Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.08.2011, 15:01   #1
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Hallihallo,

habe vor kurzen dank eurer Hilfe meinen Laptop gereinigt und mir die in den Tips genannten Scanner auch mal über mein Arbeitstier (Desktop PC) laufen lassen. Und siehe da, o.g. Trojaner sind vorhanden.

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 08/21/2011 at 02:25 PM

Application Version : 4.55.1000

Core Rules Database Version : 7369
Trace Rules Database Version: 5181

Scan type       : Complete Scan
Total Scan Time : 02:43:36

Memory items scanned      : 619
Memory threats detected   : 0
Registry items scanned    : 8667
Registry threats detected : 5
File items scanned        : 45424
File threats detected     : 1

Trojan.PSGuard
	HKLM\Software\PSGuard.com
	HKLM\Software\PSGuard.com\PSGuard
	HKLM\Software\PSGuard.com\PSGuard\P.S.Guard
	HKLM\Software\PSGuard.com\PSGuard\P.S.Guard\License

Disabled.SecurityCenterOption
	HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Trojan.Agent/Gen-Krpytik
	C:\SYSTEM VOLUME INFORMATION\_RESTORE{48B68672-9289-46DB-AAD7-5E9EDB5B7F7A}\RP486\A0150910.EXE
         

OTL Logfile

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.08.2011 15:22:20 - Run 6
OTL by OldTimer - Version 3.2.26.5     Folder = C:\Dokumente und Einstellungen\Heini\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,28% Memory free
3,85 Gb Paging File | 3,45 Gb Available in Paging File | 89,57% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,55 Gb Total Space | 19,99 Gb Free Space | 26,81% Space Free | Partition Type: NTFS
Drive E: | 46,02 Gb Total Space | 3,23 Gb Free Space | 7,01% Space Free | Partition Type: NTFS
Drive G: | 40,00 Gb Total Space | 35,87 Gb Free Space | 89,67% Space Free | Partition Type: NTFS
Drive H: | 106,10 Gb Total Space | 103,33 Gb Free Space | 97,39% Space Free | Partition Type: NTFS
Drive I: | 982,13 Mb Total Space | 981,20 Mb Free Space | 99,91% Space Free | Partition Type: FAT
 
Computer Name: ARBEITSZIMMER | User Name: Heini | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()
PRC - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
PRC - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software)
PRC - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH)
PRC - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\EnumDevLib.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Sunbelt Software\CounterSpy\SBFDAccessLayer.dll ()
MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()
MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\acAuth.dll ()
MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncRs.crl ()
MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanDll.dll ()
MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()
MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\tiwlnapi.dll ()
MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\ExtWLANconfig.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AppMgmt) --  File not found
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
SRV - (SqueezeMySQL) -- C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\programme\microsoft office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (a2free) -- C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (TryAndDecideService) -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (SBCSSvc) -- C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (RTL8192su) -- C:\WINDOWS\system32\drivers\rtl8192su.sys (Realtek Semiconductor Corporation                           )
DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (timounter) -- C:\WINDOWS\System32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (tdrpman) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ACEDRV08) -- C:\WINDOWS\system32\drivers\ACEDRV08.sys (Protect Software GmbH)
DRV - (SBHR) -- C:\WINDOWS\system32\drivers\sbhr.sys ()
DRV - (ACRUSBTM) -- C:\WINDOWS\system32\drivers\ACRUSBTM.SYS ()
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (ACEDRV05) -- C:\WINDOWS\system32\drivers\ACEDRV05.sys (Protect Software GmbH)
DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation)
DRV - (odysseyIM3) -- C:\WINDOWS\system32\drivers\odysseyIM3.sys (Funk Software, Inc.)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (bfubase) BlueFRITZ! USB (WinXP/2000) -- C:\WINDOWS\system32\drivers\bfubase.sys (AVM Berlin)
DRV - (CAPI_CIP) -- C:\WINDOWS\system32\drivers\capi_cip.sys (AVM Berlin)
DRV - (AVMBTSERIAL) -- C:\WINDOWS\system32\drivers\avmbtser.sys (AVM GmbH)
DRV - (AVMBTPARALLEL) -- C:\WINDOWS\system32\drivers\avmbtpar.sys (AVM GmbH)
DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH)
DRV - (AVMBTSND) -- C:\WINDOWS\system32\drivers\avmbtsnd.sys (AVM GmbH)
DRV - (NETBFPAN) -- C:\WINDOWS\system32\drivers\netbfpan.sys (AVM Berlin)
DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (AVMPORT) -- C:\WINDOWS\System32\drivers\avmport.sys (AVM Berlin)
DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)
DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.sys (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.07.03 17:44:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.21 11:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.07.03 17:45:04 | 000,000,000 | ---D | M]
 
[2008.07.16 19:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Extensions
[2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions
[2010.01.10 21:31:40 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions
[2010.03.11 21:51:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.10 21:58:07 | 000,001,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\searchplugins\winamp-search.xml
[2011.07.03 18:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.11.27 18:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.07.03 18:32:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.08.21 11:33:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2008.01.29 14:51:48 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcdec.dll
[2008.01.29 14:51:49 | 000,125,848 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcext.dll
[2008.01.29 14:51:56 | 000,046,408 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\atmccli.dll
[2008.01.29 14:51:58 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\ieatgpc.dll
[2008.01.29 14:51:45 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\npatgpc.dll
[2011.07.03 18:31:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.04 19:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\npOGAPlugin.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.01.12 14:36:52 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\programme\microsoft office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Sitecom 300N USB Wireless LAN Utility.lnk = C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless Configuration Utility.lnk = C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258913469140 (WUWebControl Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe
O34 - HKLM BootExecute: (autocheck autochk*) -  File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {33666497-F8FD-B072-8516-BBFCA94B688C} - Microsoft Windows Media Player 6.4
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D250360C-56E2-6065-3DC5-8F6CBAFEB99A} - Windows Media Player
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk - C:\Programme\Squeezebox\SqueezeTray.exe - (SlimDevices - A Logitech Company)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe - ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.27 15:20:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe
[2011.08.21 20:51:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Malwarebytes
[2011.08.21 20:51:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.08.21 20:51:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.08.21 20:51:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.08.21 20:51:41 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.08.21 20:51:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.08.21 11:32:03 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Heini\Recent
[2011.08.13 11:38:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com
[2007.08.10 17:28:21 | 021,733,696 | ---- | C] (Skype Technologies S.A.                                     ) -- C:\Programme\SkypeSetup.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.27 15:20:15 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe
[2011.08.27 14:47:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.27 13:44:31 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.08.27 13:43:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.27 13:42:48 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job
[2011.08.27 13:42:46 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.27 13:42:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.26 07:13:56 | 1357,644,800 | ---- | M] () -- C:\WINDOWS\outlook.pst
[2011.08.23 22:00:19 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe
[2011.08.22 21:29:06 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable
[2011.08.21 20:51:47 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.21 17:47:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job
[2011.08.21 12:15:21 | 000,000,597 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\.Xauthority
[2011.08.14 22:14:44 | 000,001,211 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2011.08.11 22:14:16 | 000,448,894 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.08.11 22:14:16 | 000,432,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.11 22:14:16 | 000,080,558 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.08.11 22:14:16 | 000,067,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.08.23 22:00:18 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe
[2011.08.22 21:29:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable
[2011.08.21 20:51:47 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.02 21:17:38 | 000,000,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\default.rss
[2011.06.02 21:16:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.23 17:03:02 | 000,000,546 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2010.12.08 16:54:08 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2010.09.12 02:18:29 | 001,495,944 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.11 19:55:07 | 000,000,279 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2009.12.21 20:15:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.12.13 14:07:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2009.12.09 22:33:15 | 000,108,021 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini
[2009.12.09 22:33:15 | 000,033,373 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2009.12.09 22:33:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2009.09.30 20:28:22 | 000,000,418 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\burnaware.ini
[2009.09.06 18:54:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2009.01.10 20:39:34 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2009.01.10 20:32:23 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini
[2009.01.04 19:00:31 | 000,000,823 | ---- | C] () -- C:\WINDOWS\uninst.ini
[2008.09.26 19:52:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\ACRUSBTM.SYS
[2008.03.09 20:42:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2008.03.09 14:48:29 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc
[2008.03.08 13:35:09 | 000,283,392 | R--- | C] () -- C:\WINDOWS\System32\drivers\GPlus.sys
[2007.12.12 00:00:21 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007.12.11 23:57:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.09.21 20:11:11 | 000,015,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sbhr.sys
[2007.09.19 20:39:52 | 000,002,779 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBFC.dat
[2007.09.07 18:16:03 | 000,109,056 | ---- | C] () -- C:\WINDOWS\catchme.exe
[2007.09.07 18:16:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe
[2007.09.07 18:16:03 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2007.08.09 20:48:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\$_hpcst$.hpc
[2007.05.27 14:00:35 | 000,002,513 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.05.27 13:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.05.08 19:55:53 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2007.05.02 22:49:15 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006.12.12 18:24:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006.10.30 11:30:30 | 000,010,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBTEDrv.sys
[2006.09.03 19:08:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw110.INI
[2006.08.14 20:11:09 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.08.14 20:09:00 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2006.06.28 13:42:10 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2006.04.28 22:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006.04.22 12:21:18 | 000,083,455 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.02.19 20:53:26 | 000,000,275 | ---- | C] () -- C:\WINDOWS\buhl.ini
[2006.02.19 20:52:48 | 000,001,211 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2006.02.12 19:06:43 | 000,012,648 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_audio.Cache
[2005.11.15 22:55:31 | 001,297,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_image.Cache
[2005.11.15 21:54:39 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005.11.02 11:39:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll
[2005.11.02 11:39:16 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll
[2005.10.18 10:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\msdvd_uk.dll
[2005.10.18 10:40:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\msdvd_se.dll
[2005.10.18 10:39:00 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\msdvd_fr.dll
[2005.10.18 10:39:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\msdvd_en.dll
[2005.10.18 10:36:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\msdvd_de.dll
[2005.10.18 10:33:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\mp2EncoderDll.dll
[2005.10.18 10:32:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\mplex.dll
[2005.10.18 10:25:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ifoutil.dll
[2005.10.18 10:05:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ifoData.dll
[2005.10.18 10:04:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dvdscript.dll
[2005.10.18 10:03:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DVDExtractor.dll
[2005.10.18 09:48:00 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\decoderDll.dll
[2005.10.18 09:47:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\audioDecode.dll
[2005.10.04 10:15:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005.09.22 18:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005.09.17 12:38:56 | 000,151,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.09.11 20:05:46 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.08.28 12:14:52 | 000,000,024 | ---- | C] () -- C:\WINDOWS\audiovie.ini
[2005.08.28 12:14:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WOC_CDDA.ini
[2005.08.28 12:07:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\cddabase.ini
[2005.08.03 21:13:49 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WinOnCD.ini
[2005.07.31 22:37:46 | 000,000,502 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.07.31 22:09:55 | 000,010,823 | ---- | C] () -- C:\WINDOWS\extend.dat
[2005.07.31 22:08:30 | 000,000,183 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005.07.31 18:21:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2005.07.31 18:21:31 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2005.07.30 17:31:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.07.30 17:29:52 | 000,860,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.07.30 16:54:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.07.30 16:48:21 | 000,022,924 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.05.30 01:06:58 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005.05.30 01:06:57 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll
[2004.08.21 11:36:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AnimWnd.dll
[2004.08.04 14:00:00 | 000,448,894 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 14:00:00 | 000,432,214 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 14:00:00 | 000,080,558 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 14:00:00 | 000,067,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.05.10 04:02:12 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MstartSound.dll
[2004.05.10 04:02:12 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MstartScreen.dll
[2004.05.10 04:02:10 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MshutSound.dll
[2004.05.10 04:02:10 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MshutScreen.dll
[2003.06.17 12:25:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll
[2003.06.17 12:25:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2003.05.20 03:40:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IrrShape.dll
[2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.08.23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 14:00:00 | 001,868,944 | ---- | C] () -- C:\WINDOWS\System32\RSA32_16.DLL
[2001.08.23 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.23 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.23 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.23 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.23 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.23 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.23 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.23 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2000.04.12 10:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2000.04.12 10:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1997.10.18 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
 
========== LOP Check ==========
 
[2009.05.09 17:32:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2008.01.12 13:44:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Premium
[2009.05.12 22:48:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2008.08.24 20:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications
[2007.09.05 19:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft
[2009.05.16 19:04:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2011.05.29 10:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Netzmanager
[2010.09.11 19:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SanDisk
[2007.12.11 23:57:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2010.08.01 19:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Squeezebox
[2009.11.29 20:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SqueezeCenter
[2009.05.12 22:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2006.04.14 13:27:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2009.05.12 22:48:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2007.08.09 21:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2007.05.30 21:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2009.05.12 22:48:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010.12.06 23:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3BF7B6DE-D2D6-4888-83BE-488663791EB5}
[2010.12.06 22:55:03 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D8116CA6-DBDF-4415-AB4A-BE0CEFB71935}
[2009.05.06 22:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Acronis
[2009.08.12 22:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Amazon
[2011.06.02 21:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\AnvSoft
[2005.11.15 23:04:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Backup MyPC
[2008.10.05 17:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Buhl Data Service
[2007.12.12 00:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Canon
[2008.08.28 22:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DataDesign
[2010.09.12 18:05:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.12.21 20:49:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\EAC
[2010.12.13 14:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\foobar2000
[2010.09.12 18:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\HandBrake
[2009.01.10 20:52:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\IMP
[2009.04.06 22:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\InfraRecorder
[2008.11.04 21:32:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\KPSA-home
[2005.11.15 23:04:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Leadertech
[2008.11.04 21:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Logs
[2009.05.19 21:36:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mp3tag
[2010.03.07 19:01:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NCH Swift Sound
[2007.12.22 15:17:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NewSoft
[2007.12.11 23:57:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\ScanSoft
[2008.11.04 21:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SHD Kreative Planungs-Systeme
[2009.12.27 15:25:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SqueezePlay
[2009.01.10 18:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\streamripper
[2006.01.17 00:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\T-DSL SpeedManager
[2006.01.15 18:11:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Teledat
[2011.02.07 23:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TheLastRipper
[2007.05.30 20:51:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TuneUp Software
[2009.10.03 19:57:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Ulead Systems
[2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.01.30 20:43:17 | 000,000,000 | ---D | M] -- C:\ATI
[2009.01.04 20:22:49 | 000,000,000 | ---D | M] -- C:\Bases_X
[2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\cleanroom
[2010.05.10 20:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009.07.28 21:45:05 | 000,000,000 | ---D | M] -- C:\Meine Downloads
[2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\mirror
[2007.04.29 10:11:24 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.12.11 18:37:01 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.11.07 17:49:36 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.08.21 20:51:41 | 000,000,000 | ---D | M] -- C:\Programme
[2007.03.11 23:08:44 | 000,000,000 | ---D | M] -- C:\PVRCHEDSK
[2007.09.07 18:20:49 | 000,000,000 | ---D | M] -- C:\qoobox
[2005.10.03 13:08:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2009.01.10 20:53:04 | 000,000,000 | ---D | M] -- C:\setups
[2009.01.09 23:08:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.10.20 19:36:24 | 000,000,000 | ---D | M] -- C:\temp
[2007.05.03 01:01:38 | 000,000,000 | ---D | M] -- C:\VIDEO_TS
[2011.08.27 13:44:30 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2009.05.07 07:07:36 | 000,000,000 | ---D | M] -- C:\Zubehör
 
< %PROGRAMFILES%\*.exe >
[2007.08.10 17:35:39 | 021,733,696 | ---- | M] (Skype Technologies S.A.                                     ) -- C:\Programme\SkypeSetup.exe
 
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 01:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2004.08.04 01:58:10 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 01:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 01:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-25 11:08:43
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream

< End of report >
         
--- --- ---

[/code]

Keine Ahnung, aber auch nach mehreren Versuchen wird eine Extra.txt nicht abgespeichert. Welche Einstellungen in der Anwendung OTL muss ich vornehmen um diese Datei zu generieren?

Hier noch das GMER Ergebnis.
Auch diese Scans sind über mehrere Stunden (ca. 8!!!) gelaufen und haben in der Regel zum Stillstand des Rechners geführt.

Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2011-08-24 20:06:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10
Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs  sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice  \FileSystem\Ntfs \Ntfs  sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

---- EOF - GMER 1.0.15 ----
         
Malwarebytes hatte ich auch rüberschauen lassen, aber scheinbar ohne Befund

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7529

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

22.08.2011 03:12:19
mbam-log-2011-08-22 (03-12-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|G:\|H:\|)
Durchsuchte Objekte: 349795
Laufzeit: 6 Stunde(n), 19 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Soweit erst einmal die Logfiles. Was kann ich tun?
Vielen Dank schon einmal vorab.

Gruß

Heini

Geändert von Heini66 (27.08.2011 um 15:06 Uhr) Grund: Erweitertes Logfile-Ergebnis

Alt 28.08.2011, 16:25   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________

__________________

Alt 28.08.2011, 17:34   #3
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Hallo Arne,
ich kann keine weiteren Logfiles finden!?
Soll ich den Scan noch einmal laufen lassen?
Müssten die Funde aus SUPERAntiSpyware sichtbar sein?

Gruß
Heini
__________________

Alt 28.08.2011, 19:45   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Nein, führ erstmal ESET aus, danach sehen wir weiter:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.08.2011, 18:55   #5
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Here it is:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=c9f9c47605380d41a5ace75ef84c1b42
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-29 06:50:55
# local_time=2011-08-29 08:50:55 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=256 16777215 100 0 125452844 125452844 0 0
# compatibility_mode=1792 16777191 100 0 76385279 76385279 0 0
# compatibility_mode=8192 67108863 100 0 248 248 0 0
# scanned=169993
# found=4
# cleaned=0
# scan_time=41396
C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup.exe	a variant of Win32/Adware.ADON application (unable to clean)	00000000000000000000000000000000	I
C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup_.zip	a variant of Win32/Adware.ADON application (unable to clean)	00000000000000000000000000000000	I
E:\Jochen\Eigene Dateien Heini\Downloads\free-wma-mp3-converter.exe	probably a variant of Win32/PSW.Agent.BUPXGWL trojan (unable to clean)	00000000000000000000000000000000	I
E:\Jochen\Eigene Dateien Heini\Downloads\streamripper-windows-installer-1.63.4.exe	probably a variant of Win32/Agent.IMGROYR trojan (unable to clean)	00000000000000000000000000000000	I
         
Wie krieg ich die wieder wech???

Gruß
Heini


Alt 29.08.2011, 19:25   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Die Funde von ESET kannste vernachlässigen, das sind Setups die nur angemeckert werden, weil die Toolbars mitinstallieren können.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe
@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
--> SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik

Alt 29.08.2011, 19:56   #7
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Ich hoffe so ist´s richtig...

Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
G:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
File I:\DPFMate.exe not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: Heini
->Temp folder emptied: 7278268 bytes
->Temporary Internet Files folder emptied: 34129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 96067112 bytes
->Flash cache emptied: 577 bytes
 
User: Isabel
->Temp folder emptied: 0 bytes
 
User: Isabel.ARBEITSZIMMER
->Temp folder emptied: 74812553 bytes
->Temporary Internet Files folder emptied: 46237393 bytes
->Java cache emptied: 31426424 bytes
->FireFox cache emptied: 649208472 bytes
->Flash cache emptied: 911 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14471998 bytes
 
User: NetworkService
->Temp folder emptied: 244458 bytes
->Temporary Internet Files folder emptied: 37664 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 45027768 bytes
%systemroot%\System32 .tmp files removed: 3599239 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 74578995 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 995,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.26.5 log created on 08292011_203137

Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Temp\WCESLog.log moved successfully.

Registry entries deleted on Reboot...
         
Heini

Alt 29.08.2011, 20:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.08.2011, 20:49   #9
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Hier isser:

Code:
ATTFilter
2011/08/29 21:42:08.0562 2752	TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 21:42:08.0812 2752	================================================================================
2011/08/29 21:42:08.0812 2752	SystemInfo:
2011/08/29 21:42:08.0812 2752	
2011/08/29 21:42:08.0812 2752	OS Version: 5.1.2600 ServicePack: 3.0
2011/08/29 21:42:08.0812 2752	Product type: Workstation
2011/08/29 21:42:08.0812 2752	ComputerName: ARBEITSZIMMER
2011/08/29 21:42:08.0812 2752	UserName: Heini
2011/08/29 21:42:08.0812 2752	Windows directory: C:\WINDOWS
2011/08/29 21:42:08.0812 2752	System windows directory: C:\WINDOWS
2011/08/29 21:42:08.0812 2752	Processor architecture: Intel x86
2011/08/29 21:42:08.0812 2752	Number of processors: 1
2011/08/29 21:42:08.0812 2752	Page size: 0x1000
2011/08/29 21:42:08.0812 2752	Boot type: Normal boot
2011/08/29 21:42:08.0812 2752	================================================================================
2011/08/29 21:42:10.0968 2752	Initialize success
2011/08/29 21:43:08.0796 3564	================================================================================
2011/08/29 21:43:08.0796 3564	Scan started
2011/08/29 21:43:08.0796 3564	Mode: Manual; 
2011/08/29 21:43:08.0796 3564	================================================================================
2011/08/29 21:43:11.0015 3564	ACEDRV05        (0a1e97197609f92d2425b67da0bb0a7f) C:\WINDOWS\system32\drivers\ACEDRV05.sys
2011/08/29 21:43:11.0421 3564	ACEDRV08        (da06d89cdfdd0d24de75165cf6d4270b) C:\WINDOWS\system32\drivers\ACEDRV08.sys
2011/08/29 21:43:11.0875 3564	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 21:43:12.0250 3564	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/29 21:43:12.0687 3564	ACRUSBTM        (45b952a3ed567264acff89e46f65331d) C:\WINDOWS\system32\drivers\ACRUSBTM.SYS
2011/08/29 21:43:13.0500 3564	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 21:43:13.0937 3564	AegisP          (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/08/29 21:43:14.0437 3564	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 21:43:16.0109 3564	ALCXSENS        (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2011/08/29 21:43:16.0921 3564	ALCXWDM         (9a6a99f0d75b457e3a2267776ebe9f47) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/08/29 21:43:17.0890 3564	AmdK7           (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2011/08/29 21:43:20.0093 3564	ASPI32          (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\ASPI32.sys
2011/08/29 21:43:20.0500 3564	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/29 21:43:20.0890 3564	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/29 21:43:22.0171 3564	ati2mtag        (492bd2a5f65f218d4ede5764a3bb67e9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/29 21:43:22.0609 3564	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/29 21:43:23.0046 3564	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/29 21:43:23.0218 3564	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2011/08/29 21:43:23.0656 3564	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/08/29 21:43:24.0140 3564	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/08/29 21:43:24.0578 3564	AVMBTPARALLEL   (6a759d41c97fcdc6ba27fa7f2f26ec49) C:\WINDOWS\system32\DRIVERS\avmbtpar.sys
2011/08/29 21:43:24.0984 3564	AVMBTSERIAL     (4bb8956474c4770083f4f50a51f26bcf) C:\WINDOWS\system32\DRIVERS\avmbtser.sys
2011/08/29 21:43:25.0390 3564	AVMBTSND        (b087792fa885da20cc0233d7a5154a7a) C:\WINDOWS\system32\drivers\avmbtsnd.sys
2011/08/29 21:43:25.0828 3564	AVMCOWAN        (dec96d9a2463b75944869041ed15c31c) C:\WINDOWS\system32\DRIVERS\avmcowan.sys
2011/08/29 21:43:26.0281 3564	AVMPORT         (02568a764ef2c37cfa6f9c471e67d475) C:\WINDOWS\System32\drivers\avmport.sys
2011/08/29 21:43:26.0718 3564	AVMWAN          (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys
2011/08/29 21:43:27.0171 3564	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/29 21:43:27.0828 3564	bfubase         (45f341d5fd3afc002650c28ad447530d) C:\WINDOWS\system32\DRIVERS\bfubase.sys
2011/08/29 21:43:28.0734 3564	CAPI_CIP        (6ca1dab2b1846a4f39eb00c25fdaecf5) C:\WINDOWS\system32\DRIVERS\capi_cip.sys
2011/08/29 21:43:29.0296 3564	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/29 21:43:30.0031 3564	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/29 21:43:30.0421 3564	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/29 21:43:30.0812 3564	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/29 21:43:33.0203 3564	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/29 21:43:33.0921 3564	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/29 21:43:34.0734 3564	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/29 21:43:35.0171 3564	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/29 21:43:35.0625 3564	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/29 21:43:36.0093 3564	Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
2011/08/29 21:43:36.0562 3564	Dot4Print       (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
2011/08/29 21:43:37.0281 3564	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/29 21:43:37.0718 3564	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/29 21:43:38.0078 3564	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/29 21:43:38.0453 3564	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/29 21:43:38.0796 3564	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/29 21:43:39.0250 3564	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/29 21:43:39.0671 3564	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/29 21:43:40.0093 3564	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/29 21:43:41.0578 3564	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/29 21:43:41.0968 3564	grmnusb         (cd007d03a9284bfe67d49c01213132bf) C:\WINDOWS\system32\drivers\grmnusb.sys
2011/08/29 21:43:42.0421 3564	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/29 21:43:43.0578 3564	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/29 21:43:44.0703 3564	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/29 21:43:45.0109 3564	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/29 21:43:46.0250 3564	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/29 21:43:46.0656 3564	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/29 21:43:47.0062 3564	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/29 21:43:47.0484 3564	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/29 21:43:47.0843 3564	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/29 21:43:48.0250 3564	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/29 21:43:48.0625 3564	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/29 21:43:49.0015 3564	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/29 21:43:49.0375 3564	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/29 21:43:49.0796 3564	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/29 21:43:50.0234 3564	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/29 21:43:51.0046 3564	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/29 21:43:51.0453 3564	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/29 21:43:51.0859 3564	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/29 21:43:52.0250 3564	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/29 21:43:52.0656 3564	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/29 21:43:53.0500 3564	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/29 21:43:54.0109 3564	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/29 21:43:54.0625 3564	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/29 21:43:54.0984 3564	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/29 21:43:55.0390 3564	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/29 21:43:55.0765 3564	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/29 21:43:56.0171 3564	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/29 21:43:56.0578 3564	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/29 21:43:57.0000 3564	NCHSSVAD        (0df9cc7b5cc173f545723f23e68fac93) C:\WINDOWS\system32\drivers\nchssvad.sys
2011/08/29 21:43:57.0453 3564	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/29 21:43:57.0875 3564	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/29 21:43:58.0265 3564	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/29 21:43:58.0656 3564	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/29 21:43:59.0062 3564	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/29 21:43:59.0468 3564	NETBFPAN        (518c22c02da275cb30d5beb58786129f) C:\WINDOWS\system32\DRIVERS\netbfpan.sys
2011/08/29 21:43:59.0875 3564	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/29 21:44:00.0281 3564	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/29 21:44:01.0187 3564	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/29 21:44:01.0765 3564	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/29 21:44:02.0421 3564	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/29 21:44:02.0812 3564	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/29 21:44:03.0234 3564	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/29 21:44:03.0656 3564	odysseyIM3      (5dcc587deba479b1f8e33aa8fb079b8a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
2011/08/29 21:44:04.0109 3564	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/29 21:44:04.0500 3564	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/29 21:44:04.0921 3564	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/29 21:44:05.0328 3564	PCASp50         (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
2011/08/29 21:44:05.0765 3564	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/29 21:44:06.0609 3564	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/08/29 21:44:07.0046 3564	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/29 21:44:09.0703 3564	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/29 21:44:10.0093 3564	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/29 21:44:10.0500 3564	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/29 21:44:11.0187 3564	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/29 21:44:13.0343 3564	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/29 21:44:13.0765 3564	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/29 21:44:14.0171 3564	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/29 21:44:14.0593 3564	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/29 21:44:15.0031 3564	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/29 21:44:15.0453 3564	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/29 21:44:15.0875 3564	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/29 21:44:16.0265 3564	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/29 21:44:16.0687 3564	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/29 21:44:17.0328 3564	RTL8192su       (37a78c0c71be572f15fc534fdd3782de) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
2011/08/29 21:44:17.0531 3564	SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/29 21:44:17.0625 3564	SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/29 21:44:18.0484 3564	SBHR            (c6ea8d8c6442648746f69e3d75cacf98) C:\WINDOWS\system32\drivers\sbhr.sys
2011/08/29 21:44:18.0906 3564	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/29 21:44:19.0328 3564	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/29 21:44:19.0703 3564	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/29 21:44:20.0109 3564	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/29 21:44:20.0937 3564	SiS315          (f1bf6158ac79912bbdf71a0382fefa65) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
2011/08/29 21:44:21.0437 3564	SiSide          (b4485881bd8aed9b157a2e6cf43c2d51) C:\WINDOWS\system32\DRIVERS\siside.sys
2011/08/29 21:44:21.0812 3564	sisidex         (6225224b8e846ac230f8d9b343635910) C:\WINDOWS\system32\drivers\sisidex.sys
2011/08/29 21:44:22.0218 3564	SiSkp           (224ef1530777d62b65e8c2d5e9cfa511) C:\WINDOWS\system32\DRIVERS\srvkp.sys
2011/08/29 21:44:22.0609 3564	SISNIC          (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
2011/08/29 21:44:23.0000 3564	SISNICXP        (a1348a901a44760ccd76043525e851d0) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
2011/08/29 21:44:23.0406 3564	sisperf         (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys
2011/08/29 21:44:23.0843 3564	snapman         (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/08/29 21:44:24.0703 3564	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/29 21:44:25.0093 3564	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/29 21:44:25.0640 3564	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/29 21:44:26.0125 3564	ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/08/29 21:44:26.0500 3564	STEC3           (e4ebf293d1f612bda19b646c36715b20) C:\WINDOWS\system32\STEC3.sys
2011/08/29 21:44:27.0046 3564	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/29 21:44:27.0421 3564	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/29 21:44:29.0203 3564	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/29 21:44:29.0781 3564	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/29 21:44:30.0218 3564	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/29 21:44:30.0765 3564	tdrpman         (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/08/29 21:44:31.0343 3564	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/29 21:44:31.0609 3564	TelekomNM3      (5d528200679c3b4595b4237e02c077d5) C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
2011/08/29 21:44:32.0109 3564	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/29 21:44:32.0562 3564	tifsfilter      (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/08/29 21:44:33.0062 3564	timounter       (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/08/29 21:44:34.0015 3564	TVICHW32        (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
2011/08/29 21:44:34.0437 3564	uagp35          (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
2011/08/29 21:44:34.0875 3564	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/29 21:44:35.0750 3564	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/29 21:44:36.0359 3564	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/29 21:44:36.0765 3564	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/29 21:44:37.0187 3564	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/29 21:44:37.0578 3564	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/08/29 21:44:37.0937 3564	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/29 21:44:38.0343 3564	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/29 21:44:38.0718 3564	usb_rndisx      (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2011/08/29 21:44:39.0140 3564	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/29 21:44:40.0234 3564	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/29 21:44:40.0687 3564	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/29 21:44:41.0093 3564	wceusbsh        (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
2011/08/29 21:44:41.0968 3564	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/29 21:44:42.0515 3564	WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/29 21:44:42.0921 3564	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/08/29 21:44:43.0359 3564	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/29 21:44:43.0796 3564	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/29 21:44:43.0984 3564	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/29 21:44:44.0296 3564	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/08/29 21:44:44.0375 3564	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk2\DR4
2011/08/29 21:44:45.0171 3564	Boot (0x1200)   (bd700ff2b9c012930705b8494c5cffae) \Device\Harddisk0\DR0\Partition0
2011/08/29 21:44:45.0203 3564	Boot (0x1200)   (2f42f0c2fa2b09fcd41a3dac0d1acecf) \Device\Harddisk1\DR1\Partition0
2011/08/29 21:44:45.0250 3564	Boot (0x1200)   (089f1c3cb49acc6dca8572525dd7d34e) \Device\Harddisk2\DR4\Partition0
2011/08/29 21:44:45.0281 3564	Boot (0x1200)   (19d71d2d4312017ba4670c7903dc80f7) \Device\Harddisk2\DR4\Partition1
2011/08/29 21:44:45.0296 3564	================================================================================
2011/08/29 21:44:45.0296 3564	Scan finished
2011/08/29 21:44:45.0296 3564	================================================================================
2011/08/29 21:44:45.0359 1564	Detected object count: 0
2011/08/29 21:44:45.0359 1564	Actual detected object count: 0
         
Heini

Alt 29.08.2011, 21:00   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.08.2011, 20:40   #11
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Hier die CF-Logdatei (Teil 1):

Code:
ATTFilter
ComboFix 11-08-30.02 - Heini 30.08.2011  20:36:13.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.2047.1577 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Heini\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokume~1\Heini\LOKALE~1\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\dokumente und einstellungen\Heini\WINDOWS
c:\programme\newsoft
c:\programme\newsoft\Presto! PageManager 7.15\AppClassName.ini
c:\programme\newsoft\Presto! PageManager 7.15\AudioData.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnDoc.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnPpt.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnXls.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutoCrop.dll
c:\programme\newsoft\Presto! PageManager 7.15\AvalonPage.dll
c:\programme\newsoft\Presto! PageManager 7.15\Avi2Mpeg1.dll
c:\programme\newsoft\Presto! PageManager 7.15\AviToMpeg2.dll
c:\programme\newsoft\Presto! PageManager 7.15\BITSOFT.DIR
c:\programme\newsoft\Presto! PageManager 7.15\BOLD.PAT
c:\programme\newsoft\Presto! PageManager 7.15\Burn.dll
c:\programme\newsoft\Presto! PageManager 7.15\ccmllnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\CDIC.DLL
c:\programme\newsoft\Presto! PageManager 7.15\cmdlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\codecvt.dll
c:\programme\newsoft\Presto! PageManager 7.15\ComClass.dll
c:\programme\newsoft\Presto! PageManager 7.15\Convert.exe
c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\DA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\T4436.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5GB.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\DEF_BIG.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FARG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FID_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FWD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GBBIG5.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\INFO_BIG.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\POST_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SING_BIG.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\WORD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\E76.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\BIG5.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\E76.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FARG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FID_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FWD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\INFO_BIG.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\POST_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SING_BIG.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\J3477.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\DEF_JIS.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\ERR_JIS.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FARG_JIS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\INFO_JIS.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JDIC.BIN
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JIS.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\KANA.TRI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\POST_JIS.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SING_JIS.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\WORD_JIS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\a_recog.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\arecog_p.inf
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\aux_arg.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.fac
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clus_t.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\cos.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\KSC_CPNT.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_recog.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_trans.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\T4178.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\word_p.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\ERR_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FARG_KSC.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.inf
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FWD_KSC.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\INFO_KSC.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC120000.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.DD1
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC120000.tbl
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.tbl
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SING_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\WORD_KSC.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\S3834.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\BIG5GB.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\DEF_GB.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FARG_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FWD_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GB.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GBBIG5.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\INFO_GB.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\POST_GB.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SING_GB.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\WORD_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\dcexport.dll
c:\programme\newsoft\Presto! PageManager 7.15\dcfr.dll
c:\programme\newsoft\Presto! PageManager 7.15\Default.rec
c:\programme\newsoft\Presto! PageManager 7.15\DibToMpeg.dll
c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE0.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE1.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE13.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE15.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE20.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE23.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE7.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ExcelVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\ExeBud32.dll
c:\programme\newsoft\Presto! PageManager 7.15\Execute.ini
c:\programme\newsoft\Presto! PageManager 7.15\EXPORT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE
c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE.manifest
c:\programme\newsoft\Presto! PageManager 7.15\expvw.exe
c:\programme\newsoft\Presto! PageManager 7.15\faxlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\fid.dll
c:\programme\newsoft\Presto! PageManager 7.15\FineOCREngine.dll
c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Fioall.dll
c:\programme\newsoft\Presto! PageManager 7.15\Fioall.ini
c:\programme\newsoft\Presto! PageManager 7.15\FioAll32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioBmp32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL.INI
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOBMP32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOEXT32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOFPX32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOGIF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOJPG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCD32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCT32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCX32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPNG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPOF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTGA32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTIF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOWMF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\JPEGLIB.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIG3432.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIJPG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FioExt32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioFpx32.dll
c:\programme\newsoft\Presto! PageManager 7.15\fiogif32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioJpg32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPcd32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPct32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPcx32.dll
c:\programme\newsoft\Presto! PageManager 7.15\fiopng32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPof32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPsd32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioTga32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioThumb.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioTif32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioWmf32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FOBJ420.DLL
c:\programme\newsoft\Presto! PageManager 7.15\foldrlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\FontTok.ini
c:\programme\newsoft\Presto! PageManager 7.15\fpxlib.dll
c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\FT.dll
c:\programme\newsoft\Presto! PageManager 7.15\Function.ini
c:\programme\newsoft\Presto! PageManager 7.15\gdiplus.dll
c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.dll
c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.ini
c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LCD
c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LMD
c:\programme\newsoft\Presto! PageManager 7.15\GRINF11.DLL
c:\programme\newsoft\Presto! PageManager 7.15\hookdll.dll
c:\programme\newsoft\Presto! PageManager 7.15\HUNGAR.LCD
c:\programme\newsoft\Presto! PageManager 7.15\iConvert16.dll
c:\programme\newsoft\Presto! PageManager 7.15\ijl15.dll
c:\programme\newsoft\Presto! PageManager 7.15\IMAGE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ImgToAviExe.dll
c:\programme\newsoft\Presto! PageManager 7.15\imgtool.dll
c:\programme\newsoft\Presto! PageManager 7.15\Import.dll
c:\programme\newsoft\Presto! PageManager 7.15\ImportOldDB.exe
c:\programme\newsoft\Presto! PageManager 7.15\InitCtrl.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\adinit.dat
c:\programme\newsoft\Presto! PageManager 7.15\Inso\CMMAP000.BIN
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEBMP.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEHEX.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEMET.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DESS.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DETREE.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\dewp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBFPX2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBGP42.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBJPG2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPCD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPSD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXBM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXPM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXWD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD32.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD42.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD52.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD62.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD72.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD82.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCDR2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM52.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM72.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCMX2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMDSF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMFMV2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGDF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGEM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMIGS2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMMET2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPIF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPS_2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSI2.flt
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSZ2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMRND2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IPHGW2.flt
c:\programme\newsoft\Presto! PageManager 7.15\Inso\ISGDI32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSD13.TLB
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSN10.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIPN.DAT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCH.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCDA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccdu.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFI.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccfmt.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCLO.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCOLE.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccra.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCTA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCUT.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsacad.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSACS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSAMI.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBDR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBMP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSCGM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDBS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDEZ.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDIF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDRW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEMF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEN4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSESHR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEXE2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFAX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFFT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFLW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFWK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSgdsf.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGIF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGZIP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHGS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHTML.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vshwp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIMG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIWP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSJW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLEG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLWP.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLZH.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSM11.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMANU.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMCW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsmif.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMMFN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMPP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWP2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWPF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWRK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSOW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPBM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdfi.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPDX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPFS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPGL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPIC.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPICT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNTG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP7.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP97.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPPL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspsp6.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspst.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQAD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP9.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRAS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRBS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRTF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSAM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSC5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSDW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSHW3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSNAP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsso6.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoc.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoi.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssow.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSPT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTAZ.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTEXT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTGA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTIF6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTXT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVCRD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVISO.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVW3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW97.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswbmp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWG2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWKS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWMF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswml.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXL5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXY.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSZIP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Ism.dll
c:\programme\newsoft\Presto! PageManager 7.15\IsmDraw.dll
c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PAT
c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PTS
c:\programme\newsoft\Presto! PageManager 7.15\Jpeglib.dll
c:\programme\newsoft\Presto! PageManager 7.15\JpgLib.dll
c:\programme\newsoft\Presto! PageManager 7.15\KSC_CPNT.TBL
c:\programme\newsoft\Presto! PageManager 7.15\LANGUAGE\TEXTLANG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\lcppn22.dll
c:\programme\newsoft\Presto! PageManager 7.15\LCSPELL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\LICENSE of Info-Zip.txt
c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdate.dll
c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdateTray.exe
c:\programme\newsoft\Presto! PageManager 7.15\Lpm.dll
c:\programme\newsoft\Presto! PageManager 7.15\LUTRAY.ini
c:\programme\newsoft\Presto! PageManager 7.15\LUTRAYMSG.ini
c:\programme\newsoft\Presto! PageManager 7.15\lzexpand.dlx
c:\programme\newsoft\Presto! PageManager 7.15\mapilnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PAT
c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PTS
c:\programme\newsoft\Presto! PageManager 7.15\memio.dll
c:\programme\newsoft\Presto! PageManager 7.15\MergePDF.dll
c:\programme\newsoft\Presto! PageManager 7.15\MFC40.DLL
c:\programme\newsoft\Presto! PageManager 7.15\MFC42.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Mpg1
c:\programme\newsoft\Presto! PageManager 7.15\MsMail.exe
c:\programme\newsoft\Presto! PageManager 7.15\msvcirt.dll
c:\programme\newsoft\Presto! PageManager 7.15\msvcp50.dll
c:\programme\newsoft\Presto! PageManager 7.15\MSVCP60.DLL
c:\programme\newsoft\Presto! PageManager 7.15\msvcrt.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetFun2K.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetFun98.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetGroup.exe
c:\programme\newsoft\Presto! PageManager 7.15\NetGroupDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.lib
c:\programme\newsoft\Presto! PageManager 7.15\Netsearch.avi
c:\programme\newsoft\Presto! PageManager 7.15\NEWSOFT
c:\programme\newsoft\Presto! PageManager 7.15\NewsoftLink.dll
c:\programme\newsoft\Presto! PageManager 7.15\nextpwd.dll
c:\programme\newsoft\Presto! PageManager 7.15\NGRMCSY.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMDAN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMDUT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMENG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMFIN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMFRA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMGER.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMGRE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMITA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMNON.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMNOR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMPLK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMPTG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMRUS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMSPN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMSWE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMTRK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PAT
c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PTS
c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LCD
c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LMD
c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Noteslnk.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NSCDVD.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsFip.dll
c:\programme\newsoft\Presto! PageManager 7.15\nsfpx.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsFunTable.DB
c:\programme\newsoft\Presto! PageManager 7.15\NsKeyTable.DB
c:\programme\newsoft\Presto! PageManager 7.15\NSMEM.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsOEMKey.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsPdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsScan.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsScanToOcr.exe
c:\programme\newsoft\Presto! PageManager 7.15\NsScanToPdf.exe
c:\programme\newsoft\Presto! PageManager 7.15\NSSP.dll
c:\programme\newsoft\Presto! PageManager 7.15\NSWia.dll
c:\programme\newsoft\Presto! PageManager 7.15\NSWinZip.dll
c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK16.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\OCR.dll
c:\programme\newsoft\Presto! PageManager 7.15\ocr.str
c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.dll
c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.ini
c:\programme\newsoft\Presto! PageManager 7.15\OCRUtil.dll
c:\programme\newsoft\Presto! PageManager 7.15\OLDPNG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\OnLine.txt
c:\programme\newsoft\Presto! PageManager 7.15\OutlookVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\pack.dll
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\back.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\NSVIDEO.DLL
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VCARD.INI
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VMPLAYER.exe
c:\programme\newsoft\Presto! PageManager 7.15\Palette.map
c:\programme\newsoft\Presto! PageManager 7.15\Paper.lst
c:\programme\newsoft\Presto! PageManager 7.15\PART.PAT
c:\programme\newsoft\Presto! PageManager 7.15\PART.PTS
c:\programme\newsoft\Presto! PageManager 7.15\pccrsdk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PcdLib32.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.hdr
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data2.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\engine32.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\layout.bin
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.exe
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ibt
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ini
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.inx
c:\programme\newsoft\Presto! PageManager 7.15\pdflib.dll
c:\programme\newsoft\Presto! PageManager 7.15\PdfViewerDl.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFWDLL.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFWriter.dll
c:\programme\newsoft\Presto! PageManager 7.15\PerformOcr.dll
c:\programme\newsoft\Presto! PageManager 7.15\PHooKDlg.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pm.ini
c:\programme\newsoft\Presto! PageManager 7.15\Pm60DB.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMANO.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMAnoSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMAppBar.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pmapps.ini
c:\programme\newsoft\Presto! PageManager 7.15\PMAPPU.INI
c:\programme\newsoft\Presto! PageManager 7.15\PMApSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMCommon.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmdata.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMDB.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMDocVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMExeBud.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMIEVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMImgVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMINSO.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMISM.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMMAIL.EXE.manifest
c:\programme\newsoft\Presto! PageManager 7.15\PMMKView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMNotes.exe
c:\programme\newsoft\Presto! PageManager 7.15\pmNotes.str
c:\programme\newsoft\Presto! PageManager 7.15\PMPageVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.str
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\Adobe-GB1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-4
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\EUC-CN.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\GBK.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\gkai00mp.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\ISO-2022-CN.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Adobe-CNS1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5ascii.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\bkai00mp.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Adobe-Japan1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\83pv-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-4
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hankaku
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hiragana
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Katakana
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Roman
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\WP-Symbol
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\EUC-JP.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\ISO-2022-JP.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\kochi-mincho.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Shift-JIS.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\Adobe-Korea1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\batang.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\ISO-2022-KR.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\README
c:\programme\newsoft\Presto! PageManager 7.15\PMProp.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSave.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSavePdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmsavepdf.str
c:\programme\newsoft\Presto! PageManager 7.15\PMSaveXPS.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pmsb.exe
c:\programme\newsoft\Presto! PageManager 7.15\pmsb.ini
c:\programme\newsoft\Presto! PageManager 7.15\pmsb.str
c:\programme\newsoft\Presto! PageManager 7.15\PMScnSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSearch.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmset.ini
c:\programme\newsoft\Presto! PageManager 7.15\pmsetap.ini
c:\programme\newsoft\Presto! PageManager 7.15\PMStatus.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.ilk
c:\programme\newsoft\Presto! PageManager 7.15\PMTree.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmtwain.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmVideo.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMVIEW.EX_
c:\programme\newsoft\Presto! PageManager 7.15\PMVLink.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMVoice.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsCreator.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsHostView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsView.dll
c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LCD
c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LMD
c:\programme\newsoft\Presto! PageManager 7.15\post.dll
c:\programme\newsoft\Presto! PageManager 7.15\PowerTVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Prestopm.exe
c:\programme\newsoft\Presto! PageManager 7.15\prestopm.str
c:\programme\newsoft\Presto! PageManager 7.15\Print.dll
c:\programme\newsoft\Presto! PageManager 7.15\Print.str
c:\programme\newsoft\Presto! PageManager 7.15\PrintFun.exe
c:\programme\newsoft\Presto! PageManager 7.15\PrintFunLnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrintHook.dll
c:\programme\newsoft\Presto! PageManager 7.15\printlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrnDrvSetup.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrnSetup.ini
c:\programme\newsoft\Presto! PageManager 7.15\Psapi.dll
c:\programme\newsoft\Presto! PageManager 7.15\PSaver.scr
c:\programme\newsoft\Presto! PageManager 7.15\PShow.exe
c:\programme\newsoft\Presto! PageManager 7.15\PTLIB.dll
c:\programme\newsoft\Presto! PageManager 7.15\Qem.dll
c:\programme\newsoft\Presto! PageManager 7.15\RapDocImg.dll
c:\programme\newsoft\Presto! PageManager 7.15\ReadFileData.dll
c:\programme\newsoft\Presto! PageManager 7.15\Readme.txt
c:\programme\newsoft\Presto! PageManager 7.15\ReadTxtInfo.dll
c:\programme\newsoft\Presto! PageManager 7.15\Recogn.dll
c:\programme\newsoft\Presto! PageManager 7.15\RECPAGE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe
c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\RegSession.dll
c:\programme\newsoft\Presto! PageManager 7.15\RemoveIcons.ico
c:\programme\newsoft\Presto! PageManager 7.15\RemovePMUserData.exe
c:\programme\newsoft\Presto! PageManager 7.15\res\Backup.ico
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\blue_background.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P2.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p3.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P3.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p4.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P4.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\IE_bg.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\MENUBAR_BG.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\network_scanner.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Toolbar_bg.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\toolbar_bg1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Restore.dll
c:\programme\newsoft\Presto! PageManager 7.15\RPR371.JRT
c:\programme\newsoft\Presto! PageManager 7.15\Samples\AutumnView.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\BizCard 5.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\DVD PowerSuite 2.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Forms.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\History.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Lake.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\License.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Mr.photo3.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\PageManager 7.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Play Ground.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Shop.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Tower.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\VideoWorks6.pdf
c:\programme\newsoft\Presto! PageManager 7.15\SaveToJpg.dll
c:\programme\newsoft\Presto! PageManager 7.15\SCANMAN.DRV
c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.dll
c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.str
c:\programme\newsoft\Presto! PageManager 7.15\SCANNERS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\card_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Doc_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Letter_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\magazine_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Other_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\ScrBase.dll
c:\programme\newsoft\Presto! PageManager 7.15\search.avi
c:\programme\newsoft\Presto! PageManager 7.15\Segment.dll
c:\programme\newsoft\Presto! PageManager 7.15\shfolder.dll
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\bottom.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button-1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\close.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Dlg_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\header.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\left.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\listv_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\mrphoto.nsz
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\right.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\treev_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Wnd_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\skin.ini
c:\programme\newsoft\Presto! PageManager 7.15\SlideBarDLL.dll
c:\programme\newsoft\Presto! PageManager 7.15\sosalnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ssceam2.clx
c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Tcm.dll
c:\programme\newsoft\Presto! PageManager 7.15\TestImage2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\Trash.ico
c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PAT
c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PTS
c:\programme\newsoft\Presto! PageManager 7.15\UciG3432.dll
c:\programme\newsoft\Presto! PageManager 7.15\UciJpg32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UFioDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\UFSE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\umxnts32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UNDERLIN.PAT
c:\programme\newsoft\Presto! PageManager 7.15\UNPACK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe
c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\unzip32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UserDict.tlx
c:\programme\newsoft\Presto! PageManager 7.15\UXFSE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Vcd_NTSC
c:\programme\newsoft\Presto! PageManager 7.15\Vcd_PAL
c:\programme\newsoft\Presto! PageManager 7.15\VideoData.dll
c:\programme\newsoft\Presto! PageManager 7.15\VisioVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\VMPLAYER.exe
c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe
c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_robohelp.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_webhelp.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\default.skn
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\ehlpdhtm.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.log
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_csh.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_rhc.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G.css
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\01.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\02.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\03.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\04.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\05.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\06.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\07.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\08.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\09.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\100.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\101.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\23.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\24.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\25.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\26.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\27.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\28.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\29.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\34.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\41.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\42.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\43.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\44.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\45.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\46.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\47.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\48.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\49.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\50.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\51.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\52.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\53.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\54.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\55.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\56.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\57.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\58.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\59.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\60.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\61.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\62.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\63.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\64.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\65.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\66.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\67.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\68.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\69.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\70.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\71.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\72.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\73.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\74.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\75.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\76.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\77.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\78.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\79.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\80.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\81.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\82.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\83.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\84.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\85.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\86.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\87.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\88.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\89.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\90.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\91.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\92.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\93.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\94.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\95.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\96.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\97.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\98.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\99.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image003.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image005.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image009.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image013.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image014.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image016.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image018.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image020.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image022.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image024.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image026.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image028.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image030.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image032.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image034.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image036.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image038.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image040.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image041.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image043.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image045.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image047.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image049.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image051.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image053.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image055.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image057.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image059.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image061.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image063.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image065.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image069.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image074.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image075.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image076.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image078.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image080.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image082.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image084.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image086.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image087.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image089.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image091.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image093.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image095.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image096.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image098.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image100.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image101.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image102.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image104.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image106.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image107.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image109.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image111.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image113.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image114.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image115.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image117.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image119.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image121.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image123.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image125.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image127.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image129.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image13.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image130.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image131.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image133.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image135.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image137.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image139.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image14.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image141.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image143.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image145.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image147.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image149.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image15.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image150.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image152.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image153.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image154.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image156.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image158.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image16.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image160.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image162.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image164.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image166.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image168.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image17.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image170.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image172.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image173.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image174.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image176.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image178.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image18.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image180.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image182.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image184.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image185.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image186.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image188.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image189.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image19.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image191.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image193.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image194.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image195.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image196.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image197.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image199.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image200.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image201.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image202.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image203.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image205.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image206.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image208.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image209.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image210.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image211.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image212.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Introduction_G_copy.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\MainScreen_G_copy.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Pageview_XPS_copy.jpg
         

Alt 30.08.2011, 20:42   #12
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



und wg. der Größe hier Teil 2

Code:
ATTFilter
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_ns.css
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\RoboHHRE.lng
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.cab
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.jar
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcsh_home.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcshdata.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whgdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whestart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfbody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfform.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfhost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whform.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whframes.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgbody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whexpbar.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl23.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstg0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlsti0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdef.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whghost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whhost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whibody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whidhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whiform.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whihost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whlang.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmozemu.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmsg.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whnjs.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whphost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproxy.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whres.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whrstart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_banner.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_blank.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset01.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset010.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_homepage.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_info.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_mbars.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_papplet.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pickup.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_plist.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_tbars.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whst_topics.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstub.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abge.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgi.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgw.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abte.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abti.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abtw.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_go.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_hide.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_spac.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_sync.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab0.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab4.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab5.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab6.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab7.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab8.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc4.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtbar.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whthost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtopic.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whutils.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whver.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whftdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfts.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata1.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata2.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata3.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata4.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata5.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whglo.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidx.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtoc.xml
c:\programme\newsoft\Presto! PageManager 7.15\WEBSYNC.INI
c:\programme\newsoft\Presto! PageManager 7.15\WebSyncEx.dll
c:\programme\newsoft\Presto! PageManager 7.15\WordVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Work\ANNODB\stamp.___
c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.exe
c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.tlb
c:\programme\newsoft\Presto! PageManager 7.15\WriteData2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteDriver2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteIfo2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteOcr2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteTxt2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\XpsCreator.dll
c:\programme\newsoft\Presto! PageManager 7.15\zip32.dll
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
c:\windows\XSxS
H:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_STEC3
-------\Service_STEC3
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-07-28 bis 2011-08-30  ))))))))))))))))))))))))))))))
.
.
2011-08-29 22:29 . 2011-08-29 22:29	--------	d-----w-	c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Samsung
2011-08-29 22:27 . 2011-07-18 04:24	136808	----a-w-	c:\windows\system32\drivers\ssadmdm.sys
2011-08-29 22:27 . 2011-07-18 04:24	12776	----a-w-	c:\windows\system32\drivers\ssadmdfl.sys
2011-08-29 22:23 . 2011-08-29 22:26	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Samsung
2011-08-29 22:16 . 2011-08-29 22:16	--------	d-----w-	c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
2011-08-29 18:31 . 2011-08-29 18:31	--------	d-----w-	C:\_OTL
2011-08-28 19:16 . 2011-08-28 19:16	--------	d-----w-	c:\programme\ESET
2011-08-21 18:51 . 2011-08-21 18:51	--------	d-----w-	c:\dokumente und einstellungen\Heini\Anwendungsdaten\Malwarebytes
2011-08-21 18:51 . 2011-07-06 17:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-21 18:51 . 2011-08-21 18:51	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2011-08-21 18:51 . 2011-08-21 18:51	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2011-08-21 18:51 . 2011-07-06 17:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-08-13 09:38 . 2011-08-13 09:38	--------	d-----w-	c:\dokumente und einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com
2011-08-11 14:27 . 2011-06-24 14:10	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 14:26 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-23 19:16 . 2011-05-15 10:00	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-26 15:26 . 2011-07-26 15:26	90112	----a-w-	c:\windows\MAMCityDownload.ocx
2011-07-26 15:26 . 2011-07-26 15:26	325552	----a-w-	c:\windows\MASetupCaller.dll
2011-07-26 15:26 . 2011-07-26 15:26	30568	----a-w-	c:\windows\MusiccityDownload.exe
2011-07-26 15:26 . 2011-07-26 15:26	974848	----a-w-	c:\windows\system32\cis-2.4.dll
2011-07-26 15:26 . 2011-07-26 15:26	81920	----a-w-	c:\windows\system32\issacapi_bs-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26	65536	----a-w-	c:\windows\system32\issacapi_pe-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26	57344	----a-w-	c:\windows\system32\MTXSYNCICON.dll
2011-07-26 15:26 . 2011-07-26 15:26	57344	----a-w-	c:\windows\system32\MK_Lyric.dll
2011-07-26 15:26 . 2011-07-26 15:26	57344	----a-w-	c:\windows\system32\issacapi_se-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26	569344	----a-w-	c:\windows\system32\muzdecode.ax
2011-07-26 15:26 . 2011-07-26 15:26	491520	----a-w-	c:\windows\system32\muzapp.dll
2011-07-26 15:26 . 2011-07-26 15:26	49152	----a-w-	c:\windows\system32\MaJGUILib.dll
2011-07-26 15:26 . 2011-07-26 15:26	45056	----a-w-	c:\windows\system32\MaXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26	45056	----a-w-	c:\windows\system32\MACXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26	40960	----a-w-	c:\windows\system32\MTTELECHIP.dll
2011-07-26 15:26 . 2011-07-26 15:26	40960	----a-w-	c:\windows\system32\MAMACExtract.dll
2011-07-26 15:26 . 2011-07-26 15:26	352256	----a-w-	c:\windows\system32\MSLUR71.dll
2011-07-26 15:26 . 2011-07-26 15:26	258048	----a-w-	c:\windows\system32\muzoggsp.ax
2011-07-26 15:26 . 2011-07-26 15:26	245760	----a-w-	c:\windows\system32\MSCLib.dll
2011-07-26 15:26 . 2011-07-26 15:26	24576	----a-w-	c:\windows\system32\MASetupCleaner.exe
2011-07-26 15:26 . 2011-07-26 15:26	200704	----a-w-	c:\windows\system32\muzwmts.dll
2011-07-26 15:26 . 2011-07-26 15:26	172032	----a-w-	c:\windows\system32\muzapp.exe
2011-07-26 15:26 . 2011-07-26 15:26	155648	----a-w-	c:\windows\system32\MSFLib.dll
2011-07-26 15:26 . 2011-07-26 15:26	143360	----a-w-	c:\windows\system32\3DAudio.ax
2011-07-26 15:26 . 2011-07-26 15:26	14336	----a-w-	c:\windows\system32\avrt.dll
2011-07-26 15:26 . 2011-07-26 15:26	135168	----a-w-	c:\windows\system32\muzaf1.dll
2011-07-26 15:26 . 2011-07-26 15:26	131072	----a-w-	c:\windows\system32\muzmpgsp.ax
2011-07-26 15:26 . 2011-07-26 15:26	122880	----a-w-	c:\windows\system32\muzeffect.ax
2011-07-26 15:26 . 2011-07-26 15:26	118784	----a-w-	c:\windows\system32\MaDRM.dll
2011-07-26 15:26 . 2011-07-26 15:26	110592	----a-w-	c:\windows\system32\muzmp4sp.ax
2011-07-15 13:29 . 2001-08-23 12:00	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-08-23 12:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-07-03 16:31 . 2011-07-03 16:32	73728	----a-w-	c:\windows\system32\javacpl.cpl
2011-07-03 16:31 . 2010-08-04 19:09	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-06-30 18:49 . 2009-03-27 18:13	66616	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-06-30 18:49 . 2009-03-27 18:13	138192	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-06-24 14:10 . 2005-07-30 14:46	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2008-03-09 18:41	672768	----a-w-	c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-04 12:00	81920	----a-w-	c:\windows\system32\ieencode.dll
2011-06-21 18:18 . 2001-08-23 12:00	61952	----a-w-	c:\windows\system32\tdc.ocx
2011-06-21 18:16 . 2004-08-04 12:00	371200	----a-w-	c:\windows\system32\html.iec
2011-06-20 17:44 . 2001-08-23 12:00	293888	----a-w-	c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2001-08-23 12:00	1859072	----a-w-	c:\windows\system32\win32k.sys
2007-08-10 15:35 . 2007-08-10 15:28	21733696	----a-w-	c:\programme\SkypeSetup.exe
2008-01-29 12:51 . 2008-01-29 12:51	27976	----a-w-	c:\programme\mozilla firefox\plugins\atgpcdec.dll
2008-01-29 12:51 . 2008-01-29 12:51	125848	----a-w-	c:\programme\mozilla firefox\plugins\atgpcext.dll
2008-01-29 12:51 . 2008-01-29 12:51	46408	----a-w-	c:\programme\mozilla firefox\plugins\atmccli.dll
2008-01-29 12:51 . 2008-01-29 12:51	98712	----a-w-	c:\programme\mozilla firefox\plugins\ieatgpc.dll
2011-08-21 09:33 . 2011-03-29 16:48	134104	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\programme\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-26 313352]
"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"CTSyncU.exe"="c:\programme\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"KiesPDLR"="c:\programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-22 20880]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"SiSPower"="SiSPower.dll" [2006-03-09 49152]
"BCSSync"="c:\programme\microsoft office\Office14\BCSSync.exe" [2010-03-13 91520]
"CTCheck"="c:\programme\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-03 273544]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-04-08 254696]
"KiesHelper"="c:\programme\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Sitecom 300N USB Wireless LAN Utility.lnk - c:\programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe [2010-12-8 937984]
Wireless Configuration Utility.lnk - c:\programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe [2004-10-6 442368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programme\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21	548352	----a-w-	c:\programme\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk*\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\SanDisk Media Manager.lnk
backup=c:\windows\pss\SanDisk Media Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Squeezebox Server-Taskleisten-Tool.lnk
backup=c:\windows\pss\Squeezebox Server-Taskleisten-Tool.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk
backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnkCommon Startup
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"WrtMon.exe"=c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
"TrueImageMonitor.exe"=c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe
"CanonSolutionMenu"=c:\programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"AcronisTimounterMonitor"=c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe
"Acronis Scheduler2 Service"="c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
"SBCSTray"=c:\programme\Sunbelt Software\CounterSpy\SBCSTray.exe
"OpwareSE4"="c:\programme\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"ATIPTA"=c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\NX Client for Windows\\nxclient.exe"=
"c:\\Programme\\NX Client for Windows\\bin\\nxssh.exe"=
"c:\programme\Microsoft ActiveSync\rapimgr.exe"= c:\programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programme\Microsoft ActiveSync\wcescomm.exe"= c:\programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programme\Microsoft ActiveSync\WCESMgr.exe"= c:\programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programme\\Squeezebox\\SqueezePlay\\squeezeplay.exe"=
"c:\\Programme\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Programme\\SITECOM\\300N USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\Programme\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9000:TCP"= 9000:TCP:Squeezebox Server 9000 tcp (UI)
"3483:UDP"= 3483:UDP:Squeezebox Server 3483 udp
"3483:TCP"= 3483:TCP:Squeezebox Server 3483 tcp
"9090:TCP"= 9090:TCP:Squeezebox Server 9090 tcp (UI)
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"9001:TCP"= 9001:TCP:Squeezebox Server 9001 tcp (UI)
"9002:TCP"= 9002:TCP:Squeezebox Server 9002 tcp (UI)
"9003:TCP"= 9003:TCP:Squeezebox Server 9003 tcp (UI)
"9004:TCP"= 9004:TCP:Squeezebox Server 9004 tcp (UI)
"9005:TCP"= 9005:TCP:Squeezebox Server 9005 tcp (UI)
"9006:TCP"= 9006:TCP:Squeezebox Server 9006 tcp (UI)
"9007:TCP"= 9007:TCP:Squeezebox Server 9007 tcp (UI)
"9008:TCP"= 9008:TCP:Squeezebox Server 9008 tcp (UI)
"9009:TCP"= 9009:TCP:Squeezebox Server 9009 tcp (UI)
"9010:TCP"= 9010:TCP:Squeezebox Server 9010 tcp (UI)
"9100:TCP"= 9100:TCP:Squeezebox Server 9100 tcp (UI)
"8000:TCP"= 8000:TCP:Squeezebox Server 8000 tcp (UI)
"10000:TCP"= 10000:TCP:Squeezebox Server 10000 tcp (UI)
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R0 SBHR;SBHR;c:\windows\system32\drivers\sbhr.sys [21.09.2007 20:11 15544]
R1 SASDIFSV;SASDIFSV;c:\programme\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programme\SUPERAntiSpyware\SASKUTIL.SYS [10.05.2010 20:41 67656]
R2 a2free;a-squared Free Service;c:\programme\a-squared Free\a2service.exe [30.08.2007 21:19 380528]
R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [10.01.2009 20:41 108768]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\programme\Avira\AntiVir Desktop\avmailc.exe [27.03.2009 20:13 340136]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.03.2009 20:13 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [27.03.2009 20:13 428200]
R2 AVMPORT;AVMPORT;c:\windows\system32\drivers\avmport.sys [31.07.2005 19:03 59520]
R2 CDMA Device Service;CDMA Device Service;c:\programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [30.08.2011 00:28 63488]
R2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [04.11.2010 16:41 9728]
R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL [?]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [08.12.2010 16:54 605856]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]
S3 ACRUSBTM;ACRUSBTM;c:\windows\system32\drivers\ACRUSBTM.SYS [26.09.2008 19:52 28672]
S3 ALSysIO;ALSysIO;\??\c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys --> c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys [?]
S3 AVMBTPARALLEL;AVM Bluetooth Druckeranschluss;c:\windows\system32\drivers\avmbtpar.sys [09.12.2003 02:00 60032]
S3 AVMBTSERIAL;AVM Bluetooth Kommunikationsanschluss;c:\windows\system32\drivers\avmbtser.sys [09.12.2003 02:00 61056]
S3 AVMBTSND;AVM Bluetooth Audio Driver;c:\windows\system32\drivers\avmbtsnd.sys [09.12.2003 02:00 48128]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmcowan.sys [09.12.2003 02:00 53120]
S3 AVMWAN;NDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmwan.sys [11.01.2002 02:00 37568]
S3 bfubase;BlueFRITZ! USB (WinXP/2000);c:\windows\system32\drivers\bfubase.sys [11.01.2002 02:00 741600]
S3 CAPI_CIP;AVM Bluetooth CAPI-Controller;c:\windows\system32\drivers\capi_cip.sys [09.12.2003 02:00 334464]
S3 FXDRV;FXDRV;\??\f:\fxdrv.sys --> f:\Fxdrv.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys --> c:\windows\system32\DRIVERS\gflmouhid.sys [?]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys --> c:\windows\system32\DRIVERS\gMouPS2.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programme\Microsoft Office\Office14\GROOVE.EXE [25.03.2010 10:25 30969208]
S3 NETBFPAN;AVM Bluetooth Netzwerkadapter;c:\windows\system32\drivers\netbfpan.sys [09.12.2003 02:00 35914]
S3 NETPPPOI;PPP over ISDN;c:\windows\system32\DRIVERS\NETPPPOI.SYS --> c:\windows\system32\DRIVERS\NETPPPOI.SYS [?]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]
S3 SBAPIFS;SBAPIFS;\??\c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [30.08.2011 00:27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [30.08.2011 00:27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [30.08.2011 00:27 136808]
S3 TelekomNM3;Telekom Netzmanager Packet Filter Driver;c:\programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [16.09.2010 17:02 35040]
S3 vmdmd;Fax Port Driver;c:\windows\system32\DRIVERS\vmdmd.sys --> c:\windows\system32\DRIVERS\vmdmd.sys [?]
.
Inhalt des "geplante Tasks" Ordners
.
2011-07-29 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 18:08]
.
2011-08-30 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-24 08:49]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]
.
2011-08-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\programme\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\programme\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\programme\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\programme\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\programme\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\programme\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\programme\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\programme\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\programme\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\programme\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\programme\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-08-30 21:17
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32*]
"Class"=hex:ab,c2,74,5b,6c,67,a9,07,13,e0,e1,24,c4,1e,4a,fb,d0,dd,48,ff,50,95,
   74,f9,62,57,09,f4,e8,d4,30,f1,4b,a8,a7,f4,da,c8,33,9b,48,b8,7b,81,1c,3c,a0,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32*]
"Class"=hex:d4,5f,d4,fd,c6,b4,bf,77,56,75,0e,52,68,44,fd,05,8e,61,64,c7,8d,04,
   9a,0b,b9,cb,a4,63,56,e1,dc,88,12,6f,67,c0,be,41,6e,1a,5f,f5,6e,06,f1,d3,3b,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32*]
"Class"=hex:f3,ab,5e,97,03,e1,3c,b2,5c,49,a2,43,b6,d1,e5,c5,4b,ee,a8,8b,ce,e3,
   cb,73,38,b0,4e,da,18,a2,d6,e6,a5,c5,c6,e0,b7,1a,9c,c8,70,f7,de,d4,54,22,a8,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32*]
"Class"=hex:00,6d,78,af,8e,b4,c4,17,0d,65,d8,5a,38,fb,be,e6,2f,8e,89,d1,8e,02,
   54,5e,95,6e,74,67,f4,3e,de,b1,ca,82,ab,ce,60,43,ae,c2,54,81,2e,60,f2,26,2a,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32*]
"Class"=hex:89,da,99,86,00,20,ba,1a,0b,25,73,fb,c0,a4,b3,0a,6e,4f,c7,08,79,c4,
   d1,83,39,9c,db,89,9d,f2,49,60,5c,1f,96,f0,be,29,fa,4e,76,f3,eb,fa,6e,f6,eb,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32*]
"Class"=hex:e0,87,86,cb,2c,02,0d,e2,e4,2d,5f,b7,cc,39,20,ae,75,dd,d6,b4,27,7e,
   88,a3,95,7b,a8,60,04,6e,49,6d,c2,61,b4,4e,e4,fa,0e,8e,5d,e4,9e,e3,2c,8f,95,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32*]
"Class"=hex:62,d9,7b,80,32,b6,7f,b4,72,cc,ad,10,b5,81,92,8c,f4,2d,3f,f2,17,44,
   72,ff,30,bf,6d,7f,b6,a7,14,b7,e4,dc,27,c8,a4,ed,83,e5,c2,49,5d,bc,c1,fa,a0,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\PSGuard.com\PSGuard\P.S.Guard\License*]
"Data"="InstallTime=1c5c537:93680c70\0d\0aLastRunTime=1c5c539:45626050\0d\0a"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(660)
c:\programme\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(716)
c:\programme\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(3128)
c:\progra~1\GEMEIN~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1031\GrooveIntlResource.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
c:\windows\system32\CTsvcCDA.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
c:\programme\Sunbelt Software\CounterSpy\SBCSSvc.exe
c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe
c:\programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\MICROS~3\rapimgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-08-30  21:31:09 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-08-30 19:31
ComboFix2.txt  2007-09-07 16:21
.
Vor Suchlauf: 17 Verzeichnis(se), 21.577.994.240 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 21.583.536.128 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
.
- - End Of File - - C430AB272156B5FD96A200FE93017425
         
Und nu?

Gruß
Heini

Alt 31.08.2011, 10:55   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.09.2011, 21:20   #14
Heini66
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Hier die Logs

[code]
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-09-01 03:28:22
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10
Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys


---- System - GMER 1.0.15 ----

SSDT            F7B3B9F4                                                                                           ZwClose
SSDT            F7B3B9AE                                                                                           ZwCreateKey
SSDT            F7B3B9FE                                                                                           ZwCreateSection
SSDT            F7B3B9A4                                                                                           ZwCreateThread
SSDT            F7B3B9B3                                                                                           ZwDeleteKey
SSDT            F7B3B9BD                                                                                           ZwDeleteValueKey
SSDT            F7B3B9EF                                                                                           ZwDuplicateObject
SSDT            F7B3B9C2                                                                                           ZwLoadKey
SSDT            sbhr.sys                                                                                           ZwOpenKey [0xF789F4D0]
SSDT            F7B3B990                                                                                           ZwOpenProcess
SSDT            F7B3B995                                                                                           ZwOpenThread
SSDT            F7B3B9CC                                                                                           ZwReplaceKey
SSDT            F7B3B9C7                                                                                           ZwRestoreKey
SSDT            F7B3BA03                                                                                           ZwSetContextThread
SSDT            F7B3B9B8                                                                                           ZwSetValueKey
SSDT            F7B3B99F                                                                                           ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

init            C:\WINDOWS\system32\drivers\ALCXSENS.SYS                                                           entry point in "init" section [0xB17F9900]
.text           C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           section is writeable [0xA93D2000, 0x30A4A, 0xE8000020]
.pklstb         C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           entry point in ".pklstb" section [0xA9414000]
.relo2          C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           unknown last section [0xA942F000, 0x8E, 0x42000040]
.text           C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           section is writeable [0xA9370000, 0x328BA, 0xE8000020]
.pklstb         C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           entry point in ".pklstb" section [0xA93B4000]
.relo2          C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           unknown last section [0xA93D0000, 0x8E, 0x42000040]

---- User code sections - GMER 1.0.15 ----

.text           C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2092] ntdll.dll!DbgUiRemoteBreakin  7C9620EC 1 Byte  [C3]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                             sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                             sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume3                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume4                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume5                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@Class            0xAB 0xC2 0x74 0x5B ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@Class            0xD4 0x5F 0xD4 0xFD ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@Class            0xF3 0xAB 0x5E 0x97 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@Class            0x00 0x6D 0x78 0xAF ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@Class            0x89 0xDA 0x99 0x86 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@Class            0xE0 0x87 0x86 0xCB ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32                  
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@Class            0x62 0xD9 0x7B 0x80 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@ThreadingModel   Apartment
Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

---- EOF - GMER 1.0.15 ----
         
--- --- ---


OSAM

OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 20:31:23 on 01.09.2011

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 6.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - ? - autochk*  (File not found)

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl
"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl
"FINDFAST.CPL" - "Microsoft Corporation" - C:\WINDOWS\system32\FINDFAST.CPL
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"mbllnk.cpl" - "AvantGo, Inc." - C:\WINDOWS\system32\mbllnk.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir PersonalEdition Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Avira AntiVir PersonalEdition Premium Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)
"Avira AntiVir Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV05" (ACEDRV05) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV05.sys
"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys
"Acronis Snapshots Manager" (snapman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\snapman.sys
"Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\timntr.sys
"Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tifsfilt.sys
"Acronis Try&Decide and Restore Points filter" (tdrpman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tdrpman.sys
"ACRUSBTM" (ACRUSBTM) - ? - C:\WINDOWS\system32\drivers\ACRUSBTM.SYS
"Add Performance Filter Driver" (sisperf) - "Silicon Integrated Systems Corp." - C:\WINDOWS\System32\drivers\sisperf.sys
"AEGIS Protocol (IEEE 802.1x) v3.7.5.0" (AegisP) - "Cisco Systems, Inc." - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"ALSysIO" (ALSysIO) - ? - C:\DOKUME~1\Heini\LOKALE~1\Temp\ALSysIO.sys  (File not found)
"ASPI32" (ASPI32) - "Adaptec" - C:\WINDOWS\system32\drivers\ASPI32.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"AVM Bluetooth Audio Driver" (AVMBTSND) - "AVM GmbH" - C:\WINDOWS\System32\drivers\avmbtsnd.sys
"AVM Bluetooth CAPI-Controller" (CAPI_CIP) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\capi_cip.sys
"AVM Bluetooth Druckeranschluss" (AVMBTPARALLEL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtpar.sys
"AVM Bluetooth Kommunikationsanschluss" (AVMBTSERIAL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtser.sys
"AVM Bluetooth Netzwerkadapter" (NETBFPAN) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\netbfpan.sys
"AVM ISDN CoNDIS WAN CAPI Treiber" (AVMCOWAN) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmcowan.sys
"AVMPORT" (AVMPORT) - "AVM Berlin" - C:\WINDOWS\System32\drivers\avmport.sys
"BlueFRITZ! USB (WinXP/2000)" (bfubase) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\bfubase.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"Fax Port Driver" (vmdmd) - ? - C:\WINDOWS\System32\DRIVERS\vmdmd.sys  (File not found)
"FXDRV" (FXDRV) - ? - F:\Fxdrv.sys  (File not found)
"grmnusb" (grmnusb) - "GARMIN Corp." - C:\WINDOWS\System32\drivers\grmnusb.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCANDIS5 Protocol Driver" (PCANDIS5) - ? - C:\D-Link\AIRPLU~1\PCANDIS5.SYS  (File not found)
"PCASp50 NDIS Protocol Driver" (PCASp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\System32\Drivers\PCASp50.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PPP over ISDN" (NETPPPOI) - ? - C:\WINDOWS\System32\DRIVERS\NETPPPOI.SYS  (File not found)
"PS2 Scroll Mouse Device" (gMouPS2) - ? - C:\WINDOWS\System32\DRIVERS\gMouPS2.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
"SBAPIFS" (SBAPIFS) - ? - C:\WINDOWS\system32\drivers\sbapifs.sys  (File not found)
"SBHR" (SBHR) - ? - C:\WINDOWS\System32\drivers\sbhr.sys
"Scroll Mouse Driver" (genmcmn) - ? - C:\WINDOWS\System32\DRIVERS\gmfiltr.sys  (File not found)
"sisidex" (sisidex) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\System32\drivers\sisidex.sys
"SoundTap Recorder" (NCHSSVAD) - "NCH Swift Sound" - C:\WINDOWS\System32\drivers\nchssvad.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"Telekom Netzmanager Packet Filter Driver" (TelekomNM3) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
"TVICHW32" (TVICHW32) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
"USB Scroll Mouse Driver" (genmcmnUSB) - ? - C:\WINDOWS\System32\DRIVERS\gflmouhid.sys  (File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9} "{17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{d7b95390-b1c5-11d0-b111-0080c712fe82} "mctp" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll
{C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL
{49BF5420-FA7F-11cf-8011-00A0C90A8F78} "Mobiles Gerät" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Wcesview.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\OLKFSTUB.DLL
{A12BE4C1-968E-4b81-96E3-E9ECA5913634} "PBN.PBNMaximumMP3ShellExtension" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{4AFB2C17-9D16-4478-AEF4-C3FC539961E4} "ZEN Media Explorer" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\SHCTMTP.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{6C269571-C6D7-4818-BCA4-32A035E8C884} "Creative Software AutoUpdate" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTSUEngn.ocx / hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
{F6ACF75C-C32C-447B-9BEF-46B766368D29} "Creative Software AutoUpdate Support Package" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPID.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab
{D4B68B83-8710-488B-A692-D74B50BA558E} "Creative Software AutoUpdate Support Package 2" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPIDPDE.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
{4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\System32\legitcheckcontrol.dll / hxxp://go.microsoft.com/fwlink/?linkid=39204
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIE.dll
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "Create Mobile Favorite" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Sitecom 300N USB Wireless LAN Utility.lnk" - "Sitecom Corp." - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe  (Shortcut exists | File exists)
"Wireless Configuration Utility.lnk" - ? - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Heini\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"CTSyncU.exe" - ? - "C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe"
"H/PC Connection Agent" - "Microsoft Corporation" - "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
"KiesPDLR" - ? - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
"TuneUp MemOptimizer" - "TuneUp Software GmbH" - "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"BCSSync" - "Microsoft Corporation" - "C:\programme\microsoft office\Office14\BCSSync.exe" /DelayServices
"CTCheck" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe
"KiesHelper" - "Samsung" - C:\Programme\Samsung\Kies\KiesHelper.exe /s
"KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Programme\Samsung\Kies\KiesTrayAgent.exe
"SiSPower" - "Silicon Integrated Systems Corporation" - Rundll32.exe SiSPower.dll,ModeAgent
"SiSUSBRG" - "Silicon Integrated Systems Corp." - C:\WINDOWS\SiSUSBrg.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\program files\real\realplayer\update\realsched.exe"  -osboot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Teledat 150 Color Fax Port Monitor" - ? - TelColorPort.dll  (File not found)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"a-squared Free Service" (a2free) - "Emsi Software GmbH" - C:\Programme\a-squared Free\a2service.exe
"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
"Acronis Try And Decide Service" (TryAndDecideService) - ? - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe  (File found, but it contains no detailed information)
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avmailc.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
"CDMA Device Service" (CDMA Device Service) - ? - C:\Programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
"Creative Service for CDROM Access" (Creative Service for CDROM Access) - "Creative Technology Ltd" - C:\WINDOWS\system32\CTsvcCDA.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\programme\microsoft office\Office14\GROOVE.EXE
"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
"Netzmanager Infrastruktur Informationssystem Dienst" (Netzmanager Service) - "Deutsche Telekom AG" - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"SqueezeMySQL" (SqueezeMySQL) - ? - C:\PROGRA~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe  (File found, but it contains no detailed information)
"Sunbelt CounterSpy Antispyware" (SBCSSvc) - "Sunbelt Software" - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"AVSDA" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avsda.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

--- --- ---


AVAST ist mir während des Scans mit folgender Meldung abgestürzt
Code:
ATTFilter
avast! Antirootkit hat ein Problem festgestellt und muss beendet werden.

Problemsignatur____________________________________________________

AppName: aswmbr.exe	 AppVer: 0.9.8.986	 ModName: ntdll.dll
ModVer: 5.1.2600.6055	 Offset: 00011689
         
Soll ich den Scan noch einmal laufen lassen?

Gruß
Heini

Geändert von Heini66 (01.09.2011 um 21:23 Uhr) Grund: falsche Formatierung

Alt 01.09.2011, 21:44   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Standard

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik



Ja, Avast nochmal probieren. Fall es wieder abkachelt, mach dann ein Log mit dem "älteren" mbrcheck:

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik
0x00000001, acedrv05.sys, adobe, alternate, antivir, avira, bho, c:\windows\system32\rundll32.exe, desktop, document, einstellungen, error, excel.exe, explorer, firefox, fontcache, gereinigt, google earth, helper, home, mp3, object, plug-in, realtek, rundll, scan, sched.exe, senden, server, software, system, trojaner, usb, winlogon.exe, wiso




Ähnliche Themen: SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik


  1. Malwarebytes findet Trojan.Agent.UKED in Datei MSTORDB.EXE
    Log-Analyse und Auswertung - 30.04.2015 (9)
  2. G-Data findet Win32.Trojan.Agent.XDJOX7
    Log-Analyse und Auswertung - 22.03.2015 (20)
  3. Malwarebytes findet mehrere Trojan.Agent
    Plagegeister aller Art und deren Bekämpfung - 11.09.2014 (12)
  4. Trojan.Agent - netlogger.exe - MalwareBytes findet nach Routinescan einen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.09.2014 (11)
  5. ZoneArlarm scan ergab u.a. HEUR:Trojan.Win32.Generic , Trojan.Win32.Agent.aeqtk
    Log-Analyse und Auswertung - 11.02.2014 (9)
  6. Nur ClamAV findet Win.Trojan.Lmir-1366, Trojan.Agent-280119, W32.Perelett.14919, andere nichts
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (9)
  7. Nur ClamAV findet Win.Trojan.Agent-517310; W32.Virut.Gen.D-163 auf Win7, Andere finden nix
    Plagegeister aller Art und deren Bekämpfung - 03.10.2013 (9)
  8. spywareterminator 2012 findet stealthkeylog und trojan.agent.kkh
    Log-Analyse und Auswertung - 12.06.2013 (18)
  9. Malewarebytes findet Trojan.Agent
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (19)
  10. amty (worm.Autorun) und csrcs.exe(Trojan.Agent) bei einem routine-Scan von MBAM gefunden
    Log-Analyse und Auswertung - 21.04.2012 (16)
  11. Malwarebytes findet Virus (Trojan.Agent)
    Log-Analyse und Auswertung - 24.01.2012 (1)
  12. Trojan Hunt findet die Trojaner sinowal.727 und agent.28. Malwarebytes findet nichts?
    Plagegeister aller Art und deren Bekämpfung - 15.11.2011 (1)
  13. Malwarebytes findet Trojan.Bancos + RiskWare.Tool.CK + Trojan.Agent.CK...
    Plagegeister aller Art und deren Bekämpfung - 18.05.2011 (7)
  14. SUPERAntispyware findet Trojan.Agent/CDesc
    Plagegeister aller Art und deren Bekämpfung - 25.02.2011 (2)
  15. SuperAntiSpyware findet: Trojan.Agent/Gen-BanLoad
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (14)
  16. AVG findet "Trojan horse Generic15.EAM", Antimalware "Trojan.Agent" + "Rootkit.Agent"
    Plagegeister aller Art und deren Bekämpfung - 03.11.2009 (13)
  17. MBAM findet Trojan.Agent in C:\Windows\System32\WinSys2.exe
    Log-Analyse und Auswertung - 04.05.2009 (7)

Zum Thema SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik - Hallihallo, habe vor kurzen dank eurer Hilfe meinen Laptop gereinigt und mir die in den Tips genannten Scanner auch mal über mein Arbeitstier (Desktop PC) laufen lassen. Und siehe da, - SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik...
Archiv
Du betrachtest: SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.