68,00,65,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,\
46,00,73,00,5f,00,52,00,65,00,63,00,00,00,46,00,74,00,64,00,69,00,73,00,6b,\
00,00,00,47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,00,4d,00,\
00,00,47,00,70,00,63,00,00,00,48,00,44,00,41,00,75,00,64,00,42,00,75,00,73,\
00,00,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,00,00,48,00,69,00,64,00,\
53,00,65,00,72,00,76,00,00,00,48,00,69,00,64,00,55,00,73,00,62,00,00,00,68,\
00,70,00,6e,00,00,00,48,00,54,00,54,00,50,00,00,00,48,00,54,00,54,00,50,00,\
46,00,69,00,6c,00,74,00,65,00,72,00,00,00,69,00,32,00,6f,00,6d,00,67,00,6d,\
00,74,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,00,69,00,38,00,30,00,34,00,\
32,00,70,00,72,00,74,00,00,00,69,00,64,00,73,00,76,00,63,00,00,00,49,00,6d,\
00,61,00,70,00,69,00,00,00,49,00,6d,00,61,00,70,00,69,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,69,00,6e,00,65,00,74,00,61,00,63,00,63,00,73,\
00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,49,00,6e,00,70,00,\
6f,00,72,00,74,00,00,00,49,00,6e,00,74,00,63,00,41,00,7a,00,41,00,75,00,64,\
00,41,00,64,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,49,00,\
6e,00,74,00,65,00,6c,00,49,00,64,00,65,00,00,00,49,00,70,00,36,00,46,00,77,\
00,00,00,49,00,70,00,46,00,69,00,6c,00,74,00,65,00,72,00,44,00,72,00,69,00,\
76,00,65,00,72,00,00,00,49,00,70,00,49,00,6e,00,49,00,70,00,00,00,49,00,70,\
00,4e,00,61,00,74,00,00,00,69,00,50,00,6f,00,64,00,20,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,00,52,\
00,45,00,4e,00,55,00,4d,00,00,00,69,00,73,00,2d,00,55,00,44,00,44,00,49,00,\
49,00,64,00,72,00,76,00,00,00,49,00,53,00,41,00,50,00,49,00,53,00,65,00,61,\
00,72,00,63,00,68,00,00,00,69,00,73,00,61,00,70,00,6e,00,70,00,00,00,4a,00,\
61,00,76,00,61,00,51,00,75,00,69,00,63,00,6b,00,53,00,74,00,61,00,72,00,74,\
00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,4b,00,62,00,\
64,00,63,00,6c,00,61,00,73,00,73,00,00,00,6b,00,6d,00,69,00,78,00,65,00,72,\
00,00,00,4b,00,53,00,65,00,63,00,44,00,44,00,00,00,6c,00,61,00,6e,00,6d,00,\
61,00,6e,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,6c,00,61,00,6e,00,6d,\
00,61,00,6e,00,77,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,\
6e,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,6c,00,64,00,61,\
00,70,00,00,00,4c,00,69,00,63,00,65,00,6e,00,73,00,65,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,6c,00,69,00,72,00,73,00,67,00,74,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,56,00,63,00,4b,00,61,00,\
70,00,00,00,4c,00,56,00,43,00,4f,00,4d,00,53,00,65,00,72,00,00,00,4c,00,56,\
00,4d,00,56,00,44,00,72,00,76,00,00,00,4c,00,56,00,50,00,72,00,32,00,4d,00,\
6f,00,6e,00,00,00,4c,00,56,00,50,00,72,00,63,00,53,00,72,00,76,00,00,00,4c,\
00,56,00,53,00,72,00,76,00,4c,00,61,00,75,00,6e,00,63,00,68,00,65,00,72,00,\
00,00,4d,00,65,00,73,00,73,00,65,00,6e,00,67,00,65,00,72,00,00,00,6d,00,6e,\
00,6d,00,64,00,64,00,00,00,6d,00,6e,00,6d,00,73,00,72,00,76,00,63,00,00,00,\
4d,00,6f,00,64,00,65,00,6d,00,00,00,4d,00,6f,00,75,00,63,00,6c,00,61,00,73,\
00,73,00,00,00,6d,00,6f,00,75,00,68,00,69,00,64,00,00,00,4d,00,6f,00,75,00,\
6e,00,74,00,4d,00,67,00,72,00,00,00,6d,00,72,00,61,00,69,00,64,00,33,00,35,\
00,78,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,4d,00,52,00,78,00,\
53,00,6d,00,62,00,00,00,4d,00,53,00,44,00,54,00,43,00,00,00,4d,00,53,00,44,\
00,54,00,43,00,20,00,42,00,72,00,69,00,64,00,67,00,65,00,20,00,33,00,2e,00,\
30,00,2e,00,30,00,2e,00,30,00,00,00,4d,00,73,00,66,00,73,00,00,00,4d,00,53,\
00,49,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,4d,00,53,00,4b,00,53,00,\
53,00,52,00,56,00,00,00,4d,00,53,00,50,00,43,00,4c,00,4f,00,43,00,4b,00,00,\
00,4d,00,53,00,50,00,51,00,4d,00,00,00,6d,00,73,00,73,00,6d,00,62,00,69,00,\
6f,00,73,00,00,00,4d,00,53,00,54,00,45,00,45,00,00,00,4d,00,54,00,73,00,65,\
00,6e,00,73,00,6f,00,72,00,00,00,4d,00,75,00,70,00,00,00,4e,00,41,00,42,00,\
54,00,53,00,46,00,45,00,43,00,00,00,4e,00,44,00,49,00,53,00,00,00,4e,00,64,\
00,69,00,73,00,49,00,50,00,00,00,4e,00,64,00,69,00,73,00,54,00,61,00,70,00,\
69,00,00,00,4e,00,64,00,69,00,73,00,75,00,69,00,6f,00,00,00,4e,00,64,00,69,\
00,73,00,57,00,61,00,6e,00,00,00,4e,00,44,00,50,00,72,00,6f,00,78,00,79,00,\
00,00,4e,00,65,00,72,00,6f,00,20,00,42,00,61,00,63,00,6b,00,49,00,74,00,55,\
00,70,00,20,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,20,00,\
34,00,2e,00,30,00,00,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,00,00,4e,\
00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,44,00,44,00,45,00,00,00,\
4e,00,65,00,74,00,44,00,44,00,45,00,64,00,73,00,64,00,6d,00,00,00,4e,00,65,\
00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,6d,00,61,00,\
6e,00,00,00,4e,00,65,00,74,00,54,00,63,00,70,00,50,00,6f,00,72,00,74,00,53,\
00,68,00,61,00,72,00,69,00,6e,00,67,00,00,00,4e,00,6c,00,61,00,00,00,4e,00,\
70,00,66,00,73,00,00,00,4e,00,74,00,66,00,73,00,00,00,4e,00,74,00,4c,00,6d,\
00,53,00,73,00,70,00,00,00,4e,00,74,00,6d,00,73,00,53,00,76,00,63,00,00,00,\
4e,00,75,00,6c,00,6c,00,00,00,6e,00,76,00,00,00,4e,00,56,00,53,00,76,00,63,\
00,00,00,4e,00,77,00,6c,00,6e,00,6b,00,46,00,6c,00,74,00,00,00,4e,00,77,00,\
6c,00,6e,00,6b,00,46,00,77,00,64,00,00,00,6f,00,73,00,65,00,00,00,50,00,61,\
00,72,00,70,00,6f,00,72,00,74,00,00,00,50,00,61,00,72,00,74,00,4d,00,67,00,\
72,00,00,00,50,00,61,00,72,00,56,00,64,00,6d,00,00,00,50,00,43,00,49,00,00,\
00,50,00,43,00,49,00,44,00,75,00,6d,00,70,00,00,00,50,00,43,00,49,00,49,00,\
64,00,65,00,00,00,50,00,63,00,6d,00,63,00,69,00,61,00,00,00,50,00,44,00,43,\
00,4f,00,4d,00,50,00,00,00,50,00,44,00,46,00,52,00,41,00,4d,00,45,00,00,00,\
50,00,44,00,52,00,45,00,4c,00,49,00,00,00,50,00,44,00,52,00,46,00,52,00,41,\
00,4d,00,45,00,00,00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,65,00,72,00,\
63,00,32,00,68,00,69,00,62,00,00,00,50,00,65,00,72,00,66,00,44,00,69,00,73,\
00,6b,00,00,00,50,00,65,00,72,00,66,00,4e,00,65,00,74,00,00,00,50,00,65,00,\
72,00,66,00,4f,00,53,00,00,00,50,00,65,00,72,00,66,00,50,00,72,00,6f,00,63,\
00,00,00,50,00,6c,00,75,00,67,00,50,00,6c,00,61,00,79,00,00,00,50,00,6f,00,\
6c,00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,70,00,74,\
00,70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,72,00,\
6f,00,63,00,65,00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,6f,00,74,00,65,\
00,63,00,74,00,65,00,64,00,53,00,74,00,6f,00,72,00,61,00,67,00,65,00,00,00,\
50,00,72,00,6f,00,74,00,65,00,78,00,69,00,73,00,4c,00,69,00,63,00,65,00,6e,\
00,73,00,69,00,6e,00,67,00,00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,\
50,00,74,00,69,00,6c,00,69,00,6e,00,6b,00,00,00,50,00,78,00,48,00,65,00,6c,\
00,70,00,32,00,30,00,00,00,71,00,62,00,73,00,6c,00,00,00,71,00,6c,00,31,00,\
30,00,38,00,30,00,00,00,51,00,6c,00,31,00,30,00,77,00,6e,00,74,00,00,00,71,\
00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,00,31,00,32,00,34,00,\
30,00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,52,00,61,00,73,00,41,\
00,63,00,64,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,00,00,00,52,00,\
61,00,73,00,6c,00,32,00,74,00,70,00,00,00,52,00,61,00,73,00,4d,00,61,00,6e,\
00,00,00,52,00,61,00,73,00,50,00,70,00,70,00,6f,00,65,00,00,00,52,00,61,00,\
73,00,70,00,74,00,69,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,44,\
00,50,00,43,00,44,00,44,00,00,00,52,00,44,00,50,00,44,00,44,00,00,00,52,00,\
44,00,50,00,4e,00,50,00,00,00,52,00,44,00,50,00,57,00,44,00,00,00,52,00,44,\
00,53,00,65,00,73,00,73,00,4d,00,67,00,72,00,00,00,72,00,65,00,64,00,62,00,\
6f,00,6f,00,6b,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,41,00,63,00,63,\
00,65,00,73,00,73,00,00,00,52,00,70,00,63,00,4c,00,6f,00,63,00,61,00,74,00,\
6f,00,72,00,00,00,52,00,70,00,63,00,53,00,73,00,00,00,52,00,53,00,56,00,50,\
00,00,00,72,00,74,00,6c,00,38,00,30,00,32,00,39,00,00,00,53,00,61,00,6d,00,\
53,00,73,00,00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,\
00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,00,00,53,00,65,00,63,00,64,00,\
72,00,76,00,00,00,73,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,53,\
00,45,00,4e,00,53,00,00,00,73,00,65,00,72,00,65,00,6e,00,75,00,6d,00,00,00,\
53,00,65,00,72,00,69,00,61,00,6c,00,00,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4d,00,6f,00,64,00,65,00,6c,00,45,00,6e,00,64,00,70,00,6f,00,69,00,\
6e,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,64,00,65,00,6c,00,4f,00,70,00,\
65,00,72,00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,\
00,2e,00,30,00,00,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,\
64,00,65,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,33,00,2e,\
00,30,00,2e,00,30,00,2e,00,30,00,00,00,73,00,66,00,64,00,72,00,76,00,30,00,\
31,00,00,00,73,00,66,00,68,00,6c,00,70,00,30,00,32,00,00,00,53,00,66,00,6c,\
00,6f,00,70,00,70,00,79,00,00,00,73,00,66,00,73,00,79,00,6e,00,63,00,30,00,\
34,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,41,00,63,00,63,00,65,00,73,\
00,73,00,00,00,53,00,68,00,65,00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,\
65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,\
00,00,00,53,00,4c,00,49,00,50,00,00,00,53,00,4d,00,53,00,76,00,63,00,48,00,\
6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,\
00,70,00,61,00,72,00,72,00,6f,00,77,00,00,00,73,00,70,00,6c,00,69,00,74,00,\
74,00,65,00,72,00,00,00,53,00,70,00,6f,00,6f,00,6c,00,65,00,72,00,00,00,73,\
00,70,00,74,00,64,00,00,00,73,00,72,00,00,00,73,00,72,00,73,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,53,00,72,00,76,00,00,00,53,00,53,00,44,00,50,\
00,53,00,52,00,56,00,00,00,53,00,53,00,48,00,44,00,52,00,56,00,36,00,31,00,\
00,00,73,00,73,00,6d,00,64,00,72,00,76,00,00,00,53,00,74,00,61,00,72,00,57,\
00,69,00,6e,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,00,\
74,00,69,00,73,00,76,00,63,00,00,00,73,00,74,00,72,00,65,00,61,00,6d,00,69,\
00,70,00,00,00,73,00,77,00,65,00,6e,00,75,00,6d,00,00,00,73,00,77,00,6d,00,\
69,00,64,00,69,00,00,00,53,00,77,00,50,00,72,00,76,00,00,00,73,00,79,00,6d,\
00,63,00,38,00,31,00,30,00,00,00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,\
00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,00,73,00,79,00,6d,00,5f,00,75,\
00,33,00,00,00,73,00,79,00,73,00,61,00,75,00,64,00,69,00,6f,00,00,00,53,00,\
79,00,73,00,6d,00,6f,00,6e,00,4c,00,6f,00,67,00,00,00,54,00,61,00,70,00,69,\
00,53,00,72,00,76,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,54,00,44,00,\
50,00,49,00,50,00,45,00,00,00,54,00,44,00,54,00,43,00,50,00,00,00,54,00,65,\
00,72,00,6d,00,44,00,44,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,54,00,68,00,65,00,6d,00,65,00,73,00,00,00,54,\
00,6f,00,73,00,49,00,64,00,65,00,00,00,54,00,72,00,6b,00,57,00,6b,00,73,00,\
00,00,54,00,53,00,44,00,44,00,44,00,00,00,55,00,64,00,66,00,73,00,00,00,75,\
00,6c,00,74,00,72,00,61,00,00,00,55,00,70,00,64,00,61,00,74,00,65,00,00,00,\
75,00,70,00,6e,00,70,00,68,00,6f,00,73,00,74,00,00,00,55,00,50,00,53,00,00,\
00,75,00,73,00,62,00,61,00,75,00,64,00,69,00,6f,00,00,00,75,00,73,00,62,00,\
63,00,63,00,67,00,70,00,00,00,75,00,73,00,62,00,65,00,68,00,63,00,69,00,00,\
00,75,00,73,00,62,00,68,00,75,00,62,00,00,00,75,00,73,00,62,00,70,00,72,00,\
69,00,6e,00,74,00,00,00,75,00,73,00,62,00,73,00,63,00,61,00,6e,00,00,00,55,\
00,53,00,42,00,53,00,54,00,4f,00,52,00,00,00,75,00,73,00,62,00,75,00,68,00,\
63,00,69,00,00,00,75,00,73,00,62,00,76,00,69,00,64,00,65,00,6f,00,00,00,56,\
00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,56,00,69,00,61,00,49,00,64,00,\
65,00,00,00,76,00,69,00,64,00,65,00,58,00,33,00,32,00,00,00,56,00,6f,00,6c,\
00,53,00,6e,00,61,00,70,00,00,00,56,00,53,00,53,00,00,00,57,00,33,00,32,00,\
54,00,69,00,6d,00,65,00,00,00,57,00,33,00,53,00,56,00,43,00,00,00,57,00,61,\
00,6e,00,61,00,72,00,70,00,00,00,57,00,44,00,49,00,43,00,41,00,00,00,77,00,\
64,00,6d,00,61,00,75,00,64,00,00,00,57,00,65,00,62,00,43,00,6c,00,69,00,65,\
00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,57,00,\
6f,00,72,00,6b,00,66,00,6c,00,6f,00,77,00,20,00,46,00,6f,00,75,00,6e,00,64,\
00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,\
30,00,00,00,77,00,69,00,6e,00,6d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,\
00,73,00,6f,00,63,00,6b,00,00,00,57,00,69,00,6e,00,53,00,6f,00,63,00,6b,00,\
32,00,00,00,57,00,69,00,6e,00,54,00,72,00,75,00,73,00,74,00,00,00,57,00,6d,\
00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,6d,00,69,00,41,00,70,00,\
52,00,70,00,6c,00,00,00,57,00,6d,00,69,00,41,00,70,00,53,00,72,00,76,00,00,\
00,57,00,4d,00,50,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,53,00,76,00,\
63,00,00,00,57,00,53,00,32,00,49,00,46,00,53,00,4c,00,00,00,77,00,73,00,63,\
00,73,00,76,00,63,00,00,00,57,00,53,00,54,00,43,00,4f,00,44,00,45,00,43,00,\
00,00,77,00,75,00,61,00,75,00,73,00,65,00,72,00,76,00,00,00,57,00,75,00,64,\
00,66,00,50,00,66,00,00,00,57,00,75,00,64,00,66,00,52,00,64,00,00,00,57,00,\
75,00,64,00,66,00,53,00,76,00,63,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,\
00,00,00,78,00,66,00,69,00,6c,00,74,00,00,00,78,00,6d,00,6c,00,70,00,72,00,\
6f,00,76,00,00,00,59,00,4d,00,49,00,44,00,55,00,53,00,42,00,00,00,7b,00,32,\
00,33,00,38,00,44,00,45,00,42,00,43,00,45,00,2d,00,46,00,33,00,38,00,38,00,\
2d,00,34,00,41,00,33,00,35,00,2d,00,42,00,38,00,38,00,30,00,2d,00,33,00,38,\
00,34,00,41,00,44,00,36,00,39,00,38,00,42,00,37,00,34,00,45,00,7d,00,00,00,\
7b,00,38,00,43,00,30,00,37,00,35,00,41,00,35,00,36,00,2d,00,37,00,31,00,31,\
00,36,00,2d,00,34,00,34,00,42,00,34,00,2d,00,41,00,45,00,33,00,36,00,2d,00,\
30,00,33,00,41,00,44,00,34,00,36,00,36,00,45,00,34,00,31,00,39,00,45,00,7d,\
00,00,00,7b,00,42,00,41,00,38,00,38,00,37,00,34,00,35,00,34,00,2d,00,36,00,\
45,00,45,00,45,00,2d,00,34,00,45,00,43,00,31,00,2d,00,41,00,46,00,39,00,34,\
00,2d,00,41,00,32,00,38,00,42,00,42,00,34,00,46,00,30,00,42,00,30,00,42,00,\
31,00,7d,00,00,00,7b,00,44,00,44,00,33,00,33,00,32,00,43,00,44,00,34,00,2d,\
00,33,00,46,00,37,00,45,00,2d,00,34,00,32,00,46,00,44,00,2d,00,42,00,33,00,\
32,00,45,00,2d,00,44,00,34,00,39,00,36,00,38,00,45,00,37,00,46,00,34,00,42,\
00,33,00,39,00,7d,00,00,00,61,00,31,00,66,00,65,00,38,00,37,00,37,00,30,00,\
00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_IS-UDDIIDRV]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_IS-UDDIIDRV\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_IS-UDDIIDRV\0000]
"Service"="is-UDDIIdrv"
"DeviceDesc"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv]
"DisplayName"="is-UDDIIdrv"
"Description"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Instances]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Instances]
"DefaultInstance"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Instances\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Parameters\909]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Parameters\909\Filters]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\is-UDDIIdrv\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\qbsl]
; Contents of value:
; .NET CLR Data
; .NET CLR Networking
; .NET Data Provider for Oracle
; .NET Data Provider for SqlServer
; .NETFramework
; Abiosdsk
; abp480n5
; ACPI
; ACPIEC
; adpu160m
; aec
; AFD
; Aha154x
; aic78u2
; aic78xx
; Alerter
; ALG
; AliIde
; AmdK8
; amsint
; AntiVirSchedulerService
; AntiVirService
; Apple Mobile Device
; AppMgmt
; asc
; asc3350p
; asc3550
; ASP.NET
; ASP.NET_1.1.4322
; ASP.NET_2.0.50727
; aspnet_state
; AsyncMac
; atapi
; AtcL001
; Atdisk
; atksgt
; Atmarpc
; AudioSrv
; audstub
; avgio
; avgntflt
; avipbb
; BattC
; Beep
; bgsvcgen
; BITS
; Browser
; cbidf2k
; CCDECODE
; cd20xrnt
; Cdaudio
; Cdfs
; cdrbsdrv
; Cdrom
; Changer
; CiSvc
; ClipSrv
; clr_optimization_v2.0.50727_32
; CmdIde
; COMSysApp
; ContentFilter
; ContentIndex
; Cpqarray
; CryptSvc
; dac2w2k
; dac960nt
; DcomLaunch
; Dhcp
; Disk
; dmadmin
; dmboot
; dmio
; dmload
; dmserver
; DMusic
; Dnscache
; dpti2o
; drmkaud
; ERSvc
; Eventlog
; EventSystem
; Fastfat
; FastUserSwitchingCompatibility
; Fdc
; Fips
; FirebirdServerMAGIXInstance
; Flpydisk
; FltMgr
; FontCache3.0.0.0
; Fs_Rec
; Ftdisk
; GEARAspiWDM
; Gpc
; HDAudBus
; helpsvc
; HidServ
; HidUsb
; hpn
; HTTP
; HTTPFilter
; i2omgmt
; i2omp
; i8042prt
; idsvc
; Imapi
; ImapiService
; inetaccs
; ini910u
; Inport
; IntcAzAudAddService
; IntelIde
; Ip6Fw
; IpFilterDriver
; IpInIp
; IpNat
; iPod Service
; IPSec
; IRENUM
; is-UDDIIdrv
; ISAPISearch
; isapnp
; JavaQuickStarterService
; Kbdclass
; kmixer
; KSecDD
; lanmanserver
; lanmanworkstation
; lbrtfdc
; ldap
; LicenseService
; lirsgt
; LmHosts
; LVcKap
; LVCOMSer
; LVMVDrv
; LVPr2Mon
; LVPrcSrv
; LVSrvLauncher
; Messenger
; mnmdd
; mnmsrvc
; Modem
; Mouclass
; mouhid
; MountMgr
; mraid35x
; MRxDAV
; MRxSmb
; MSDTC
; MSDTC Bridge 3.0.0.0
; Msfs
; MSIServer
; MSKSSRV
; MSPCLOCK
; MSPQM
; mssmbios
; MSTEE
; MTsensor
; Mup
; NABTSFEC
; NDIS
; NdisIP
; NdisTapi
; Ndisuio
; NdisWan
; NDProxy
; Nero BackItUp Scheduler 4.0
; NetBIOS
; NetBT
; NetDDE
; NetDDEdsdm
; Netlogon
; Netman
; NetTcpPortSharing
; Nla
; Npfs
; Ntfs
; NtLmSsp
; NtmsSvc
; Null
; nv
; NVSvc
; NwlnkFlt
; NwlnkFwd
; ose
; Parport
; PartMgr
; ParVdm
; PCI
; PCIDump
; PCIIde
; Pcmcia
; PDCOMP
; PDFRAME
; PDRELI
; PDRFRAME
; perc2
; perc2hib
; PerfDisk
; PerfNet
; PerfOS
; PerfProc
; PlugPlay
; PolicyAgent
; PptpMiniport
; Processor
; ProtectedStorage
; ProtexisLicensing
; PSched
; Ptilink
; PxHelp20
; qbsl
; ql1080
; Ql10wnt
; ql12160
; ql1240
; ql1280
; RasAcd
; RasAuto
; Rasl2tp
; RasMan
; RasPppoe
; Raspti
; Rdbss
; RDPCDD
; RDPDD
; RDPNP
; RDPWD
; RDSessMgr
; redbook
; RemoteAccess
; RpcLocator
; RpcSs
; RSVP
; rtl8029
; SamSs
; SCardSvr
; Schedule
; Secdrv
; seclogon
; SENS
; serenum
; Serial
; ServiceModelEndpoint 3.0.0.0
; ServiceModelOperation 3.0.0.0
; ServiceModelService 3.0.0.0
; sfdrv01
; sfhlp02
; Sfloppy
; sfsync04
; SharedAccess
; ShellHWDetection
; Simbad
; SLIP
; SMSvcHost 3.0.0.0
; Sparrow
; splitter
; Spooler
; sptd
; sr
; srservice
; Srv
; SSDPSRV
; SSHDRV61
; ssmdrv
; StarWindService
; stisvc
; streamip
; swenum
; swmidi
; SwPrv
; symc810
; symc8xx
; sym_hi
; sym_u3
; sysaudio
; SysmonLog
; TapiSrv
; Tcpip
; TDPIPE
; TDTCP
; TermDD
; TermService
; Themes
; TosIde
; TrkWks
; TSDDD
; Udfs
; ultra
; Update
; upnphost
; UPS
; usbaudio
; usbccgp
; usbehci
; usbhub
; usbprint
; usbscan
; USBSTOR
; usbuhci
; usbvideo
; VgaSave
; ViaIde
; videX32
; VolSnap
; VSS
; W32Time
; W3SVC
; Wanarp
; WDICA
; wdmaud
; WebClient
; Windows Workflow Foundation 3.0.0.0
; winmgmt
; Winsock
; WinSock2
; WinTrust
; WmdmPmSN
; WmiApRpl
; WmiApSrv
; WMPNetworkSvc
; WS2IFSL
; wscsvc
; WSTCODEC
; wuauserv
; WudfPf
; WudfRd
; WudfSvc
; WZCSVC
; xfilt
; xmlprov
; YMIDUSB
; {238DEBCE-F388-4A35-B880-384AD698B74E}
; {8C075A56-7116-44B4-AE36-03AD466E419E}
; {BA887454-6EEE-4EC1-AF94-A28BB4F0B0B1}
; {DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}
; a1fe8770
;
"webkagxu"=hex(7):2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,44,00,\
61,00,74,00,61,00,00,00,2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,\
00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,00,00,2e,00,\
4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,\
00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,4f,00,72,00,61,00,\
63,00,6c,00,65,00,00,00,2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,\
00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,\
72,00,20,00,53,00,71,00,6c,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,2e,\
00,4e,00,45,00,54,00,46,00,72,00,61,00,6d,00,65,00,77,00,6f,00,72,00,6b,00,\
00,00,41,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,61,00,62,00,70,\
00,34,00,38,00,30,00,6e,00,35,00,00,00,41,00,43,00,50,00,49,00,00,00,41,00,\
43,00,50,00,49,00,45,00,43,00,00,00,61,00,64,00,70,00,75,00,31,00,36,00,30,\
00,6d,00,00,00,61,00,65,00,63,00,00,00,41,00,46,00,44,00,00,00,41,00,68,00,\
61,00,31,00,35,00,34,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,\
00,00,00,61,00,69,00,63,00,37,00,38,00,78,00,78,00,00,00,41,00,6c,00,65,00,\
72,00,74,00,65,00,72,00,00,00,41,00,4c,00,47,00,00,00,41,00,6c,00,69,00,49,\
00,64,00,65,00,00,00,41,00,6d,00,64,00,4b,00,38,00,00,00,61,00,6d,00,73,00,\
69,00,6e,00,74,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,63,\
00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,\
63,00,65,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,65,00,72,\
00,76,00,69,00,63,00,65,00,00,00,41,00,70,00,70,00,6c,00,65,00,20,00,4d,00,\
6f,00,62,00,69,00,6c,00,65,00,20,00,44,00,65,00,76,00,69,00,63,00,65,00,00,\
00,41,00,70,00,70,00,4d,00,67,00,6d,00,74,00,00,00,61,00,73,00,63,00,00,00,\
61,00,73,00,63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,33,\
00,35,00,35,00,30,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,00,00,\
41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,31,00,2e,00,31,00,2e,00,34,\
00,33,00,32,00,32,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,\
32,00,2e,00,30,00,2e,00,35,00,30,00,37,00,32,00,37,00,00,00,61,00,73,00,70,\
00,6e,00,65,00,74,00,5f,00,73,00,74,00,61,00,74,00,65,00,00,00,41,00,73,00,\
79,00,6e,00,63,00,4d,00,61,00,63,00,00,00,61,00,74,00,61,00,70,00,69,00,00,\
00,41,00,74,00,63,00,4c,00,30,00,30,00,31,00,00,00,41,00,74,00,64,00,69,00,\
73,00,6b,00,00,00,61,00,74,00,6b,00,73,00,67,00,74,00,00,00,41,00,74,00,6d,\
00,61,00,72,00,70,00,63,00,00,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,\
76,00,00,00,61,00,75,00,64,00,73,00,74,00,75,00,62,00,00,00,61,00,76,00,67,\
00,69,00,6f,00,00,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,\
61,00,76,00,69,00,70,00,62,00,62,00,00,00,42,00,61,00,74,00,74,00,43,00,00,\
00,42,00,65,00,65,00,70,00,00,00,62,00,67,00,73,00,76,00,63,00,67,00,65,00,\
6e,00,00,00,42,00,49,00,54,00,53,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,\
00,72,00,00,00,63,00,62,00,69,00,64,00,66,00,32,00,6b,00,00,00,43,00,43,00,\
44,00,45,00,43,00,4f,00,44,00,45,00,00,00,63,00,64,00,32,00,30,00,78,00,72,\
00,6e,00,74,00,00,00,43,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,43,00,\
64,00,66,00,73,00,00,00,63,00,64,00,72,00,62,00,73,00,64,00,72,00,76,00,00,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,43,00,68,00,61,00,6e,00,67,00,65,00,\
72,00,00,00,43,00,69,00,53,00,76,00,63,00,00,00,43,00,6c,00,69,00,70,00,53,\
00,72,00,76,00,00,00,63,00,6c,00,72,00,5f,00,6f,00,70,00,74,00,69,00,6d,00,\
69,00,7a,00,61,00,74,00,69,00,6f,00,6e,00,5f,00,76,00,32,00,2e,00,30,00,2e,\
00,35,00,30,00,37,00,32,00,37,00,5f,00,33,00,32,00,00,00,43,00,6d,00,64,00,\
49,00,64,00,65,00,00,00,43,00,4f,00,4d,00,53,00,79,00,73,00,41,00,70,00,70,\
00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,46,00,69,00,6c,00,74,00,\
65,00,72,00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,49,00,6e,00,64,\
00,65,00,78,00,00,00,43,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,\
43,00,72,00,79,00,70,00,74,00,53,00,76,00,63,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,\
00,00,44,00,63,00,6f,00,6d,00,4c,00,61,00,75,00,6e,00,63,00,68,00,00,00,44,\
00,68,00,63,00,70,00,00,00,44,00,69,00,73,00,6b,00,00,00,64,00,6d,00,61,00,\
64,00,6d,00,69,00,6e,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,74,00,00,00,64,\
00,6d,00,69,00,6f,00,00,00,64,00,6d,00,6c,00,6f,00,61,00,64,00,00,00,64,00,\
6d,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,44,00,4d,00,75,00,73,00,69,\
00,63,00,00,00,44,00,6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,64,00,\
70,00,74,00,69,00,32,00,6f,00,00,00,64,00,72,00,6d,00,6b,00,61,00,75,00,64,\
00,00,00,45,00,52,00,53,00,76,00,63,00,00,00,45,00,76,00,65,00,6e,00,74,00,\
6c,00,6f,00,67,00,00,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,\
00,65,00,6d,00,00,00,46,00,61,00,73,00,74,00,66,00,61,00,74,00,00,00,46,00,\
61,00,73,00,74,00,55,00,73,00,65,00,72,00,53,00,77,00,69,00,74,00,63,00,68,\
00,69,00,6e,00,67,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,\
6c,00,69,00,74,00,79,00,00,00,46,00,64,00,63,00,00,00,46,00,69,00,70,00,73,\
00,00,00,46,00,69,00,72,00,65,00,62,00,69,00,72,00,64,00,53,00,65,00,72,00,\
76,00,65,00,72,00,4d,00,41,00,47,00,49,00,58,00,49,00,6e,00,73,00,74,00,61,\
00,6e,00,63,00,65,00,00,00,46,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,\
00,00,46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,46,00,6f,00,6e,00,74,00,43,\
00,61,00,63,00,68,00,65,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,\
46,00,73,00,5f,00,52,00,65,00,63,00,00,00,46,00,74,00,64,00,69,00,73,00,6b,\
00,00,00,47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,00,4d,00,\
00,00,47,00,70,00,63,00,00,00,48,00,44,00,41,00,75,00,64,00,42,00,75,00,73,\
00,00,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,00,00,48,00,69,00,64,00,\
53,00,65,00,72,00,76,00,00,00,48,00,69,00,64,00,55,00,73,00,62,00,00,00,68,\
00,70,00,6e,00,00,00,48,00,54,00,54,00,50,00,00,00,48,00,54,00,54,00,50,00,\
46,00,69,00,6c,00,74,00,65,00,72,00,00,00,69,00,32,00,6f,00,6d,00,67,00,6d,\
00,74,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,00,69,00,38,00,30,00,34,00,\
32,00,70,00,72,00,74,00,00,00,69,00,64,00,73,00,76,00,63,00,00,00,49,00,6d,\
00,61,00,70,00,69,00,00,00,49,00,6d,00,61,00,70,00,69,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,69,00,6e,00,65,00,74,00,61,00,63,00,63,00,73,\
00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,49,00,6e,00,70,00,\
6f,00,72,00,74,00,00,00,49,00,6e,00,74,00,63,00,41,00,7a,00,41,00,75,00,64,\
00,41,00,64,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,49,00,\
6e,00,74,00,65,00,6c,00,49,00,64,00,65,00,00,00,49,00,70,00,36,00,46,00,77,\
00,00,00,49,00,70,00,46,00,69,00,6c,00,74,00,65,00,72,00,44,00,72,00,69,00,\
76,00,65,00,72,00,00,00,49,00,70,00,49,00,6e,00,49,00,70,00,00,00,49,00,70,\
00,4e,00,61,00,74,00,00,00,69,00,50,00,6f,00,64,00,20,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,00,52,\
00,45,00,4e,00,55,00,4d,00,00,00,69,00,73,00,2d,00,55,00,44,00,44,00,49,00,\
49,00,64,00,72,00,76,00,00,00,49,00,53,00,41,00,50,00,49,00,53,00,65,00,61,\
00,72,00,63,00,68,00,00,00,69,00,73,00,61,00,70,00,6e,00,70,00,00,00,4a,00,\
61,00,76,00,61,00,51,00,75,00,69,00,63,00,6b,00,53,00,74,00,61,00,72,00,74,\
00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,4b,00,62,00,\
64,00,63,00,6c,00,61,00,73,00,73,00,00,00,6b,00,6d,00,69,00,78,00,65,00,72,\
00,00,00,4b,00,53,00,65,00,63,00,44,00,44,00,00,00,6c,00,61,00,6e,00,6d,00,\
61,00,6e,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,6c,00,61,00,6e,00,6d,\
00,61,00,6e,00,77,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,\
6e,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,6c,00,64,00,61,\
00,70,00,00,00,4c,00,69,00,63,00,65,00,6e,00,73,00,65,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,6c,00,69,00,72,00,73,00,67,00,74,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,56,00,63,00,4b,00,61,00,\
70,00,00,00,4c,00,56,00,43,00,4f,00,4d,00,53,00,65,00,72,00,00,00,4c,00,56,\
00,4d,00,56,00,44,00,72,00,76,00,00,00,4c,00,56,00,50,00,72,00,32,00,4d,00,\
6f,00,6e,00,00,00,4c,00,56,00,50,00,72,00,63,00,53,00,72,00,76,00,00,00,4c,\
00,56,00,53,00,72,00,76,00,4c,00,61,00,75,00,6e,00,63,00,68,00,65,00,72,00,\
00,00,4d,00,65,00,73,00,73,00,65,00,6e,00,67,00,65,00,72,00,00,00,6d,00,6e,\
00,6d,00,64,00,64,00,00,00,6d,00,6e,00,6d,00,73,00,72,00,76,00,63,00,00,00,\
4d,00,6f,00,64,00,65,00,6d,00,00,00,4d,00,6f,00,75,00,63,00,6c,00,61,00,73,\
00,73,00,00,00,6d,00,6f,00,75,00,68,00,69,00,64,00,00,00,4d,00,6f,00,75,00,\
6e,00,74,00,4d,00,67,00,72,00,00,00,6d,00,72,00,61,00,69,00,64,00,33,00,35,\
00,78,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,4d,00,52,00,78,00,\
53,00,6d,00,62,00,00,00,4d,00,53,00,44,00,54,00,43,00,00,00,4d,00,53,00,44,\
00,54,00,43,00,20,00,42,00,72,00,69,00,64,00,67,00,65,00,20,00,33,00,2e,00,\
30,00,2e,00,30,00,2e,00,30,00,00,00,4d,00,73,00,66,00,73,00,00,00,4d,00,53,\
00,49,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,4d,00,53,00,4b,00,53,00,\
53,00,52,00,56,00,00,00,4d,00,53,00,50,00,43,00,4c,00,4f,00,43,00,4b,00,00,\
00,4d,00,53,00,50,00,51,00,4d,00,00,00,6d,00,73,00,73,00,6d,00,62,00,69,00,\
6f,00,73,00,00,00,4d,00,53,00,54,00,45,00,45,00,00,00,4d,00,54,00,73,00,65,\
00,6e,00,73,00,6f,00,72,00,00,00,4d,00,75,00,70,00,00,00,4e,00,41,00,42,00,\
54,00,53,00,46,00,45,00,43,00,00,00,4e,00,44,00,49,00,53,00,00,00,4e,00,64,\
00,69,00,73,00,49,00,50,00,00,00,4e,00,64,00,69,00,73,00,54,00,61,00,70,00,\
69,00,00,00,4e,00,64,00,69,00,73,00,75,00,69,00,6f,00,00,00,4e,00,64,00,69,\
00,73,00,57,00,61,00,6e,00,00,00,4e,00,44,00,50,00,72,00,6f,00,78,00,79,00,\
00,00,4e,00,65,00,72,00,6f,00,20,00,42,00,61,00,63,00,6b,00,49,00,74,00,55,\
00,70,00,20,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,20,00,\
34,00,2e,00,30,00,00,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,00,00,4e,\
00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,44,00,44,00,45,00,00,00,\
4e,00,65,00,74,00,44,00,44,00,45,00,64,00,73,00,64,00,6d,00,00,00,4e,00,65,\
00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,6d,00,61,00,\
6e,00,00,00,4e,00,65,00,74,00,54,00,63,00,70,00,50,00,6f,00,72,00,74,00,53,\
00,68,00,61,00,72,00,69,00,6e,00,67,00,00,00,4e,00,6c,00,61,00,00,00,4e,00,\
70,00,66,00,73,00,00,00,4e,00,74,00,66,00,73,00,00,00,4e,00,74,00,4c,00,6d,\
00,53,00,73,00,70,00,00,00,4e,00,74,00,6d,00,73,00,53,00,76,00,63,00,00,00,\
4e,00,75,00,6c,00,6c,00,00,00,6e,00,76,00,00,00,4e,00,56,00,53,00,76,00,63,\
00,00,00,4e,00,77,00,6c,00,6e,00,6b,00,46,00,6c,00,74,00,00,00,4e,00,77,00,\
6c,00,6e,00,6b,00,46,00,77,00,64,00,00,00,6f,00,73,00,65,00,00,00,50,00,61,\
00,72,00,70,00,6f,00,72,00,74,00,00,00,50,00,61,00,72,00,74,00,4d,00,67,00,\
72,00,00,00,50,00,61,00,72,00,56,00,64,00,6d,00,00,00,50,00,43,00,49,00,00,\
00,50,00,43,00,49,00,44,00,75,00,6d,00,70,00,00,00,50,00,43,00,49,00,49,00,\
64,00,65,00,00,00,50,00,63,00,6d,00,63,00,69,00,61,00,00,00,50,00,44,00,43,\
00,4f,00,4d,00,50,00,00,00,50,00,44,00,46,00,52,00,41,00,4d,00,45,00,00,00,\
50,00,44,00,52,00,45,00,4c,00,49,00,00,00,50,00,44,00,52,00,46,00,52,00,41,\
00,4d,00,45,00,00,00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,65,00,72,00,\
63,00,32,00,68,00,69,00,62,00,00,00,50,00,65,00,72,00,66,00,44,00,69,00,73,\
00,6b,00,00,00,50,00,65,00,72,00,66,00,4e,00,65,00,74,00,00,00,50,00,65,00,\
72,00,66,00,4f,00,53,00,00,00,50,00,65,00,72,00,66,00,50,00,72,00,6f,00,63,\
00,00,00,50,00,6c,00,75,00,67,00,50,00,6c,00,61,00,79,00,00,00,50,00,6f,00,\
6c,00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,70,00,74,\
00,70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,72,00,\
6f,00,63,00,65,00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,6f,00,74,00,65,\
00,63,00,74,00,65,00,64,00,53,00,74,00,6f,00,72,00,61,00,67,00,65,00,00,00,\
50,00,72,00,6f,00,74,00,65,00,78,00,69,00,73,00,4c,00,69,00,63,00,65,00,6e,\
00,73,00,69,00,6e,00,67,00,00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,\
50,00,74,00,69,00,6c,00,69,00,6e,00,6b,00,00,00,50,00,78,00,48,00,65,00,6c,\
00,70,00,32,00,30,00,00,00,71,00,62,00,73,00,6c,00,00,00,71,00,6c,00,31,00,\
30,00,38,00,30,00,00,00,51,00,6c,00,31,00,30,00,77,00,6e,00,74,00,00,00,71,\
00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,00,31,00,32,00,34,00,\
30,00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,52,00,61,00,73,00,41,\
00,63,00,64,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,00,00,00,52,00,\
61,00,73,00,6c,00,32,00,74,00,70,00,00,00,52,00,61,00,73,00,4d,00,61,00,6e,\
00,00,00,52,00,61,00,73,00,50,00,70,00,70,00,6f,00,65,00,00,00,52,00,61,00,\
73,00,70,00,74,00,69,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,44,\
00,50,00,43,00,44,00,44,00,00,00,52,00,44,00,50,00,44,00,44,00,00,00,52,00,\
44,00,50,00,4e,00,50,00,00,00,52,00,44,00,50,00,57,00,44,00,00,00,52,00,44,\
00,53,00,65,00,73,00,73,00,4d,00,67,00,72,00,00,00,72,00,65,00,64,00,62,00,\
6f,00,6f,00,6b,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,41,00,63,00,63,\
00,65,00,73,00,73,00,00,00,52,00,70,00,63,00,4c,00,6f,00,63,00,61,00,74,00,\
6f,00,72,00,00,00,52,00,70,00,63,00,53,00,73,00,00,00,52,00,53,00,56,00,50,\
00,00,00,72,00,74,00,6c,00,38,00,30,00,32,00,39,00,00,00,53,00,61,00,6d,00,\
53,00,73,00,00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,\
00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,00,00,53,00,65,00,63,00,64,00,\
72,00,76,00,00,00,73,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,53,\
00,45,00,4e,00,53,00,00,00,73,00,65,00,72,00,65,00,6e,00,75,00,6d,00,00,00,\
53,00,65,00,72,00,69,00,61,00,6c,00,00,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4d,00,6f,00,64,00,65,00,6c,00,45,00,6e,00,64,00,70,00,6f,00,69,00,\
6e,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,64,00,65,00,6c,00,4f,00,70,00,\
65,00,72,00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,\
00,2e,00,30,00,00,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,\
64,00,65,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,33,00,2e,\
00,30,00,2e,00,30,00,2e,00,30,00,00,00,73,00,66,00,64,00,72,00,76,00,30,00,\
31,00,00,00,73,00,66,00,68,00,6c,00,70,00,30,00,32,00,00,00,53,00,66,00,6c,\
00,6f,00,70,00,70,00,79,00,00,00,73,00,66,00,73,00,79,00,6e,00,63,00,30,00,\
34,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,41,00,63,00,63,00,65,00,73,\
00,73,00,00,00,53,00,68,00,65,00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,\
65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,\
00,00,00,53,00,4c,00,49,00,50,00,00,00,53,00,4d,00,53,00,76,00,63,00,48,00,\
6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,\
00,70,00,61,00,72,00,72,00,6f,00,77,00,00,00,73,00,70,00,6c,00,69,00,74,00,\
74,00,65,00,72,00,00,00,53,00,70,00,6f,00,6f,00,6c,00,65,00,72,00,00,00,73,\
00,70,00,74,00,64,00,00,00,73,00,72,00,00,00,73,00,72,00,73,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,53,00,72,00,76,00,00,00,53,00,53,00,44,00,50,\
00,53,00,52,00,56,00,00,00,53,00,53,00,48,00,44,00,52,00,56,00,36,00,31,00,\
00,00,73,00,73,00,6d,00,64,00,72,00,76,00,00,00,53,00,74,00,61,00,72,00,57,\
00,69,00,6e,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,00,\
74,00,69,00,73,00,76,00,63,00,00,00,73,00,74,00,72,00,65,00,61,00,6d,00,69,\
00,70,00,00,00,73,00,77,00,65,00,6e,00,75,00,6d,00,00,00,73,00,77,00,6d,00,\
69,00,64,00,69,00,00,00,53,00,77,00,50,00,72,00,76,00,00,00,73,00,79,00,6d,\
00,63,00,38,00,31,00,30,00,00,00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,\
00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,00,73,00,79,00,6d,00,5f,00,75,\
00,33,00,00,00,73,00,79,00,73,00,61,00,75,00,64,00,69,00,6f,00,00,00,53,00,\
79,00,73,00,6d,00,6f,00,6e,00,4c,00,6f,00,67,00,00,00,54,00,61,00,70,00,69,\
00,53,00,72,00,76,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,54,00,44,00,\
50,00,49,00,50,00,45,00,00,00,54,00,44,00,54,00,43,00,50,00,00,00,54,00,65,\
00,72,00,6d,00,44,00,44,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,54,00,68,00,65,00,6d,00,65,00,73,00,00,00,54,\
00,6f,00,73,00,49,00,64,00,65,00,00,00,54,00,72,00,6b,00,57,00,6b,00,73,00,\
00,00,54,00,53,00,44,00,44,00,44,00,00,00,55,00,64,00,66,00,73,00,00,00,75,\
00,6c,00,74,00,72,00,61,00,00,00,55,00,70,00,64,00,61,00,74,00,65,00,00,00,\
75,00,70,00,6e,00,70,00,68,00,6f,00,73,00,74,00,00,00,55,00,50,00,53,00,00,\
00,75,00,73,00,62,00,61,00,75,00,64,00,69,00,6f,00,00,00,75,00,73,00,62,00,\
63,00,63,00,67,00,70,00,00,00,75,00,73,00,62,00,65,00,68,00,63,00,69,00,00,\
00,75,00,73,00,62,00,68,00,75,00,62,00,00,00,75,00,73,00,62,00,70,00,72,00,\
69,00,6e,00,74,00,00,00,75,00,73,00,62,00,73,00,63,00,61,00,6e,00,00,00,55,\
00,53,00,42,00,53,00,54,00,4f,00,52,00,00,00,75,00,73,00,62,00,75,00,68,00,\
63,00,69,00,00,00,75,00,73,00,62,00,76,00,69,00,64,00,65,00,6f,00,00,00,56,\
00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,56,00,69,00,61,00,49,00,64,00,\
65,00,00,00,76,00,69,00,64,00,65,00,58,00,33,00,32,00,00,00,56,00,6f,00,6c,\
00,53,00,6e,00,61,00,70,00,00,00,56,00,53,00,53,00,00,00,57,00,33,00,32,00,\
54,00,69,00,6d,00,65,00,00,00,57,00,33,00,53,00,56,00,43,00,00,00,57,00,61,\
00,6e,00,61,00,72,00,70,00,00,00,57,00,44,00,49,00,43,00,41,00,00,00,77,00,\
64,00,6d,00,61,00,75,00,64,00,00,00,57,00,65,00,62,00,43,00,6c,00,69,00,65,\
00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,57,00,\
6f,00,72,00,6b,00,66,00,6c,00,6f,00,77,00,20,00,46,00,6f,00,75,00,6e,00,64,\
00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,\
30,00,00,00,77,00,69,00,6e,00,6d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,\
00,73,00,6f,00,63,00,6b,00,00,00,57,00,69,00,6e,00,53,00,6f,00,63,00,6b,00,\
32,00,00,00,57,00,69,00,6e,00,54,00,72,00,75,00,73,00,74,00,00,00,57,00,6d,\
00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,6d,00,69,00,41,00,70,00,\
52,00,70,00,6c,00,00,00,57,00,6d,00,69,00,41,00,70,00,53,00,72,00,76,00,00,\
00,57,00,4d,00,50,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,53,00,76,00,\
63,00,00,00,57,00,53,00,32,00,49,00,46,00,53,00,4c,00,00,00,77,00,73,00,63,\
00,73,00,76,00,63,00,00,00,57,00,53,00,54,00,43,00,4f,00,44,00,45,00,43,00,\
00,00,77,00,75,00,61,00,75,00,73,00,65,00,72,00,76,00,00,00,57,00,75,00,64,\
00,66,00,50,00,66,00,00,00,57,00,75,00,64,00,66,00,52,00,64,00,00,00,57,00,\
75,00,64,00,66,00,53,00,76,00,63,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,\
00,00,00,78,00,66,00,69,00,6c,00,74,00,00,00,78,00,6d,00,6c,00,70,00,72,00,\
6f,00,76,00,00,00,59,00,4d,00,49,00,44,00,55,00,53,00,42,00,00,00,7b,00,32,\
00,33,00,38,00,44,00,45,00,42,00,43,00,45,00,2d,00,46,00,33,00,38,00,38,00,\
2d,00,34,00,41,00,33,00,35,00,2d,00,42,00,38,00,38,00,30,00,2d,00,33,00,38,\
00,34,00,41,00,44,00,36,00,39,00,38,00,42,00,37,00,34,00,45,00,7d,00,00,00,\
7b,00,38,00,43,00,30,00,37,00,35,00,41,00,35,00,36,00,2d,00,37,00,31,00,31,\
00,36,00,2d,00,34,00,34,00,42,00,34,00,2d,00,41,00,45,00,33,00,36,00,2d,00,\
30,00,33,00,41,00,44,00,34,00,36,00,36,00,45,00,34,00,31,00,39,00,45,00,7d,\
00,00,00,7b,00,42,00,41,00,38,00,38,00,37,00,34,00,35,00,34,00,2d,00,36,00,\
45,00,45,00,45,00,2d,00,34,00,45,00,43,00,31,00,2d,00,41,00,46,00,39,00,34,\
00,2d,00,41,00,32,00,38,00,42,00,42,00,34,00,46,00,30,00,42,00,30,00,42,00,\
31,00,7d,00,00,00,7b,00,44,00,44,00,33,00,33,00,32,00,43,00,44,00,34,00,2d,\
00,33,00,46,00,37,00,45,00,2d,00,34,00,32,00,46,00,44,00,2d,00,42,00,33,00,\
32,00,45,00,2d,00,44,00,34,00,39,00,36,00,38,00,45,00,37,00,46,00,34,00,42,\
00,33,00,39,00,7d,00,00,00,61,00,31,00,66,00,65,00,38,00,37,00,37,00,30,00,\
00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IS-UDDIIDRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IS-UDDIIDRV\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IS-UDDIIDRV\0000]
"Service"="is-UDDIIdrv"
"DeviceDesc"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IS-UDDIIDRV\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IS-UDDIIDRV\0000\Control]
"ActiveService"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv]
"DisplayName"="is-UDDIIdrv"
"Description"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Instances]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Instances]
"DefaultInstance"="is-UDDIIdrv"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Instances\is-UDDIIdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Parameters\909]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Parameters\909\Filters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UDDIIdrv\Enum]
"0"="Root\\LEGACY_IS-UDDIIDRV\\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qbsl]
; Contents of value:
; .NET CLR Data
; .NET CLR Networking
; .NET Data Provider for Oracle
; .NET Data Provider for SqlServer
; .NETFramework
; Abiosdsk
; abp480n5
; ACPI
; ACPIEC
; adpu160m
; aec
; AFD
; Aha154x
; aic78u2
; aic78xx
; Alerter
; ALG
; AliIde
; AmdK8
; amsint
; AntiVirSchedulerService
; AntiVirService
; Apple Mobile Device
; AppMgmt
; asc
; asc3350p
; asc3550
; ASP.NET
; ASP.NET_1.1.4322
; ASP.NET_2.0.50727
; aspnet_state
; AsyncMac
; atapi
; AtcL001
; Atdisk
; atksgt
; Atmarpc
; AudioSrv
; audstub
; avgio
; avgntflt
; avipbb
; BattC
; Beep
; bgsvcgen
; BITS
; Browser
; cbidf2k
; CCDECODE
; cd20xrnt
; Cdaudio
; Cdfs
; cdrbsdrv
; Cdrom
; Changer
; CiSvc
; ClipSrv
; clr_optimization_v2.0.50727_32
; CmdIde
; COMSysApp
; ContentFilter
; ContentIndex
; Cpqarray
; CryptSvc
; dac2w2k
; dac960nt
; DcomLaunch
; Dhcp
; Disk
; dmadmin
; dmboot
; dmio
; dmload
; dmserver
; DMusic
; Dnscache
; dpti2o
; drmkaud
; ERSvc
; Eventlog
; EventSystem
; Fastfat
; FastUserSwitchingCompatibility
; Fdc
; Fips
; FirebirdServerMAGIXInstance
; Flpydisk
; FltMgr
; FontCache3.0.0.0
; Fs_Rec
; Ftdisk
; GEARAspiWDM
; Gpc
; HDAudBus
; helpsvc
; HidServ
; HidUsb
; hpn
; HTTP
; HTTPFilter
; i2omgmt
; i2omp
; i8042prt
; idsvc
; Imapi
; ImapiService
; inetaccs
; ini910u
; Inport
; IntcAzAudAddService
; IntelIde
; Ip6Fw
; IpFilterDriver
; IpInIp
; IpNat
; iPod Service
; IPSec
; IRENUM
; is-UDDIIdrv
; ISAPISearch
; isapnp
; JavaQuickStarterService
; Kbdclass
; kmixer
; KSecDD
; lanmanserver
; lanmanworkstation
; lbrtfdc
; ldap
; LicenseService
; lirsgt
; LmHosts
; LVcKap
; LVCOMSer
; LVMVDrv
; LVPr2Mon
; LVPrcSrv
; LVSrvLauncher
; Messenger
; mnmdd
; mnmsrvc
; Modem
; Mouclass
; mouhid
; MountMgr
; mraid35x
; MRxDAV
; MRxSmb
; MSDTC
; MSDTC Bridge 3.0.0.0
; Msfs
; MSIServer
; MSKSSRV
; MSPCLOCK
; MSPQM
; mssmbios
; MSTEE
; MTsensor
; Mup
; NABTSFEC
; NDIS
; NdisIP
; NdisTapi
; Ndisuio
; NdisWan
; NDProxy
; Nero BackItUp Scheduler 4.0
; NetBIOS
; NetBT
; NetDDE
; NetDDEdsdm
; Netlogon
; Netman
; NetTcpPortSharing
; Nla
; Npfs
; Ntfs
; NtLmSsp
; NtmsSvc
; Null
; nv
; NVSvc
; NwlnkFlt
; NwlnkFwd
; ose
; Parport
; PartMgr
; ParVdm
; PCI
; PCIDump
; PCIIde
; Pcmcia
; PDCOMP
; PDFRAME
; PDRELI
; PDRFRAME
; perc2
; perc2hib
; PerfDisk
; PerfNet
; PerfOS
; PerfProc
; PlugPlay
; PolicyAgent
; PptpMiniport
; Processor
; ProtectedStorage
; ProtexisLicensing
; PSched
; Ptilink
; PxHelp20
; qbsl
; ql1080
; Ql10wnt
; ql12160
; ql1240
; ql1280
; RasAcd
; RasAuto
; Rasl2tp
; RasMan
; RasPppoe
; Raspti
; Rdbss
; RDPCDD
; RDPDD
; RDPNP
; RDPWD
; RDSessMgr
; redbook
; RemoteAccess
; RpcLocator
; RpcSs
; RSVP
; rtl8029
; SamSs
; SCardSvr
; Schedule
; Secdrv
; seclogon
; SENS
; serenum
; Serial
; ServiceModelEndpoint 3.0.0.0
; ServiceModelOperation 3.0.0.0
; ServiceModelService 3.0.0.0
; sfdrv01
; sfhlp02
; Sfloppy
; sfsync04
; SharedAccess
; ShellHWDetection
; Simbad
; SLIP
; SMSvcHost 3.0.0.0
; Sparrow
; splitter
; Spooler
; sptd
; sr
; srservice
; Srv
; SSDPSRV
; SSHDRV61
; ssmdrv
; StarWindService
; stisvc
; streamip
; swenum
; swmidi
; SwPrv
; symc810
; symc8xx
; sym_hi
; sym_u3
; sysaudio
; SysmonLog
; TapiSrv
; Tcpip
; TDPIPE
; TDTCP
; TermDD
; TermService
; Themes
; TosIde
; TrkWks
; TSDDD
; Udfs
; ultra
; Update
; upnphost
; UPS
; usbaudio
; usbccgp
; usbehci
; usbhub
; usbprint
; usbscan
; USBSTOR
; usbuhci
; usbvideo
; VgaSave
; ViaIde
; videX32
; VolSnap
; VSS
; W32Time
; W3SVC
; Wanarp
; WDICA
; wdmaud
; WebClient
; Windows Workflow Foundation 3.0.0.0
; winmgmt
; Winsock
; WinSock2
; WinTrust
; WmdmPmSN
; WmiApRpl
; WmiApSrv
; WMPNetworkSvc
; WS2IFSL
; wscsvc
; WSTCODEC
; wuauserv
; WudfPf
; WudfRd
; WudfSvc
; WZCSVC
; xfilt
; xmlprov
; YMIDUSB
; {238DEBCE-F388-4A35-B880-384AD698B74E}
; {8C075A56-7116-44B4-AE36-03AD466E419E}
; {BA887454-6EEE-4EC1-AF94-A28BB4F0B0B1}
; {DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}
; a1fe8770
;
"webkagxu"=hex(7):2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,44,00,\
61,00,74,00,61,00,00,00,2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,\
00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,00,00,2e,00,\
4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,\
00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,4f,00,72,00,61,00,\
63,00,6c,00,65,00,00,00,2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,\
00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,\
72,00,20,00,53,00,71,00,6c,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,2e,\
00,4e,00,45,00,54,00,46,00,72,00,61,00,6d,00,65,00,77,00,6f,00,72,00,6b,00,\
00,00,41,00,62,00,69,00,6f,00,73,00,64,00,73,00,6b,00,00,00,61,00,62,00,70,\
00,34,00,38,00,30,00,6e,00,35,00,00,00,41,00,43,00,50,00,49,00,00,00,41,00,\
43,00,50,00,49,00,45,00,43,00,00,00,61,00,64,00,70,00,75,00,31,00,36,00,30,\
00,6d,00,00,00,61,00,65,00,63,00,00,00,41,00,46,00,44,00,00,00,41,00,68,00,\
61,00,31,00,35,00,34,00,78,00,00,00,61,00,69,00,63,00,37,00,38,00,75,00,32,\
00,00,00,61,00,69,00,63,00,37,00,38,00,78,00,78,00,00,00,41,00,6c,00,65,00,\
72,00,74,00,65,00,72,00,00,00,41,00,4c,00,47,00,00,00,41,00,6c,00,69,00,49,\
00,64,00,65,00,00,00,41,00,6d,00,64,00,4b,00,38,00,00,00,61,00,6d,00,73,00,\
69,00,6e,00,74,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,63,\
00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,\
63,00,65,00,00,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,53,00,65,00,72,\
00,76,00,69,00,63,00,65,00,00,00,41,00,70,00,70,00,6c,00,65,00,20,00,4d,00,\
6f,00,62,00,69,00,6c,00,65,00,20,00,44,00,65,00,76,00,69,00,63,00,65,00,00,\
00,41,00,70,00,70,00,4d,00,67,00,6d,00,74,00,00,00,61,00,73,00,63,00,00,00,\
61,00,73,00,63,00,33,00,33,00,35,00,30,00,70,00,00,00,61,00,73,00,63,00,33,\
00,35,00,35,00,30,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,00,00,\
41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,31,00,2e,00,31,00,2e,00,34,\
00,33,00,32,00,32,00,00,00,41,00,53,00,50,00,2e,00,4e,00,45,00,54,00,5f,00,\
32,00,2e,00,30,00,2e,00,35,00,30,00,37,00,32,00,37,00,00,00,61,00,73,00,70,\
00,6e,00,65,00,74,00,5f,00,73,00,74,00,61,00,74,00,65,00,00,00,41,00,73,00,\
79,00,6e,00,63,00,4d,00,61,00,63,00,00,00,61,00,74,00,61,00,70,00,69,00,00,\
00,41,00,74,00,63,00,4c,00,30,00,30,00,31,00,00,00,41,00,74,00,64,00,69,00,\
73,00,6b,00,00,00,61,00,74,00,6b,00,73,00,67,00,74,00,00,00,41,00,74,00,6d,\
00,61,00,72,00,70,00,63,00,00,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,\
76,00,00,00,61,00,75,00,64,00,73,00,74,00,75,00,62,00,00,00,61,00,76,00,67,\
00,69,00,6f,00,00,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,\
61,00,76,00,69,00,70,00,62,00,62,00,00,00,42,00,61,00,74,00,74,00,43,00,00,\
00,42,00,65,00,65,00,70,00,00,00,62,00,67,00,73,00,76,00,63,00,67,00,65,00,\
6e,00,00,00,42,00,49,00,54,00,53,00,00,00,42,00,72,00,6f,00,77,00,73,00,65,\
00,72,00,00,00,63,00,62,00,69,00,64,00,66,00,32,00,6b,00,00,00,43,00,43,00,\
44,00,45,00,43,00,4f,00,44,00,45,00,00,00,63,00,64,00,32,00,30,00,78,00,72,\
00,6e,00,74,00,00,00,43,00,64,00,61,00,75,00,64,00,69,00,6f,00,00,00,43,00,\
64,00,66,00,73,00,00,00,63,00,64,00,72,00,62,00,73,00,64,00,72,00,76,00,00,\
00,43,00,64,00,72,00,6f,00,6d,00,00,00,43,00,68,00,61,00,6e,00,67,00,65,00,\
72,00,00,00,43,00,69,00,53,00,76,00,63,00,00,00,43,00,6c,00,69,00,70,00,53,\
00,72,00,76,00,00,00,63,00,6c,00,72,00,5f,00,6f,00,70,00,74,00,69,00,6d,00,\
69,00,7a,00,61,00,74,00,69,00,6f,00,6e,00,5f,00,76,00,32,00,2e,00,30,00,2e,\
00,35,00,30,00,37,00,32,00,37,00,5f,00,33,00,32,00,00,00,43,00,6d,00,64,00,\
49,00,64,00,65,00,00,00,43,00,4f,00,4d,00,53,00,79,00,73,00,41,00,70,00,70,\
00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,46,00,69,00,6c,00,74,00,\
65,00,72,00,00,00,43,00,6f,00,6e,00,74,00,65,00,6e,00,74,00,49,00,6e,00,64,\
00,65,00,78,00,00,00,43,00,70,00,71,00,61,00,72,00,72,00,61,00,79,00,00,00,\
43,00,72,00,79,00,70,00,74,00,53,00,76,00,63,00,00,00,64,00,61,00,63,00,32,\
00,77,00,32,00,6b,00,00,00,64,00,61,00,63,00,39,00,36,00,30,00,6e,00,74,00,\
00,00,44,00,63,00,6f,00,6d,00,4c,00,61,00,75,00,6e,00,63,00,68,00,00,00,44,\
00,68,00,63,00,70,00,00,00,44,00,69,00,73,00,6b,00,00,00,64,00,6d,00,61,00,\
64,00,6d,00,69,00,6e,00,00,00,64,00,6d,00,62,00,6f,00,6f,00,74,00,00,00,64,\
00,6d,00,69,00,6f,00,00,00,64,00,6d,00,6c,00,6f,00,61,00,64,00,00,00,64,00,\
6d,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,44,00,4d,00,75,00,73,00,69,\
00,63,00,00,00,44,00,6e,00,73,00,63,00,61,00,63,00,68,00,65,00,00,00,64,00,\
70,00,74,00,69,00,32,00,6f,00,00,00,64,00,72,00,6d,00,6b,00,61,00,75,00,64,\
00,00,00,45,00,52,00,53,00,76,00,63,00,00,00,45,00,76,00,65,00,6e,00,74,00,\
6c,00,6f,00,67,00,00,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,\
00,65,00,6d,00,00,00,46,00,61,00,73,00,74,00,66,00,61,00,74,00,00,00,46,00,\
61,00,73,00,74,00,55,00,73,00,65,00,72,00,53,00,77,00,69,00,74,00,63,00,68,\
00,69,00,6e,00,67,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,\
6c,00,69,00,74,00,79,00,00,00,46,00,64,00,63,00,00,00,46,00,69,00,70,00,73,\
00,00,00,46,00,69,00,72,00,65,00,62,00,69,00,72,00,64,00,53,00,65,00,72,00,\
76,00,65,00,72,00,4d,00,41,00,47,00,49,00,58,00,49,00,6e,00,73,00,74,00,61,\
00,6e,00,63,00,65,00,00,00,46,00,6c,00,70,00,79,00,64,00,69,00,73,00,6b,00,\
00,00,46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,46,00,6f,00,6e,00,74,00,43,\
00,61,00,63,00,68,00,65,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,\
46,00,73,00,5f,00,52,00,65,00,63,00,00,00,46,00,74,00,64,00,69,00,73,00,6b,\
00,00,00,47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,00,4d,00,\
00,00,47,00,70,00,63,00,00,00,48,00,44,00,41,00,75,00,64,00,42,00,75,00,73,\
00,00,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,00,00,48,00,69,00,64,00,\
53,00,65,00,72,00,76,00,00,00,48,00,69,00,64,00,55,00,73,00,62,00,00,00,68,\
00,70,00,6e,00,00,00,48,00,54,00,54,00,50,00,00,00,48,00,54,00,54,00,50,00,\
46,00,69,00,6c,00,74,00,65,00,72,00,00,00,69,00,32,00,6f,00,6d,00,67,00,6d,\
00,74,00,00,00,69,00,32,00,6f,00,6d,00,70,00,00,00,69,00,38,00,30,00,34,00,\
32,00,70,00,72,00,74,00,00,00,69,00,64,00,73,00,76,00,63,00,00,00,49,00,6d,\
00,61,00,70,00,69,00,00,00,49,00,6d,00,61,00,70,00,69,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,69,00,6e,00,65,00,74,00,61,00,63,00,63,00,73,\
00,00,00,69,00,6e,00,69,00,39,00,31,00,30,00,75,00,00,00,49,00,6e,00,70,00,\
6f,00,72,00,74,00,00,00,49,00,6e,00,74,00,63,00,41,00,7a,00,41,00,75,00,64,\
00,41,00,64,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,49,00,\
6e,00,74,00,65,00,6c,00,49,00,64,00,65,00,00,00,49,00,70,00,36,00,46,00,77,\
00,00,00,49,00,70,00,46,00,69,00,6c,00,74,00,65,00,72,00,44,00,72,00,69,00,\
76,00,65,00,72,00,00,00,49,00,70,00,49,00,6e,00,49,00,70,00,00,00,49,00,70,\
00,4e,00,61,00,74,00,00,00,69,00,50,00,6f,00,64,00,20,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,49,00,50,00,53,00,65,00,63,00,00,00,49,00,52,\
00,45,00,4e,00,55,00,4d,00,00,00,69,00,73,00,2d,00,55,00,44,00,44,00,49,00,\
49,00,64,00,72,00,76,00,00,00,49,00,53,00,41,00,50,00,49,00,53,00,65,00,61,\
00,72,00,63,00,68,00,00,00,69,00,73,00,61,00,70,00,6e,00,70,00,00,00,4a,00,\
61,00,76,00,61,00,51,00,75,00,69,00,63,00,6b,00,53,00,74,00,61,00,72,00,74,\
00,65,00,72,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,4b,00,62,00,\
64,00,63,00,6c,00,61,00,73,00,73,00,00,00,6b,00,6d,00,69,00,78,00,65,00,72,\
00,00,00,4b,00,53,00,65,00,63,00,44,00,44,00,00,00,6c,00,61,00,6e,00,6d,00,\
61,00,6e,00,73,00,65,00,72,00,76,00,65,00,72,00,00,00,6c,00,61,00,6e,00,6d,\
00,61,00,6e,00,77,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,\
6e,00,00,00,6c,00,62,00,72,00,74,00,66,00,64,00,63,00,00,00,6c,00,64,00,61,\
00,70,00,00,00,4c,00,69,00,63,00,65,00,6e,00,73,00,65,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,6c,00,69,00,72,00,73,00,67,00,74,00,00,00,4c,\
00,6d,00,48,00,6f,00,73,00,74,00,73,00,00,00,4c,00,56,00,63,00,4b,00,61,00,\
70,00,00,00,4c,00,56,00,43,00,4f,00,4d,00,53,00,65,00,72,00,00,00,4c,00,56,\
00,4d,00,56,00,44,00,72,00,76,00,00,00,4c,00,56,00,50,00,72,00,32,00,4d,00,\
6f,00,6e,00,00,00,4c,00,56,00,50,00,72,00,63,00,53,00,72,00,76,00,00,00,4c,\
00,56,00,53,00,72,00,76,00,4c,00,61,00,75,00,6e,00,63,00,68,00,65,00,72,00,\
00,00,4d,00,65,00,73,00,73,00,65,00,6e,00,67,00,65,00,72,00,00,00,6d,00,6e,\
00,6d,00,64,00,64,00,00,00,6d,00,6e,00,6d,00,73,00,72,00,76,00,63,00,00,00,\
4d,00,6f,00,64,00,65,00,6d,00,00,00,4d,00,6f,00,75,00,63,00,6c,00,61,00,73,\
00,73,00,00,00,6d,00,6f,00,75,00,68,00,69,00,64,00,00,00,4d,00,6f,00,75,00,\
6e,00,74,00,4d,00,67,00,72,00,00,00,6d,00,72,00,61,00,69,00,64,00,33,00,35,\
00,78,00,00,00,4d,00,52,00,78,00,44,00,41,00,56,00,00,00,4d,00,52,00,78,00,\
53,00,6d,00,62,00,00,00,4d,00,53,00,44,00,54,00,43,00,00,00,4d,00,53,00,44,\
00,54,00,43,00,20,00,42,00,72,00,69,00,64,00,67,00,65,00,20,00,33,00,2e,00,\
30,00,2e,00,30,00,2e,00,30,00,00,00,4d,00,73,00,66,00,73,00,00,00,4d,00,53,\
00,49,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,4d,00,53,00,4b,00,53,00,\
53,00,52,00,56,00,00,00,4d,00,53,00,50,00,43,00,4c,00,4f,00,43,00,4b,00,00,\
00,4d,00,53,00,50,00,51,00,4d,00,00,00,6d,00,73,00,73,00,6d,00,62,00,69,00,\
6f,00,73,00,00,00,4d,00,53,00,54,00,45,00,45,00,00,00,4d,00,54,00,73,00,65,\
00,6e,00,73,00,6f,00,72,00,00,00,4d,00,75,00,70,00,00,00,4e,00,41,00,42,00,\
54,00,53,00,46,00,45,00,43,00,00,00,4e,00,44,00,49,00,53,00,00,00,4e,00,64,\
00,69,00,73,00,49,00,50,00,00,00,4e,00,64,00,69,00,73,00,54,00,61,00,70,00,\
69,00,00,00,4e,00,64,00,69,00,73,00,75,00,69,00,6f,00,00,00,4e,00,64,00,69,\
00,73,00,57,00,61,00,6e,00,00,00,4e,00,44,00,50,00,72,00,6f,00,78,00,79,00,\
00,00,4e,00,65,00,72,00,6f,00,20,00,42,00,61,00,63,00,6b,00,49,00,74,00,55,\
00,70,00,20,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,72,00,20,00,\
34,00,2e,00,30,00,00,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,00,00,4e,\
00,65,00,74,00,42,00,54,00,00,00,4e,00,65,00,74,00,44,00,44,00,45,00,00,00,\
4e,00,65,00,74,00,44,00,44,00,45,00,64,00,73,00,64,00,6d,00,00,00,4e,00,65,\
00,74,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,4e,00,65,00,74,00,6d,00,61,00,\
6e,00,00,00,4e,00,65,00,74,00,54,00,63,00,70,00,50,00,6f,00,72,00,74,00,53,\
00,68,00,61,00,72,00,69,00,6e,00,67,00,00,00,4e,00,6c,00,61,00,00,00,4e,00,\
70,00,66,00,73,00,00,00,4e,00,74,00,66,00,73,00,00,00,4e,00,74,00,4c,00,6d,\
00,53,00,73,00,70,00,00,00,4e,00,74,00,6d,00,73,00,53,00,76,00,63,00,00,00,\
4e,00,75,00,6c,00,6c,00,00,00,6e,00,76,00,00,00,4e,00,56,00,53,00,76,00,63,\
00,00,00,4e,00,77,00,6c,00,6e,00,6b,00,46,00,6c,00,74,00,00,00,4e,00,77,00,\
6c,00,6e,00,6b,00,46,00,77,00,64,00,00,00,6f,00,73,00,65,00,00,00,50,00,61,\
00,72,00,70,00,6f,00,72,00,74,00,00,00,50,00,61,00,72,00,74,00,4d,00,67,00,\
72,00,00,00,50,00,61,00,72,00,56,00,64,00,6d,00,00,00,50,00,43,00,49,00,00,\
00,50,00,43,00,49,00,44,00,75,00,6d,00,70,00,00,00,50,00,43,00,49,00,49,00,\
64,00,65,00,00,00,50,00,63,00,6d,00,63,00,69,00,61,00,00,00,50,00,44,00,43,\
00,4f,00,4d,00,50,00,00,00,50,00,44,00,46,00,52,00,41,00,4d,00,45,00,00,00,\
50,00,44,00,52,00,45,00,4c,00,49,00,00,00,50,00,44,00,52,00,46,00,52,00,41,\
00,4d,00,45,00,00,00,70,00,65,00,72,00,63,00,32,00,00,00,70,00,65,00,72,00,\
63,00,32,00,68,00,69,00,62,00,00,00,50,00,65,00,72,00,66,00,44,00,69,00,73,\
00,6b,00,00,00,50,00,65,00,72,00,66,00,4e,00,65,00,74,00,00,00,50,00,65,00,\
72,00,66,00,4f,00,53,00,00,00,50,00,65,00,72,00,66,00,50,00,72,00,6f,00,63,\
00,00,00,50,00,6c,00,75,00,67,00,50,00,6c,00,61,00,79,00,00,00,50,00,6f,00,\
6c,00,69,00,63,00,79,00,41,00,67,00,65,00,6e,00,74,00,00,00,50,00,70,00,74,\
00,70,00,4d,00,69,00,6e,00,69,00,70,00,6f,00,72,00,74,00,00,00,50,00,72,00,\
6f,00,63,00,65,00,73,00,73,00,6f,00,72,00,00,00,50,00,72,00,6f,00,74,00,65,\
00,63,00,74,00,65,00,64,00,53,00,74,00,6f,00,72,00,61,00,67,00,65,00,00,00,\
50,00,72,00,6f,00,74,00,65,00,78,00,69,00,73,00,4c,00,69,00,63,00,65,00,6e,\
00,73,00,69,00,6e,00,67,00,00,00,50,00,53,00,63,00,68,00,65,00,64,00,00,00,\
50,00,74,00,69,00,6c,00,69,00,6e,00,6b,00,00,00,50,00,78,00,48,00,65,00,6c,\
00,70,00,32,00,30,00,00,00,71,00,62,00,73,00,6c,00,00,00,71,00,6c,00,31,00,\
30,00,38,00,30,00,00,00,51,00,6c,00,31,00,30,00,77,00,6e,00,74,00,00,00,71,\
00,6c,00,31,00,32,00,31,00,36,00,30,00,00,00,71,00,6c,00,31,00,32,00,34,00,\
30,00,00,00,71,00,6c,00,31,00,32,00,38,00,30,00,00,00,52,00,61,00,73,00,41,\
00,63,00,64,00,00,00,52,00,61,00,73,00,41,00,75,00,74,00,6f,00,00,00,52,00,\
61,00,73,00,6c,00,32,00,74,00,70,00,00,00,52,00,61,00,73,00,4d,00,61,00,6e,\
00,00,00,52,00,61,00,73,00,50,00,70,00,70,00,6f,00,65,00,00,00,52,00,61,00,\
73,00,70,00,74,00,69,00,00,00,52,00,64,00,62,00,73,00,73,00,00,00,52,00,44,\
00,50,00,43,00,44,00,44,00,00,00,52,00,44,00,50,00,44,00,44,00,00,00,52,00,\
44,00,50,00,4e,00,50,00,00,00,52,00,44,00,50,00,57,00,44,00,00,00,52,00,44,\
00,53,00,65,00,73,00,73,00,4d,00,67,00,72,00,00,00,72,00,65,00,64,00,62,00,\
6f,00,6f,00,6b,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,41,00,63,00,63,\
00,65,00,73,00,73,00,00,00,52,00,70,00,63,00,4c,00,6f,00,63,00,61,00,74,00,\
6f,00,72,00,00,00,52,00,70,00,63,00,53,00,73,00,00,00,52,00,53,00,56,00,50,\
00,00,00,72,00,74,00,6c,00,38,00,30,00,32,00,39,00,00,00,53,00,61,00,6d,00,\
53,00,73,00,00,00,53,00,43,00,61,00,72,00,64,00,53,00,76,00,72,00,00,00,53,\
00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,00,00,53,00,65,00,63,00,64,00,\
72,00,76,00,00,00,73,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,53,\
00,45,00,4e,00,53,00,00,00,73,00,65,00,72,00,65,00,6e,00,75,00,6d,00,00,00,\
53,00,65,00,72,00,69,00,61,00,6c,00,00,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4d,00,6f,00,64,00,65,00,6c,00,45,00,6e,00,64,00,70,00,6f,00,69,00,\
6e,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,64,00,65,00,6c,00,4f,00,70,00,\
65,00,72,00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,\
00,2e,00,30,00,00,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,4d,00,6f,00,\
64,00,65,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,33,00,2e,\
00,30,00,2e,00,30,00,2e,00,30,00,00,00,73,00,66,00,64,00,72,00,76,00,30,00,\
31,00,00,00,73,00,66,00,68,00,6c,00,70,00,30,00,32,00,00,00,53,00,66,00,6c,\
00,6f,00,70,00,70,00,79,00,00,00,73,00,66,00,73,00,79,00,6e,00,63,00,30,00,\
34,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,41,00,63,00,63,00,65,00,73,\
00,73,00,00,00,53,00,68,00,65,00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,\
65,00,63,00,74,00,69,00,6f,00,6e,00,00,00,53,00,69,00,6d,00,62,00,61,00,64,\
00,00,00,53,00,4c,00,49,00,50,00,00,00,53,00,4d,00,53,00,76,00,63,00,48,00,\
6f,00,73,00,74,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,30,00,00,00,53,\
00,70,00,61,00,72,00,72,00,6f,00,77,00,00,00,73,00,70,00,6c,00,69,00,74,00,\
74,00,65,00,72,00,00,00,53,00,70,00,6f,00,6f,00,6c,00,65,00,72,00,00,00,73,\
00,70,00,74,00,64,00,00,00,73,00,72,00,00,00,73,00,72,00,73,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,53,00,72,00,76,00,00,00,53,00,53,00,44,00,50,\
00,53,00,52,00,56,00,00,00,53,00,53,00,48,00,44,00,52,00,56,00,36,00,31,00,\
00,00,73,00,73,00,6d,00,64,00,72,00,76,00,00,00,53,00,74,00,61,00,72,00,57,\
00,69,00,6e,00,64,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,73,00,\
74,00,69,00,73,00,76,00,63,00,00,00,73,00,74,00,72,00,65,00,61,00,6d,00,69,\
00,70,00,00,00,73,00,77,00,65,00,6e,00,75,00,6d,00,00,00,73,00,77,00,6d,00,\
69,00,64,00,69,00,00,00,53,00,77,00,50,00,72,00,76,00,00,00,73,00,79,00,6d,\
00,63,00,38,00,31,00,30,00,00,00,73,00,79,00,6d,00,63,00,38,00,78,00,78,00,\
00,00,73,00,79,00,6d,00,5f,00,68,00,69,00,00,00,73,00,79,00,6d,00,5f,00,75,\
00,33,00,00,00,73,00,79,00,73,00,61,00,75,00,64,00,69,00,6f,00,00,00,53,00,\
79,00,73,00,6d,00,6f,00,6e,00,4c,00,6f,00,67,00,00,00,54,00,61,00,70,00,69,\
00,53,00,72,00,76,00,00,00,54,00,63,00,70,00,69,00,70,00,00,00,54,00,44,00,\
50,00,49,00,50,00,45,00,00,00,54,00,44,00,54,00,43,00,50,00,00,00,54,00,65,\
00,72,00,6d,00,44,00,44,00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,\
76,00,69,00,63,00,65,00,00,00,54,00,68,00,65,00,6d,00,65,00,73,00,00,00,54,\
00,6f,00,73,00,49,00,64,00,65,00,00,00,54,00,72,00,6b,00,57,00,6b,00,73,00,\
00,00,54,00,53,00,44,00,44,00,44,00,00,00,55,00,64,00,66,00,73,00,00,00,75,\
00,6c,00,74,00,72,00,61,00,00,00,55,00,70,00,64,00,61,00,74,00,65,00,00,00,\
75,00,70,00,6e,00,70,00,68,00,6f,00,73,00,74,00,00,00,55,00,50,00,53,00,00,\
00,75,00,73,00,62,00,61,00,75,00,64,00,69,00,6f,00,00,00,75,00,73,00,62,00,\
63,00,63,00,67,00,70,00,00,00,75,00,73,00,62,00,65,00,68,00,63,00,69,00,00,\
00,75,00,73,00,62,00,68,00,75,00,62,00,00,00,75,00,73,00,62,00,70,00,72,00,\
69,00,6e,00,74,00,00,00,75,00,73,00,62,00,73,00,63,00,61,00,6e,00,00,00,55,\
00,53,00,42,00,53,00,54,00,4f,00,52,00,00,00,75,00,73,00,62,00,75,00,68,00,\
63,00,69,00,00,00,75,00,73,00,62,00,76,00,69,00,64,00,65,00,6f,00,00,00,56,\
00,67,00,61,00,53,00,61,00,76,00,65,00,00,00,56,00,69,00,61,00,49,00,64,00,\
65,00,00,00,76,00,69,00,64,00,65,00,58,00,33,00,32,00,00,00,56,00,6f,00,6c,\
00,53,00,6e,00,61,00,70,00,00,00,56,00,53,00,53,00,00,00,57,00,33,00,32,00,\
54,00,69,00,6d,00,65,00,00,00,57,00,33,00,53,00,56,00,43,00,00,00,57,00,61,\
00,6e,00,61,00,72,00,70,00,00,00,57,00,44,00,49,00,43,00,41,00,00,00,77,00,\
64,00,6d,00,61,00,75,00,64,00,00,00,57,00,65,00,62,00,43,00,6c,00,69,00,65,\
00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,57,00,\
6f,00,72,00,6b,00,66,00,6c,00,6f,00,77,00,20,00,46,00,6f,00,75,00,6e,00,64,\
00,61,00,74,00,69,00,6f,00,6e,00,20,00,33,00,2e,00,30,00,2e,00,30,00,2e,00,\
30,00,00,00,77,00,69,00,6e,00,6d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,\
00,73,00,6f,00,63,00,6b,00,00,00,57,00,69,00,6e,00,53,00,6f,00,63,00,6b,00,\
32,00,00,00,57,00,69,00,6e,00,54,00,72,00,75,00,73,00,74,00,00,00,57,00,6d,\
00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,6d,00,69,00,41,00,70,00,\
52,00,70,00,6c,00,00,00,57,00,6d,00,69,00,41,00,70,00,53,00,72,00,76,00,00,\
00,57,00,4d,00,50,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,53,00,76,00,\
63,00,00,00,57,00,53,00,32,00,49,00,46,00,53,00,4c,00,00,00,77,00,73,00,63,\
00,73,00,76,00,63,00,00,00,57,00,53,00,54,00,43,00,4f,00,44,00,45,00,43,00,\
00,00,77,00,75,00,61,00,75,00,73,00,65,00,72,00,76,00,00,00,57,00,75,00,64,\
00,66,00,50,00,66,00,00,00,57,00,75,00,64,00,66,00,52,00,64,00,00,00,57,00,\
75,00,64,00,66,00,53,00,76,00,63,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,\
00,00,00,78,00,66,00,69,00,6c,00,74,00,00,00,78,00,6d,00,6c,00,70,00,72,00,\
6f,00,76,00,00,00,59,00,4d,00,49,00,44,00,55,00,53,00,42,00,00,00,7b,00,32,\
00,33,00,38,00,44,00,45,00,42,00,43,00,45,00,2d,00,46,00,33,00,38,00,38,00,\
2d,00,34,00,41,00,33,00,35,00,2d,00,42,00,38,00,38,00,30,00,2d,00,33,00,38,\
00,34,00,41,00,44,00,36,00,39,00,38,00,42,00,37,00,34,00,45,00,7d,00,00,00,\
7b,00,38,00,43,00,30,00,37,00,35,00,41,00,35,00,36,00,2d,00,37,00,31,00,31,\
00,36,00,2d,00,34,00,34,00,42,00,34,00,2d,00,41,00,45,00,33,00,36,00,2d,00,\
30,00,33,00,41,00,44,00,34,00,36,00,36,00,45,00,34,00,31,00,39,00,45,00,7d,\
00,00,00,7b,00,42,00,41,00,38,00,38,00,37,00,34,00,35,00,34,00,2d,00,36,00,\
45,00,45,00,45,00,2d,00,34,00,45,00,43,00,31,00,2d,00,41,00,46,00,39,00,34,\
00,2d,00,41,00,32,00,38,00,42,00,42,00,34,00,46,00,30,00,42,00,30,00,42,00,\
31,00,7d,00,00,00,7b,00,44,00,44,00,33,00,33,00,32,00,43,00,44,00,34,00,2d,\
00,33,00,46,00,37,00,45,00,2d,00,34,00,32,00,46,00,44,00,2d,00,42,00,33,00,\
32,00,45,00,2d,00,44,00,34,00,39,00,36,00,38,00,45,00,37,00,46,00,34,00,42,\
00,33,00,39,00,7d,00,00,00,61,00,31,00,66,00,65,00,38,00,37,00,37,00,30,00,\
00,00,00,00

[HKEY_USERS\S-1-5-21-329068152-1177238915-682003330-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOKUME~1\\Besitzer\\LOKALE~1\\Temp\\is-4RJII.tmp\\is-UDDII.tmp"="Setup/Uninstall"
"C:\\Dokumente und Einstellungen\\Besitzer\\Desktop\\Virus Removal Tool\\is-UDDII\\is-UDDII.exe"="Kaspersky Anti-Virus"
"C:\\Dokumente und Einstellungen\\Besitzer\\Desktop\\Virus Removal Tool\\is-UDDII\\startup.exe"="startup"

; End Of The Log...

Scanreporte 1 von smitfraudfix:

SmitFraudFix v2.416

Scan done at 19:52:04,60, 12.05.2009
Run from C:\Dokumente und Einstellungen\Besitzer\Desktop\Downloads\09.05\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\QuickTime\QTTask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programme\Logitech\QuickCam\Quickcam.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\Programme\Opera\Opera.exe
C:\Programme\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Besitzer\Desktop\Downloads\09.05\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\Besitzer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOKUME~1\Besitzer\LOKALE~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\Besitzer\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOKUME~1\Besitzer\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Programme

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, following keys are not inevitably infected!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8029(AS)-basierter Ethernetadapter (Standard) - Paketplaner-Miniport
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

Scanreporte 2 von smitfraudfix:

SmitFraudFix v2.416

Scan done at 20:21:22,81, 12.05.2009
Run from C:\Dokumente und Einstellungen\Besitzer\Desktop\Downloads\09.05\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{238DEBCE-F388-4A35-B880-384AD698B74E}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DD332CD4-3F7E-42FD-B32E-D4968E7F4B39}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK.2

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

Uninstall Liste:

Adobe Acrobat 4.0
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe PageMaker 6.5
Adobe Photoshop 5.0 Limited Edition
Adobe Reader 8.1.3 - Deutsch
AGEIA PhysX v7.11.13
Ahnenblatt
Ancient Greek (Alkaios)
Anno 1701
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase
ArcSoft PhotoStudio 2000
Attansic Giga Ethernet Utility
Avira AntiVir Personal - Free Antivirus
Building & Co. Demo
Canon ScanGear Toolbox 3.0
CleanUp!
DATA BECKER Das große Schriftenpaket 2500
Die Gilde 2 - Gold Edition
Die Römer
EAX Unified
Emergency 3
Emergency4
Empire Earth III
FinePrint pdfFactory Pro
Firebird SQL Server - MAGIX Edition
Forte Free
Google Earth
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix für Windows Internet Explorer 7 (KB947864)
Hotfix für Windows Media Player 11 (KB939683)
Hotfix für Windows XP (KB914440)
Hotfix für Windows XP (KB935448)
Hotfix für Windows XP (KB952287)
HP Deskjet 5700
HP Software Update
ICQ6
InterVideo FilterSDK for Panasonic
iTunes
Japanese Fonts Support For Adobe Reader 8
Java(TM) 6 Update 13
Java(TM) 6 Update 2
Logitech QuickCam
Logitech® Camera-Treiber
Mafia
MAGIX Fotos auf CD & DVD 6 demo (D)
MAGIX Fotos auf CD & DVD 7 e-version 7.0.0.22 (D)
MAGIX Online Druck Service (D)
MAGIX PC Visit
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0 German Language Pack
Microsoft .NET Framework 3.0 German Language Pack
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office XP Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket
MotionSD STUDIO 1.3E
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
MVision
Nero 7 Essentials
Nero 9
neroxml
NVIDIA Drivers
OmniPage Pro 9.0
OpenOffice.org 3.0
Opera 9.23
PowerDVD
QuickTime
Realtek High Definition Audio Driver
Scan Manager 5.2
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)
Sicherheitsupdate für Windows Media Player (KB911564)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player 11 (KB936782)
Sicherheitsupdate für Windows Media Player 11 (KB954154)
Sicherheitsupdate für Windows Media Player 6.4 (KB925398)
Sicherheitsupdate für Windows XP (KB890046)
Sicherheitsupdate für Windows XP (KB893756)
Sicherheitsupdate für Windows XP (KB896358)
Sicherheitsupdate für Windows XP (KB896423)
Sicherheitsupdate für Windows XP (KB896428)
Sicherheitsupdate für Windows XP (KB899587)
Sicherheitsupdate für Windows XP (KB899591)
Sicherheitsupdate für Windows XP (KB900725)
Sicherheitsupdate für Windows XP (KB901017)
Sicherheitsupdate für Windows XP (KB901214)
Sicherheitsupdate für Windows XP (KB902400)
Sicherheitsupdate für Windows XP (KB904706)
Sicherheitsupdate für Windows XP (KB905414)
Sicherheitsupdate für Windows XP (KB905749)
Sicherheitsupdate für Windows XP (KB908519)
Sicherheitsupdate für Windows XP (KB911562)
Sicherheitsupdate für Windows XP (KB911927)
Sicherheitsupdate für Windows XP (KB913580)
Sicherheitsupdate für Windows XP (KB914388)
Sicherheitsupdate für Windows XP (KB914389)
Sicherheitsupdate für Windows XP (KB917344)
Sicherheitsupdate für Windows XP (KB917953)
Sicherheitsupdate für Windows XP (KB918118)
Sicherheitsupdate für Windows XP (KB918439)
Sicherheitsupdate für Windows XP (KB919007)
Sicherheitsupdate für Windows XP (KB920213)
Sicherheitsupdate für Windows XP (KB920670)
Sicherheitsupdate für Windows XP (KB920683)
Sicherheitsupdate für Windows XP (KB920685)
Sicherheitsupdate für Windows XP (KB921503)
Sicherheitsupdate für Windows XP (KB922819)
Sicherheitsupdate für Windows XP (KB923191)
Sicherheitsupdate für Windows XP (KB923414)
Sicherheitsupdate für Windows XP (KB923561)
Sicherheitsupdate für Windows XP (KB923689)
Sicherheitsupdate für Windows XP (KB923789)
Sicherheitsupdate für Windows XP (KB923980)
Sicherheitsupdate für Windows XP (KB924270)
Sicherheitsupdate für Windows XP (KB924496)
Sicherheitsupdate für Windows XP (KB924667)
Sicherheitsupdate für Windows XP (KB925902)
Sicherheitsupdate für Windows XP (KB926255)
Sicherheitsupdate für Windows XP (KB926436)
Sicherheitsupdate für Windows XP (KB927779)
Sicherheitsupdate für Windows XP (KB927802)
Sicherheitsupdate für Windows XP (KB928255)
Sicherheitsupdate für Windows XP (KB928843)
Sicherheitsupdate für Windows XP (KB929123)
Sicherheitsupdate für Windows XP (KB930178)
Sicherheitsupdate für Windows XP (KB931261)
Sicherheitsupdate für Windows XP (KB931784)
Sicherheitsupdate für Windows XP (KB932168)
Sicherheitsupdate für Windows XP (KB933729)
Sicherheitsupdate für Windows XP (KB935839)
Sicherheitsupdate für Windows XP (KB935840)
Sicherheitsupdate für Windows XP (KB936021)
Sicherheitsupdate für Windows XP (KB937143)
Sicherheitsupdate für Windows XP (KB938127)
Sicherheitsupdate für Windows XP (KB938464)
Sicherheitsupdate für Windows XP (KB938829)
Sicherheitsupdate für Windows XP (KB941202)
Sicherheitsupdate für Windows XP (KB941568)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB941644)
Sicherheitsupdate für Windows XP (KB941693)
Sicherheitsupdate für Windows XP (KB943055)
Sicherheitsupdate für Windows XP (KB943460)
Sicherheitsupdate für Windows XP (KB943485)
Sicherheitsupdate für Windows XP (KB944653)
Sicherheitsupdate für Windows XP (KB945553)
Sicherheitsupdate für Windows XP (KB946026)
Sicherheitsupdate für Windows XP (KB946648)
Sicherheitsupdate für Windows XP (KB948590)
Sicherheitsupdate für Windows XP (KB948881)
Sicherheitsupdate für Windows XP (KB950749)
Sicherheitsupdate für Windows XP (KB950760)
Sicherheitsupdate für Windows XP (KB950762)
Sicherheitsupdate für Windows XP (KB950974)
Sicherheitsupdate für Windows XP (KB951066)
Sicherheitsupdate für Windows XP (KB951376)
Sicherheitsupdate für Windows XP (KB951376-v2)
Sicherheitsupdate für Windows XP (KB951698)
Sicherheitsupdate für Windows XP (KB951748)
Sicherheitsupdate für Windows XP (KB952004)
Sicherheitsupdate für Windows XP (KB952954)
Sicherheitsupdate für Windows XP (KB953839)
Sicherheitsupdate für Windows XP (KB954211)
Sicherheitsupdate für Windows XP (KB954600)
Sicherheitsupdate für Windows XP (KB955069)
Sicherheitsupdate für Windows XP (KB956391)
Sicherheitsupdate für Windows XP (KB956572)
Sicherheitsupdate für Windows XP (KB956802)
Sicherheitsupdate für Windows XP (KB956803)
Sicherheitsupdate für Windows XP (KB956841)
Sicherheitsupdate für Windows XP (KB957095)
Sicherheitsupdate für Windows XP (KB957097)
Sicherheitsupdate für Windows XP (KB958644)
Sicherheitsupdate für Windows XP (KB958687)
Sicherheitsupdate für Windows XP (KB958690)
Sicherheitsupdate für Windows XP (KB959426)
Sicherheitsupdate für Windows XP (KB960225)
Sicherheitsupdate für Windows XP (KB960715)
Sicherheitsupdate für Windows XP (KB960803)
Sicherheitsupdate für Windows XP (KB961373)
Sid Meier's Pirates!
Sid Meier's Railroads!
Skype™ 3.8
Transport Manager
Update für Windows XP (KB894391)
Update für Windows XP (KB898461)
Update für Windows XP (KB900485)
Update für Windows XP (KB904942)
Update für Windows XP (KB908531)
Update für Windows XP (KB910437)
Update für Windows XP (KB911280)
Update für Windows XP (KB916595)
Update für Windows XP (KB920342)
Update für Windows XP (KB920872)
Update für Windows XP (KB922582)
Update für Windows XP (KB925720)
Update für Windows XP (KB925876)
Update für Windows XP (KB927891)
Update für Windows XP (KB930916)
Update für Windows XP (KB932823-v3)
Update für Windows XP (KB933360)
Update für Windows XP (KB938828)
Update für Windows XP (KB942763)
Update für Windows XP (KB951072-v2)
Update für Windows XP (KB955839)
Update für Windows XP (KB967715)
Update Manager
VCam 3.1.1
VIA Platform Device Manager
Virtual DJ - Atomix Productions
Wichtiges Update für Windows Media Player 11 (KB959772)
Winamp (remove only)
Windows Communication Foundation
Windows Driver Package - Philips (AVHybrid) MEDIA (08/26/2005 2.10.02.451)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (DEU)
Windows Workflow Foundation
Windows Workflow Foundation DE Language Pack
Windows XP-Hotfix - KB873339
Windows XP-Hotfix - KB885835
Windows XP-Hotfix - KB885836
Windows XP-Hotfix - KB885884
Windows XP-Hotfix - KB886185
Windows XP-Hotfix - KB887472
Windows XP-Hotfix - KB888302
Windows XP-Hotfix - KB890859
Windows XP-Hotfix - KB891781
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
WinRAR
X3 Bonuspaket 3.1.07
X3: Reunion v2.0.02
XML Paper Specification Shared Components Language Pack 1.0
YAMAHA Musicsoft Downloader 5

Gruss
Navigator

12.05.2009, 21:37

Swisstreasure

Moderator

Beiträge: 5694

Zitat

>>
Auf dem Desktop befindet sich folgendes Programm:
c:\dokumente und einstellungen\Besitzer\Desktop\Virus Removal Tool\is-UDDII\startup.exe
Kennst du es? Dürfte vermutlich das Fakeprogramm sein welches du Dir installiert hast.

12.05.2009, 21:57

Navigator

Member

Themenstarter

Beiträge: 11

#8 Hi,

nein, das Programm kenne ich nicht und ich habe es bei mir auch nicht installiert. Zumindest nicht bewusst!

Gruss
Navigator

12.05.2009, 22:07

Swisstreasure

Moderator

Beiträge: 5694

#9 Abr befindet es sich auf dem Desktop? Falls ja mach mal ein Printscreen und poste es bitte.

Kann es sich auch um ein Tool von Kasepersky handeln?
http://forum.kaspersky.com/index.php?showtopic=100275

Gruss Swiss

12.05.2009, 22:15

Navigator

Member

Themenstarter

Beiträge: 11

#10 Auf dem Desktop befindet sich nur ein Ordner mit dem Namen "Virus Removal Tool". Ein Programm selbst mit diesem Namen befindet sich nicht auf dem Desktop.

Wie wuerde ich einen Pintscreen machen?

Gruss
Navigator

12.05.2009, 22:18

Swisstreasure

Moderator

Beiträge: 5694

#11 Wenns ein Ordner ist, dann brauch ich keinne Printscreen. Hast du mal ein RemovalTool von Kaspersky auf den Desktop geladen?

>>
Combofix entfernen:
Start - Ausführen - Kopiere rein: Combofix /U - klicke "OK"
(oder, wenn es nicht funktioniert: C:\QooBox löschen)

>>
Mach mal einen Scan mit Bitdefender und poste das Log:
http://virus-protect.org/artikel/tools/bitdefender.html

>>
Arbeite datfindbat ab - poste von jedem log nur die Daten der letzten drei Monate:
http://www.virus-protect.org/datfindbat.html

Gruss Swiss

12.05.2009, 22:19

Navigator

Member

Themenstarter

Beiträge: 11

#12 Das koennte durchaus sein, da bei einem Neustart immer Kaspersky sich oeffnet und da steht dann oben in Rot, meine ich, Virus Removal Tool.

Wuerde gerne hinterher, wenn der PC virenfrei ist, wissen, wie ich meinen PC am besten schuetzen kann, also mit welchen Programmen, danke.

Gruss
Navigator

13.05.2009, 11:23

Swisstreasure

Moderator

Beiträge: 5694

#13 Mach noch was ich oben geschrieben habe.

GRuss Swiss

13.05.2009, 18:09

Navigator

Member

Themenstarter

Beiträge: 11

#14

Zitat

Combofix entfernen:
Start - Ausführen - Kopiere rein: Combofix /U - klicke "OK"

Habe ich gemacht, jedoch ist der Virus Removal Tool Ordner immernoch auf dem Desktop, soll ich dann die zweite Variante machen?

Hier kommen nun die entsprechenden Logs:

[b]Bitdefender:

BitDefender Online Scanner

Scan report generated at: Wed, May 13, 2009 - 12:54:56

Scan path: C:\;D:\;E:\;

Statistics

Time
01:57:24

Files
627163

Folders
12933

Boot Sectors
0

Archives
5910

Packed Files
28296

Results

Identified Viruses
1

Infected Files
2

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
2

Engines Info

Virus Definitions
2964699

Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)

Scan plugins
17

Archive plugins
45

Unpack plugins
7

E-mail plugins
6

System plugins
4

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Programme\Spiele\EroBottle\ProSpeed.dll
Infected with: Trojan.Generic.1474639

C:\Programme\Spiele\EroBottle\ProSpeed.dll
Deleted

C:\System Volume Information\_restore{0915EC8F-4356-4367-83B0-60A4B64ECDE5}\RP1\A0000023.dll
Infected with: Trojan.Generic.1474639

C:\System Volume Information\_restore{0915EC8F-4356-4367-83B0-60A4B64ECDE5}\RP1\A0000023.dll
Deleted

datfinbat:

Verzeichnis von c:\

13.05.2009 17:52 0 dirdat.txt
13.05.2009 10:01 1.610.612.736 pagefile.sys
11.05.2009 21:20 12.999 ComboFix.txt
11.05.2009 21:10 293 boot.ini

Verzeichnis von C:\WINDOWS\system32

12.05.2009 20:21 0 tmp.txt
12.05.2009 20:21 3.704 tmp.reg
11.05.2009 19:43 626.688 msvcr80.dll
11.05.2009 19:43 548.864 msvcp80.dll
11.05.2009 19:43 28.672 eEmpty.exe
10.05.2009 15:31 43.520 CmdLineExt03.dll
09.05.2009 21:06 148.888 javaws.exe
09.05.2009 21:06 144.792 javaw.exe
09.05.2009 21:06 144.792 java.exe
09.05.2009 21:06 73.728 javacpl.cpl
09.05.2009 21:05 410.984 deploytk.dll
09.05.2009 20:54 441.320 perfh009.dat
09.05.2009 20:54 71.386 perfc009.dat
09.05.2009 20:54 459.254 perfh007.dat
09.05.2009 20:54 84.876 perfc007.dat
09.05.2009 20:54 1.070.816 PerfStringBackup.INI
09.05.2009 17:21 715.520 TZLog.log
09.05.2009 16:49 180.240 FNTCACHE.DAT
09.05.2009 16:48 6.944 jupdate-1.6.0_07-b06.log
09.05.2009 15:59 13.646 wpa.dbl
06.04.2009 07:57 24.921.544 MRT.exe
21.03.2009 16:20 1.059.840 kernel32.dll
06.03.2009 16:44 286.208 pdh.dll
03.03.2009 02:03 826.368 wininet.dll
20.02.2009 18:49 78.336 ieencode.dll
20.02.2009 18:49 1.160.192 urlmon.dll
20.02.2009 18:49 233.472 webcheck.dll
20.02.2009 18:49 105.984 url.dll
20.02.2009 18:49 44.544 pngfilt.dll
20.02.2009 18:49 102.912 occache.dll
20.02.2009 18:49 671.232 mstime.dll
20.02.2009 18:49 193.024 msrating.dll
20.02.2009 18:49 477.696 mshtmled.dll
20.02.2009 18:49 3.595.264 mshtml.dll
20.02.2009 18:49 27.648 jsproxy.dll
20.02.2009 18:49 52.224 msfeedsbs.dll
20.02.2009 18:49 459.264 msfeeds.dll
20.02.2009 18:49 1.830.912 inetcpl.cpl
20.02.2009 18:49 268.288 iertutil.dll
20.02.2009 18:49 44.544 iernonce.dll
20.02.2009 18:49 6.066.176 ieframe.dll
20.02.2009 18:49 385.024 iedkcs32.dll
20.02.2009 18:49 383.488 ieapfltr.dll
20.02.2009 18:49 347.136 dxtmsft.dll
20.02.2009 18:49 63.488 icardie.dll
20.02.2009 18:49 214.528 dxtrans.dll
20.02.2009 18:49 133.120 extmgr.dll
20.02.2009 18:49 153.088 ieakeng.dll
20.02.2009 18:49 230.400 ieaksie.dll
20.02.2009 18:49 124.928 advpack.dll
20.02.2009 12:21 389.120 html.iec
20.02.2009 12:20 70.656 ie4uinit.exe
20.02.2009 12:20 13.824 ieudinit.exe
20.02.2009 07:14 161.792 ieakui.dll
09.02.2009 16:14 1.846.400 win32k.sys
09.02.2009 13:47 2.018.304 ntkrnlpa.exe
09.02.2009 13:47 2.138.624 ntoskrnl.exe
09.02.2009 12:18 677.888 advapi32.dll
09.02.2009 12:18 731.136 lsasrv.dll
09.02.2009 12:18 399.360 rpcss.dll
09.02.2009 12:18 740.352 ntdll.dll
09.02.2009 12:04 111.104 services.exe
06.02.2009 18:54 35.328 sc.exe
03.02.2009 22:08 55.808 secur32.dll

Verzeichnis von C:\WINDOWS

13.05.2009 16:38 2.005.141 WindowsUpdate.log
13.05.2009 10:57 323.144 setupapi.log
13.05.2009 10:02 0 0.log
13.05.2009 10:01 159 wiadebug.log
13.05.2009 10:01 50 wiaservc.log
13.05.2009 10:01 2.048 bootstat.dat
12.05.2009 23:02 32.578 SchedLgU.Txt
12.05.2009 20:22 180.952 setupact.log
12.05.2009 20:20 2.310.896 ntbtlog.txt
11.05.2009 21:17 227 system.ini
11.05.2009 19:47 28 Lic.xxx
09.05.2009 23:13 4.757 Irremote.ini
09.05.2009 20:50 9.704 spupdsvc.log
09.05.2009 17:21 60.989 ocmsn.log
09.05.2009 17:21 173.634 iis6.log
09.05.2009 17:21 1.355 imsins.log
09.05.2009 17:21 375.718 comsetup.log
09.05.2009 17:21 226.299 ntdtcsetup.log
09.05.2009 17:21 424.281 tsoc.log
09.05.2009 17:21 31.596 KB959426.log
09.05.2009 17:21 55.286 msgsocm.log
09.05.2009 17:21 530.611 ocgen.log
09.05.2009 17:21 1.094.742 FaxSetup.log
09.05.2009 17:21 117.609 updspapi.log
09.05.2009 17:21 1.355 imsins.BAK
09.05.2009 17:21 30.119 KB961373.log
09.05.2009 17:21 44.150 KB955839.log
09.05.2009 17:20 104.327 KB963027-IE7.log
09.05.2009 17:20 20.153 KB960225.log
09.05.2009 17:18 19.084 KB956572.log
09.05.2009 17:17 14.309 KB952069.log
09.05.2009 17:17 28.095 KB952004.log
09.05.2009 16:47 11.243 KB960715.log
09.05.2009 16:47 12.845 KB958687.log
09.05.2009 16:47 24.073 KB967715.log
09.05.2009 16:47 18.120 KB958690.log
09.05.2009 16:47 8.056 KB959772.log
09.05.2009 16:47 50.398 wmsetup.log
09.05.2009 16:46 17.677 KB960803.log
09.05.2009 16:46 11.421 KB954600.log
09.05.2009 16:46 17.149 KB956802.log
09.05.2009 16:46 12.669 KB923561.log
09.05.2009 15:27 512.334 msxml6-KB954459-enu-x86.LOG
09.05.2009 15:27 8.495 KB957097.log
09.05.2009 15:27 8.778 KB955069.log
09.05.2009 15:26 316.908 msxml4-KB954430-enu.LOG

Verzeichnis von C:\DOKUME~1\Besitzer\LOKALE~1\Temp

13.05.2009 10:07 806 jusched.log
13.05.2009 10:02 1.397 LVCOMSX.LOG
13.05.2009 10:02 974 callingapps.xml
12.05.2009 21:06 22.245 Turkish.bin
12.05.2009 21:06 21.958 Norwegian.bin
12.05.2009 21:06 26.076 Hungarian.bin
12.05.2009 21:06 19.553 Hebrew.bin
12.05.2009 21:06 22.853 Finnish.bin
12.05.2009 21:06 24.310 Czech.bin
12.05.2009 21:06 25.067 Portuguese(Brazil).bin
12.05.2009 21:06 24.219 Polish.bin
12.05.2009 21:06 25.080 Greek.bin
12.05.2009 21:06 21.977 Thai.bin
12.05.2009 21:06 20.974 Arabic.bin
12.05.2009 21:06 16.404 SimChin.bin
12.05.2009 21:06 21.911 English.bin
12.05.2009 21:06 26.256 Portuguese.bin
12.05.2009 21:06 24.088 SWEDISH.bin
12.05.2009 21:06 27.754 Spanish.bin
12.05.2009 21:06 26.125 Russian.bin
12.05.2009 21:06 27.409 Italian.bin
12.05.2009 21:06 25.746 German.bin
12.05.2009 21:06 27.237 French.bin
12.05.2009 21:06 16.949 TradChin.bin
12.05.2009 21:06 25.741 Dutch.bin
12.05.2009 21:06 22.769 Danish.bin
12.05.2009 21:06 20.135 Korean.bin
12.05.2009 21:06 24.297 Japanese.bin

Gestern Abend war es mir zu spaet fuer den Scan von BitDefender.

Gruss
Navigator

13.05.2009, 19:41

Swisstreasure

Moderator

Beiträge: 5694

#15 Öffne mal den Virus Removal Tool Ordner dann is-UDDII und rechtsklick auf startup.exe.
Ist die Datei signiert, steht da was von Kaspersky?

Gruss Swiss

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2