| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: SASW-Scan findet PSGuard und Trojan.Agent/Gen-KrpytikWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.08.2011, 15:01
| #1 |
 |  SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Hallihallo, habe vor kurzen dank eurer Hilfe meinen Laptop gereinigt und mir die in den Tips genannten Scanner auch mal über mein Arbeitstier (Desktop PC) laufen lassen. Und siehe da, o.g. Trojaner sind vorhanden. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/21/2011 at 02:25 PM
Application Version : 4.55.1000
Core Rules Database Version : 7369
Trace Rules Database Version: 5181
Scan type : Complete Scan
Total Scan Time : 02:43:36
Memory items scanned : 619
Memory threats detected : 0
Registry items scanned : 8667
Registry threats detected : 5
File items scanned : 45424
File threats detected : 1
Trojan.PSGuard
HKLM\Software\PSGuard.com
HKLM\Software\PSGuard.com\PSGuard
HKLM\Software\PSGuard.com\PSGuard\P.S.Guard
HKLM\Software\PSGuard.com\PSGuard\P.S.Guard\License
Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY
Trojan.Agent/Gen-Krpytik
C:\SYSTEM VOLUME INFORMATION\_RESTORE{48B68672-9289-46DB-AAD7-5E9EDB5B7F7A}\RP486\A0150910.EXE
OTL Logfile OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.08.2011 15:22:20 - Run 6 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Dokumente und Einstellungen\Heini\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,28% Memory free 3,85 Gb Paging File | 3,45 Gb Available in Paging File | 89,57% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,55 Gb Total Space | 19,99 Gb Free Space | 26,81% Space Free | Partition Type: NTFS Drive E: | 46,02 Gb Total Space | 3,23 Gb Free Space | 7,01% Space Free | Partition Type: NTFS Drive G: | 40,00 Gb Total Space | 35,87 Gb Free Space | 89,67% Space Free | Partition Type: NTFS Drive H: | 106,10 Gb Total Space | 103,33 Gb Free Space | 97,39% Space Free | Partition Type: NTFS Drive I: | 982,13 Mb Total Space | 981,20 Mb Free Space | 99,91% Space Free | Partition Type: FAT Computer Name: ARBEITSZIMMER | User Name: Heini | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe () PRC - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe () PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd) PRC - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software) PRC - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe () PRC - C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH) PRC - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe () ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe () MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\EnumDevLib.dll () MOD - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\Sunbelt Software\CounterSpy\SBFDAccessLayer.dll () MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe () MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\acAuth.dll () MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncRs.crl () MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanDll.dll () MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe () MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\tiwlnapi.dll () MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\ExtWLANconfig.dll () ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) SRV - (SqueezeMySQL) -- C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe () SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\programme\microsoft office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (a2free) -- C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH) SRV - (TryAndDecideService) -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe () SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (SBCSSvc) -- C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software) SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (RTL8192su) -- C:\WINDOWS\system32\drivers\rtl8192su.sys (Realtek Semiconductor Corporation ) DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound) DRV - (timounter) -- C:\WINDOWS\System32\DRIVERS\timntr.sys (Acronis) DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis) DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis) DRV - (tdrpman) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ACEDRV08) -- C:\WINDOWS\system32\drivers\ACEDRV08.sys (Protect Software GmbH) DRV - (SBHR) -- C:\WINDOWS\system32\drivers\sbhr.sys () DRV - (ACRUSBTM) -- C:\WINDOWS\system32\drivers\ACRUSBTM.SYS () DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation) DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation) DRV - (ACEDRV05) -- C:\WINDOWS\system32\drivers\ACEDRV05.sys (Protect Software GmbH) DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation) DRV - (odysseyIM3) -- C:\WINDOWS\system32\drivers\odysseyIM3.sys (Funk Software, Inc.) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura) DRV - (bfubase) BlueFRITZ! USB (WinXP/2000) -- C:\WINDOWS\system32\drivers\bfubase.sys (AVM Berlin) DRV - (CAPI_CIP) -- C:\WINDOWS\system32\drivers\capi_cip.sys (AVM Berlin) DRV - (AVMBTSERIAL) -- C:\WINDOWS\system32\drivers\avmbtser.sys (AVM GmbH) DRV - (AVMBTPARALLEL) -- C:\WINDOWS\system32\drivers\avmbtpar.sys (AVM GmbH) DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH) DRV - (AVMBTSND) -- C:\WINDOWS\system32\drivers\avmbtsnd.sys (AVM GmbH) DRV - (NETBFPAN) -- C:\WINDOWS\system32\drivers\netbfpan.sys (AVM Berlin) DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.) DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider) DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.) DRV - (AVMPORT) -- C:\WINDOWS\System32\drivers\avmport.sys (AVM Berlin) DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH) DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.sys (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" FF - prefs.js..browser.search.selectedEngine: "Winamp Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2 FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.07.03 17:44:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.21 11:33:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.07.03 17:45:04 | 000,000,000 | ---D | M] [2008.07.16 19:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Extensions [2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions [2010.01.10 21:31:40 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions [2010.03.11 21:51:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.01.10 21:58:07 | 000,001,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\searchplugins\winamp-search.xml [2011.07.03 18:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.11.27 18:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.07.03 18:32:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011.08.21 11:33:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2008.01.29 14:51:48 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcdec.dll [2008.01.29 14:51:49 | 000,125,848 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcext.dll [2008.01.29 14:51:56 | 000,046,408 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\atmccli.dll [2008.01.29 14:51:58 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\ieatgpc.dll [2008.01.29 14:51:45 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\npatgpc.dll [2011.07.03 18:31:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2008.02.04 19:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\npOGAPlugin.dll [2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.01.12 14:36:52 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\programme\microsoft office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd) O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [CTSyncU.exe] C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe () O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Sitecom 300N USB Wireless LAN Utility.lnk = C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless Configuration Utility.lnk = C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258913469140 (WUWebControl Class) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe O34 - HKLM BootExecute: (autocheck autochk*) - File not found O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation) O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {33666497-F8FD-B072-8516-BBFCA94B688C} - Microsoft Windows Media Player 6.4 ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D250360C-56E2-6065-3DC5-8F6CBAFEB99A} - Windows Media Player ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk - - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk - C:\Programme\Squeezebox\SqueezeTray.exe - (SlimDevices - A Logitech Company) MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe - () CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.08.27 15:20:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe [2011.08.21 20:51:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Malwarebytes [2011.08.21 20:51:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.08.21 20:51:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.08.21 20:51:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.08.21 20:51:41 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.08.21 20:51:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.08.21 11:32:03 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Heini\Recent [2011.08.13 11:38:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com [2007.08.10 17:28:21 | 021,733,696 | ---- | C] (Skype Technologies S.A. ) -- C:\Programme\SkypeSetup.exe [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.08.27 15:20:15 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe [2011.08.27 14:47:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.08.27 13:44:31 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011.08.27 13:43:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.08.27 13:42:48 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job [2011.08.27 13:42:46 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.08.27 13:42:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.08.26 07:13:56 | 1357,644,800 | ---- | M] () -- C:\WINDOWS\outlook.pst [2011.08.23 22:00:19 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe [2011.08.22 21:29:06 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable [2011.08.21 20:51:47 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.21 17:47:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job [2011.08.21 12:15:21 | 000,000,597 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\.Xauthority [2011.08.14 22:14:44 | 000,001,211 | ---- | M] () -- C:\WINDOWS\wiso.ini [2011.08.11 22:14:16 | 000,448,894 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.08.11 22:14:16 | 000,432,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.08.11 22:14:16 | 000,080,558 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.08.11 22:14:16 | 000,067,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.08.23 22:00:18 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe [2011.08.22 21:29:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable [2011.08.21 20:51:47 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.02 21:17:38 | 000,000,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\default.rss [2011.06.02 21:16:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011.01.23 17:03:02 | 000,000,546 | ---- | C] () -- C:\WINDOWS\hpbafd.ini [2010.12.08 16:54:08 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe [2010.09.12 02:18:29 | 001,495,944 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2010.09.11 19:55:07 | 000,000,279 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc [2009.12.21 20:15:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2009.12.13 14:07:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\InstFunc.exe [2009.12.09 22:33:15 | 000,108,021 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini [2009.12.09 22:33:15 | 000,033,373 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin [2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin [2009.12.09 22:33:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin [2009.09.30 20:28:22 | 000,000,418 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\burnaware.ini [2009.09.06 18:54:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI [2009.01.10 20:39:34 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe [2009.01.10 20:32:23 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini [2009.01.04 19:00:31 | 000,000,823 | ---- | C] () -- C:\WINDOWS\uninst.ini [2008.09.26 19:52:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\ACRUSBTM.SYS [2008.03.09 20:42:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2008.03.09 14:48:29 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc [2008.03.08 13:35:09 | 000,283,392 | R--- | C] () -- C:\WINDOWS\System32\drivers\GPlus.sys [2007.12.12 00:00:21 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll [2007.12.11 23:57:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2007.09.21 20:11:11 | 000,015,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sbhr.sys [2007.09.19 20:39:52 | 000,002,779 | ---- | C] () -- C:\WINDOWS\tm.ini [2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat [2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBFC.dat [2007.09.07 18:16:03 | 000,109,056 | ---- | C] () -- C:\WINDOWS\catchme.exe [2007.09.07 18:16:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe [2007.09.07 18:16:03 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe [2007.08.09 20:48:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\$_hpcst$.hpc [2007.05.27 14:00:35 | 000,002,513 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007.05.27 13:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007.05.08 19:55:53 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI [2007.05.02 22:49:15 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2006.12.12 18:24:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2006.10.30 11:30:30 | 000,010,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBTEDrv.sys [2006.09.03 19:08:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw110.INI [2006.08.14 20:11:09 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2006.08.14 20:09:00 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat [2006.06.28 13:42:10 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini [2006.04.28 22:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2006.04.22 12:21:18 | 000,083,455 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006.02.19 20:53:26 | 000,000,275 | ---- | C] () -- C:\WINDOWS\buhl.ini [2006.02.19 20:52:48 | 000,001,211 | ---- | C] () -- C:\WINDOWS\wiso.ini [2006.02.12 19:06:43 | 000,012,648 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_audio.Cache [2005.11.15 22:55:31 | 001,297,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_image.Cache [2005.11.15 21:54:39 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2005.11.02 11:39:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll [2005.11.02 11:39:16 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll [2005.10.18 10:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\msdvd_uk.dll [2005.10.18 10:40:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\msdvd_se.dll [2005.10.18 10:39:00 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\msdvd_fr.dll [2005.10.18 10:39:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\msdvd_en.dll [2005.10.18 10:36:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\msdvd_de.dll [2005.10.18 10:33:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\mp2EncoderDll.dll [2005.10.18 10:32:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\mplex.dll [2005.10.18 10:25:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ifoutil.dll [2005.10.18 10:05:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ifoData.dll [2005.10.18 10:04:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dvdscript.dll [2005.10.18 10:03:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DVDExtractor.dll [2005.10.18 09:48:00 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\decoderDll.dll [2005.10.18 09:47:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\audioDecode.dll [2005.10.04 10:15:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2005.09.22 18:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005.09.17 12:38:56 | 000,151,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005.09.11 20:05:46 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2005.08.28 12:14:52 | 000,000,024 | ---- | C] () -- C:\WINDOWS\audiovie.ini [2005.08.28 12:14:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WOC_CDDA.ini [2005.08.28 12:07:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\cddabase.ini [2005.08.03 21:13:49 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WinOnCD.ini [2005.07.31 22:37:46 | 000,000,502 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005.07.31 22:09:55 | 000,010,823 | ---- | C] () -- C:\WINDOWS\extend.dat [2005.07.31 22:08:30 | 000,000,183 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2005.07.31 18:21:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2005.07.31 18:21:31 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2005.07.30 17:31:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.07.30 17:29:52 | 000,860,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005.07.30 16:54:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005.07.30 16:48:21 | 000,022,924 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005.05.30 01:06:58 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll [2005.05.30 01:06:57 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll [2004.08.21 11:36:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AnimWnd.dll [2004.08.04 14:00:00 | 000,448,894 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.04 14:00:00 | 000,432,214 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.04 14:00:00 | 000,080,558 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.04 14:00:00 | 000,067,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004.05.10 04:02:12 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MstartSound.dll [2004.05.10 04:02:12 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MstartScreen.dll [2004.05.10 04:02:10 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MshutSound.dll [2004.05.10 04:02:10 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MshutScreen.dll [2003.06.17 12:25:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll [2003.06.17 12:25:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll [2003.05.20 03:40:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IrrShape.dll [2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2001.08.23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.08.23 14:00:00 | 001,868,944 | ---- | C] () -- C:\WINDOWS\System32\RSA32_16.DLL [2001.08.23 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001.08.23 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001.08.23 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2001.08.23 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001.08.23 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001.08.23 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2001.08.23 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001.08.23 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2000.04.12 10:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2000.04.12 10:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [1997.10.18 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL ========== LOP Check ========== [2009.05.09 17:32:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis [2008.01.12 13:44:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Premium [2009.05.12 22:48:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH [2008.08.24 20:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications [2007.09.05 19:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft [2009.05.16 19:04:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound [2011.05.29 10:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Netzmanager [2010.09.11 19:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SanDisk [2007.12.11 23:57:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft [2010.08.01 19:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Squeezebox [2009.11.29 20:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SqueezeCenter [2009.05.12 22:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager [2006.04.14 13:27:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online [2009.05.12 22:48:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2007.08.09 21:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2007.05.30 21:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2009.05.12 22:48:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems [2010.12.06 23:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3BF7B6DE-D2D6-4888-83BE-488663791EB5} [2010.12.06 22:55:03 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D8116CA6-DBDF-4415-AB4A-BE0CEFB71935} [2009.05.06 22:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Acronis [2009.08.12 22:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Amazon [2011.06.02 21:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\AnvSoft [2005.11.15 23:04:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Backup MyPC [2008.10.05 17:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Buhl Data Service [2007.12.12 00:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Canon [2008.08.28 22:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DataDesign [2010.09.12 18:05:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DVDVideoSoftIEHelpers [2010.12.21 20:49:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\EAC [2010.12.13 14:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\foobar2000 [2010.09.12 18:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\HandBrake [2009.01.10 20:52:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\IMP [2009.04.06 22:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\InfraRecorder [2008.11.04 21:32:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\KPSA-home [2005.11.15 23:04:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Leadertech [2008.11.04 21:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Logs [2009.05.19 21:36:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mp3tag [2010.03.07 19:01:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NCH Swift Sound [2007.12.22 15:17:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NewSoft [2007.12.11 23:57:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\ScanSoft [2008.11.04 21:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SHD Kreative Planungs-Systeme [2009.12.27 15:25:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SqueezePlay [2009.01.10 18:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\streamripper [2006.01.17 00:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\T-DSL SpeedManager [2006.01.15 18:11:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Teledat [2011.02.07 23:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TheLastRipper [2007.05.30 20:51:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TuneUp Software [2009.10.03 19:57:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Ulead Systems [2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.01.30 20:43:17 | 000,000,000 | ---D | M] -- C:\ATI [2009.01.04 20:22:49 | 000,000,000 | ---D | M] -- C:\Bases_X [2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\cleanroom [2010.05.10 20:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2009.07.28 21:45:05 | 000,000,000 | ---D | M] -- C:\Meine Downloads [2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\mirror [2007.04.29 10:11:24 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.12.11 18:37:01 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.11.07 17:49:36 | 000,000,000 | ---D | M] -- C:\Program Files [2011.08.21 20:51:41 | 000,000,000 | ---D | M] -- C:\Programme [2007.03.11 23:08:44 | 000,000,000 | ---D | M] -- C:\PVRCHEDSK [2007.09.07 18:20:49 | 000,000,000 | ---D | M] -- C:\qoobox [2005.10.03 13:08:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2009.01.10 20:53:04 | 000,000,000 | ---D | M] -- C:\setups [2009.01.09 23:08:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008.10.20 19:36:24 | 000,000,000 | ---D | M] -- C:\temp [2007.05.03 01:01:38 | 000,000,000 | ---D | M] -- C:\VIDEO_TS [2011.08.27 13:44:30 | 000,000,000 | ---D | M] -- C:\WINDOWS [2009.05.07 07:07:36 | 000,000,000 | ---D | M] -- C:\Zubehör < %PROGRAMFILES%\*.exe > [2007.08.10 17:35:39 | 021,733,696 | ---- | M] (Skype Technologies S.A. ) -- C:\Programme\SkypeSetup.exe Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2004.08.04 01:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: REGEDIT.EXE > [2004.08.04 01:58:10 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe [2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe [2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe < MD5 for: USERINIT.EXE > [2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 01:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 01:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-25 11:08:43 ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream < End of report > [/code] Keine Ahnung, aber auch nach mehreren Versuchen wird eine Extra.txt nicht abgespeichert. Welche Einstellungen in der Anwendung OTL muss ich vornehmen um diese Datei zu generieren? Hier noch das GMER Ergebnis. Auch diese Scans sind über mehrere Stunden (ca. 8!!!) gelaufen und haben in der Regel zum Stillstand des Rechners geführt. Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2011-08-24 20:06:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10
Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7529
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
22.08.2011 03:12:19
mbam-log-2011-08-22 (03-12-19).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|G:\|H:\|)
Durchsuchte Objekte: 349795
Laufzeit: 6 Stunde(n), 19 Minute(n), 4 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Vielen Dank schon einmal vorab. Gruß Heini Geändert von Heini66 (27.08.2011 um 15:06 Uhr) Grund: Erweitertes Logfile-Ergebnis |
|
28.08.2011, 16:25
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________
__________________ |
|
28.08.2011, 17:34
| #3 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Hallo Arne,
__________________ich kann keine weiteren Logfiles finden!?  Soll ich den Scan noch einmal laufen lassen? Müssten die Funde aus SUPERAntiSpyware sichtbar sein? Gruß Heini |
|
28.08.2011, 19:45
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Nein, führ erstmal ESET aus, danach sehen wir weiter: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.08.2011, 18:55
| #5 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Here it is: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=c9f9c47605380d41a5ace75ef84c1b42
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-08-29 06:50:55
# local_time=2011-08-29 08:50:55 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=256 16777215 100 0 125452844 125452844 0 0
# compatibility_mode=1792 16777191 100 0 76385279 76385279 0 0
# compatibility_mode=8192 67108863 100 0 248 248 0 0
# scanned=169993
# found=4
# cleaned=0
# scan_time=41396
C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup.exe a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup_.zip a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
E:\Jochen\Eigene Dateien Heini\Downloads\free-wma-mp3-converter.exe probably a variant of Win32/PSW.Agent.BUPXGWL trojan (unable to clean) 00000000000000000000000000000000 I
E:\Jochen\Eigene Dateien Heini\Downloads\streamripper-windows-installer-1.63.4.exe probably a variant of Win32/Agent.IMGROYR trojan (unable to clean) 00000000000000000000000000000000 I
Gruß Heini |
|
29.08.2011, 19:25
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Die Funde von ESET kannste vernachlässigen, das sind Setups die nur angemeckert werden, weil die Toolbars mitinstallieren können. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe
@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ --> SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik |
|
29.08.2011, 19:56
| #7 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Ich hoffe so ist´s richtig... Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
G:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.
File I:\DPFMate.exe not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
User: Heini
->Temp folder emptied: 7278268 bytes
->Temporary Internet Files folder emptied: 34129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 96067112 bytes
->Flash cache emptied: 577 bytes
User: Isabel
->Temp folder emptied: 0 bytes
User: Isabel.ARBEITSZIMMER
->Temp folder emptied: 74812553 bytes
->Temporary Internet Files folder emptied: 46237393 bytes
->Java cache emptied: 31426424 bytes
->FireFox cache emptied: 649208472 bytes
->Flash cache emptied: 911 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14471998 bytes
User: NetworkService
->Temp folder emptied: 244458 bytes
->Temporary Internet Files folder emptied: 37664 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 45027768 bytes
%systemroot%\System32 .tmp files removed: 3599239 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 74578995 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 995,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.26.5 log created on 08292011_203137
Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Temp\WCESLog.log moved successfully.
Registry entries deleted on Reboot...
|
|
29.08.2011, 20:29
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2011, 20:49
| #9 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Hier isser: Code:
ATTFilter 2011/08/29 21:42:08.0562 2752 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 21:42:08.0812 2752 ================================================================================
2011/08/29 21:42:08.0812 2752 SystemInfo:
2011/08/29 21:42:08.0812 2752
2011/08/29 21:42:08.0812 2752 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/29 21:42:08.0812 2752 Product type: Workstation
2011/08/29 21:42:08.0812 2752 ComputerName: ARBEITSZIMMER
2011/08/29 21:42:08.0812 2752 UserName: Heini
2011/08/29 21:42:08.0812 2752 Windows directory: C:\WINDOWS
2011/08/29 21:42:08.0812 2752 System windows directory: C:\WINDOWS
2011/08/29 21:42:08.0812 2752 Processor architecture: Intel x86
2011/08/29 21:42:08.0812 2752 Number of processors: 1
2011/08/29 21:42:08.0812 2752 Page size: 0x1000
2011/08/29 21:42:08.0812 2752 Boot type: Normal boot
2011/08/29 21:42:08.0812 2752 ================================================================================
2011/08/29 21:42:10.0968 2752 Initialize success
2011/08/29 21:43:08.0796 3564 ================================================================================
2011/08/29 21:43:08.0796 3564 Scan started
2011/08/29 21:43:08.0796 3564 Mode: Manual;
2011/08/29 21:43:08.0796 3564 ================================================================================
2011/08/29 21:43:11.0015 3564 ACEDRV05 (0a1e97197609f92d2425b67da0bb0a7f) C:\WINDOWS\system32\drivers\ACEDRV05.sys
2011/08/29 21:43:11.0421 3564 ACEDRV08 (da06d89cdfdd0d24de75165cf6d4270b) C:\WINDOWS\system32\drivers\ACEDRV08.sys
2011/08/29 21:43:11.0875 3564 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 21:43:12.0250 3564 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/29 21:43:12.0687 3564 ACRUSBTM (45b952a3ed567264acff89e46f65331d) C:\WINDOWS\system32\drivers\ACRUSBTM.SYS
2011/08/29 21:43:13.0500 3564 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 21:43:13.0937 3564 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/08/29 21:43:14.0437 3564 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 21:43:16.0109 3564 ALCXSENS (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2011/08/29 21:43:16.0921 3564 ALCXWDM (9a6a99f0d75b457e3a2267776ebe9f47) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/08/29 21:43:17.0890 3564 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2011/08/29 21:43:20.0093 3564 ASPI32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\ASPI32.sys
2011/08/29 21:43:20.0500 3564 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/29 21:43:20.0890 3564 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/29 21:43:22.0171 3564 ati2mtag (492bd2a5f65f218d4ede5764a3bb67e9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/29 21:43:22.0609 3564 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/29 21:43:23.0046 3564 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/29 21:43:23.0218 3564 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2011/08/29 21:43:23.0656 3564 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/08/29 21:43:24.0140 3564 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/08/29 21:43:24.0578 3564 AVMBTPARALLEL (6a759d41c97fcdc6ba27fa7f2f26ec49) C:\WINDOWS\system32\DRIVERS\avmbtpar.sys
2011/08/29 21:43:24.0984 3564 AVMBTSERIAL (4bb8956474c4770083f4f50a51f26bcf) C:\WINDOWS\system32\DRIVERS\avmbtser.sys
2011/08/29 21:43:25.0390 3564 AVMBTSND (b087792fa885da20cc0233d7a5154a7a) C:\WINDOWS\system32\drivers\avmbtsnd.sys
2011/08/29 21:43:25.0828 3564 AVMCOWAN (dec96d9a2463b75944869041ed15c31c) C:\WINDOWS\system32\DRIVERS\avmcowan.sys
2011/08/29 21:43:26.0281 3564 AVMPORT (02568a764ef2c37cfa6f9c471e67d475) C:\WINDOWS\System32\drivers\avmport.sys
2011/08/29 21:43:26.0718 3564 AVMWAN (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys
2011/08/29 21:43:27.0171 3564 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/29 21:43:27.0828 3564 bfubase (45f341d5fd3afc002650c28ad447530d) C:\WINDOWS\system32\DRIVERS\bfubase.sys
2011/08/29 21:43:28.0734 3564 CAPI_CIP (6ca1dab2b1846a4f39eb00c25fdaecf5) C:\WINDOWS\system32\DRIVERS\capi_cip.sys
2011/08/29 21:43:29.0296 3564 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/29 21:43:30.0031 3564 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/29 21:43:30.0421 3564 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/29 21:43:30.0812 3564 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/29 21:43:33.0203 3564 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/29 21:43:33.0921 3564 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/29 21:43:34.0734 3564 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/29 21:43:35.0171 3564 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/29 21:43:35.0625 3564 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/29 21:43:36.0093 3564 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
2011/08/29 21:43:36.0562 3564 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
2011/08/29 21:43:37.0281 3564 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/29 21:43:37.0718 3564 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/29 21:43:38.0078 3564 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/29 21:43:38.0453 3564 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/29 21:43:38.0796 3564 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/29 21:43:39.0250 3564 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/29 21:43:39.0671 3564 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/29 21:43:40.0093 3564 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/29 21:43:41.0578 3564 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/29 21:43:41.0968 3564 grmnusb (cd007d03a9284bfe67d49c01213132bf) C:\WINDOWS\system32\drivers\grmnusb.sys
2011/08/29 21:43:42.0421 3564 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/29 21:43:43.0578 3564 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/29 21:43:44.0703 3564 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/29 21:43:45.0109 3564 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/29 21:43:46.0250 3564 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/29 21:43:46.0656 3564 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/29 21:43:47.0062 3564 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/29 21:43:47.0484 3564 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/29 21:43:47.0843 3564 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/29 21:43:48.0250 3564 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/29 21:43:48.0625 3564 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/29 21:43:49.0015 3564 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/29 21:43:49.0375 3564 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/29 21:43:49.0796 3564 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/29 21:43:50.0234 3564 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/29 21:43:51.0046 3564 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/29 21:43:51.0453 3564 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/29 21:43:51.0859 3564 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/29 21:43:52.0250 3564 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/29 21:43:52.0656 3564 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/29 21:43:53.0500 3564 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/29 21:43:54.0109 3564 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/29 21:43:54.0625 3564 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/29 21:43:54.0984 3564 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/29 21:43:55.0390 3564 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/29 21:43:55.0765 3564 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/29 21:43:56.0171 3564 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/29 21:43:56.0578 3564 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/29 21:43:57.0000 3564 NCHSSVAD (0df9cc7b5cc173f545723f23e68fac93) C:\WINDOWS\system32\drivers\nchssvad.sys
2011/08/29 21:43:57.0453 3564 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/29 21:43:57.0875 3564 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/29 21:43:58.0265 3564 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/29 21:43:58.0656 3564 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/29 21:43:59.0062 3564 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/29 21:43:59.0468 3564 NETBFPAN (518c22c02da275cb30d5beb58786129f) C:\WINDOWS\system32\DRIVERS\netbfpan.sys
2011/08/29 21:43:59.0875 3564 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/29 21:44:00.0281 3564 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/29 21:44:01.0187 3564 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/29 21:44:01.0765 3564 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/29 21:44:02.0421 3564 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/29 21:44:02.0812 3564 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/29 21:44:03.0234 3564 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/29 21:44:03.0656 3564 odysseyIM3 (5dcc587deba479b1f8e33aa8fb079b8a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys
2011/08/29 21:44:04.0109 3564 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/29 21:44:04.0500 3564 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/29 21:44:04.0921 3564 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/29 21:44:05.0328 3564 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
2011/08/29 21:44:05.0765 3564 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/29 21:44:06.0609 3564 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/08/29 21:44:07.0046 3564 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/29 21:44:09.0703 3564 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/29 21:44:10.0093 3564 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/29 21:44:10.0500 3564 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/29 21:44:11.0187 3564 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/29 21:44:13.0343 3564 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/29 21:44:13.0765 3564 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/29 21:44:14.0171 3564 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/29 21:44:14.0593 3564 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/29 21:44:15.0031 3564 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/29 21:44:15.0453 3564 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/29 21:44:15.0875 3564 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/29 21:44:16.0265 3564 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/29 21:44:16.0687 3564 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/29 21:44:17.0328 3564 RTL8192su (37a78c0c71be572f15fc534fdd3782de) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
2011/08/29 21:44:17.0531 3564 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
2011/08/29 21:44:17.0625 3564 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
2011/08/29 21:44:18.0484 3564 SBHR (c6ea8d8c6442648746f69e3d75cacf98) C:\WINDOWS\system32\drivers\sbhr.sys
2011/08/29 21:44:18.0906 3564 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/29 21:44:19.0328 3564 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/29 21:44:19.0703 3564 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/29 21:44:20.0109 3564 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/29 21:44:20.0937 3564 SiS315 (f1bf6158ac79912bbdf71a0382fefa65) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
2011/08/29 21:44:21.0437 3564 SiSide (b4485881bd8aed9b157a2e6cf43c2d51) C:\WINDOWS\system32\DRIVERS\siside.sys
2011/08/29 21:44:21.0812 3564 sisidex (6225224b8e846ac230f8d9b343635910) C:\WINDOWS\system32\drivers\sisidex.sys
2011/08/29 21:44:22.0218 3564 SiSkp (224ef1530777d62b65e8c2d5e9cfa511) C:\WINDOWS\system32\DRIVERS\srvkp.sys
2011/08/29 21:44:22.0609 3564 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
2011/08/29 21:44:23.0000 3564 SISNICXP (a1348a901a44760ccd76043525e851d0) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
2011/08/29 21:44:23.0406 3564 sisperf (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys
2011/08/29 21:44:23.0843 3564 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/08/29 21:44:24.0703 3564 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/29 21:44:25.0093 3564 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/29 21:44:25.0640 3564 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/29 21:44:26.0125 3564 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/08/29 21:44:26.0500 3564 STEC3 (e4ebf293d1f612bda19b646c36715b20) C:\WINDOWS\system32\STEC3.sys
2011/08/29 21:44:27.0046 3564 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/29 21:44:27.0421 3564 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/29 21:44:29.0203 3564 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/29 21:44:29.0781 3564 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/29 21:44:30.0218 3564 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/29 21:44:30.0765 3564 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/08/29 21:44:31.0343 3564 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/29 21:44:31.0609 3564 TelekomNM3 (5d528200679c3b4595b4237e02c077d5) C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys
2011/08/29 21:44:32.0109 3564 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/29 21:44:32.0562 3564 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/08/29 21:44:33.0062 3564 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/08/29 21:44:34.0015 3564 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
2011/08/29 21:44:34.0437 3564 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
2011/08/29 21:44:34.0875 3564 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/29 21:44:35.0750 3564 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/29 21:44:36.0359 3564 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/29 21:44:36.0765 3564 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/29 21:44:37.0187 3564 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/29 21:44:37.0578 3564 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/08/29 21:44:37.0937 3564 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/29 21:44:38.0343 3564 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/29 21:44:38.0718 3564 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2011/08/29 21:44:39.0140 3564 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/29 21:44:40.0234 3564 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/29 21:44:40.0687 3564 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/29 21:44:41.0093 3564 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
2011/08/29 21:44:41.0968 3564 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/29 21:44:42.0515 3564 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/29 21:44:42.0921 3564 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/08/29 21:44:43.0359 3564 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/29 21:44:43.0796 3564 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/29 21:44:43.0984 3564 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/29 21:44:44.0296 3564 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/08/29 21:44:44.0375 3564 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk2\DR4
2011/08/29 21:44:45.0171 3564 Boot (0x1200) (bd700ff2b9c012930705b8494c5cffae) \Device\Harddisk0\DR0\Partition0
2011/08/29 21:44:45.0203 3564 Boot (0x1200) (2f42f0c2fa2b09fcd41a3dac0d1acecf) \Device\Harddisk1\DR1\Partition0
2011/08/29 21:44:45.0250 3564 Boot (0x1200) (089f1c3cb49acc6dca8572525dd7d34e) \Device\Harddisk2\DR4\Partition0
2011/08/29 21:44:45.0281 3564 Boot (0x1200) (19d71d2d4312017ba4670c7903dc80f7) \Device\Harddisk2\DR4\Partition1
2011/08/29 21:44:45.0296 3564 ================================================================================
2011/08/29 21:44:45.0296 3564 Scan finished
2011/08/29 21:44:45.0296 3564 ================================================================================
2011/08/29 21:44:45.0359 1564 Detected object count: 0
2011/08/29 21:44:45.0359 1564 Actual detected object count: 0
|
|
29.08.2011, 21:00
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.08.2011, 20:40
| #11 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Hier die CF-Logdatei (Teil 1): Code:
ATTFilter ComboFix 11-08-30.02 - Heini 30.08.2011 20:36:13.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1577 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Heini\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokume~1\Heini\LOKALE~1\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\dokumente und einstellungen\Heini\WINDOWS
c:\programme\newsoft
c:\programme\newsoft\Presto! PageManager 7.15\AppClassName.ini
c:\programme\newsoft\Presto! PageManager 7.15\AudioData.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnDoc.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnPpt.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutmnXls.dll
c:\programme\newsoft\Presto! PageManager 7.15\AutoCrop.dll
c:\programme\newsoft\Presto! PageManager 7.15\AvalonPage.dll
c:\programme\newsoft\Presto! PageManager 7.15\Avi2Mpeg1.dll
c:\programme\newsoft\Presto! PageManager 7.15\AviToMpeg2.dll
c:\programme\newsoft\Presto! PageManager 7.15\BITSOFT.DIR
c:\programme\newsoft\Presto! PageManager 7.15\BOLD.PAT
c:\programme\newsoft\Presto! PageManager 7.15\Burn.dll
c:\programme\newsoft\Presto! PageManager 7.15\ccmllnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\CDIC.DLL
c:\programme\newsoft\Presto! PageManager 7.15\cmdlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\codecvt.dll
c:\programme\newsoft\Presto! PageManager 7.15\ComClass.dll
c:\programme\newsoft\Presto! PageManager 7.15\Convert.exe
c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\DA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\T4436.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5GB.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\DEF_BIG.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FARG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FID_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FWD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GBBIG5.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\INFO_BIG.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\POST_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SING_BIG.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\WORD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\E76.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\BIG5.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\E76.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FARG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FID_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FWD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\INFO_BIG.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\POST_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SING_BIG.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_BIG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\J3477.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\DEF_JIS.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\ERR_JIS.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FARG_JIS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\INFO_JIS.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JDIC.BIN
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JIS.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\KANA.TRI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\POST_JIS.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SING_JIS.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\WORD_JIS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\a_recog.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\arecog_p.inf
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\aux_arg.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.fac
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clus_t.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\cos.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\KSC_CPNT.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_recog.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_trans.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\T4178.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\word_p.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\ERR_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FARG_KSC.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.dat
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.inf
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FWD_KSC.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\INFO_KSC.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC120000.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.DD1
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC120000.tbl
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.tbl
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SING_KSC.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\WORD_KSC.dbs
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\A_RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\ARECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\AUX_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_F.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_M.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.FAC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLUS_T.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.VAR
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\DBSINFO.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\FEAT_ARG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG_P.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\S3834.ID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\WORD_P.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\BIG5GB.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\DEF_GB.DIC
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FACTORP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FARG_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FEATURE.SET
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FWD_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GB.HID
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GBBIG5.TBX
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GROUPP2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\INFO_GB.INI
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\PC120P2.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\POST_GB.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.INF
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.DAT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.TBL
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SING_GB.LUT
c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\WORD_GB.DBS
c:\programme\newsoft\Presto! PageManager 7.15\dcexport.dll
c:\programme\newsoft\Presto! PageManager 7.15\dcfr.dll
c:\programme\newsoft\Presto! PageManager 7.15\Default.rec
c:\programme\newsoft\Presto! PageManager 7.15\DibToMpeg.dll
c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE0.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE1.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE13.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE15.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE20.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE23.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGINE7.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ExcelVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\ExeBud32.dll
c:\programme\newsoft\Presto! PageManager 7.15\Execute.ini
c:\programme\newsoft\Presto! PageManager 7.15\EXPORT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE
c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE.manifest
c:\programme\newsoft\Presto! PageManager 7.15\expvw.exe
c:\programme\newsoft\Presto! PageManager 7.15\faxlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\fid.dll
c:\programme\newsoft\Presto! PageManager 7.15\FineOCREngine.dll
c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Fioall.dll
c:\programme\newsoft\Presto! PageManager 7.15\Fioall.ini
c:\programme\newsoft\Presto! PageManager 7.15\FioAll32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioBmp32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL.INI
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOBMP32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOEXT32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOFPX32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOGIF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOJPG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCD32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCT32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCX32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPNG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPOF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTGA32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTIF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOWMF32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\JPEGLIB.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIG3432.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIJPG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\FioExt32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioFpx32.dll
c:\programme\newsoft\Presto! PageManager 7.15\fiogif32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioJpg32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPcd32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPct32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPcx32.dll
c:\programme\newsoft\Presto! PageManager 7.15\fiopng32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPof32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioPsd32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioTga32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioThumb.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioTif32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FioWmf32.dll
c:\programme\newsoft\Presto! PageManager 7.15\FOBJ420.DLL
c:\programme\newsoft\Presto! PageManager 7.15\foldrlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\FontTok.ini
c:\programme\newsoft\Presto! PageManager 7.15\fpxlib.dll
c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\FT.dll
c:\programme\newsoft\Presto! PageManager 7.15\Function.ini
c:\programme\newsoft\Presto! PageManager 7.15\gdiplus.dll
c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.dll
c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.ini
c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LCD
c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LMD
c:\programme\newsoft\Presto! PageManager 7.15\GRINF11.DLL
c:\programme\newsoft\Presto! PageManager 7.15\hookdll.dll
c:\programme\newsoft\Presto! PageManager 7.15\HUNGAR.LCD
c:\programme\newsoft\Presto! PageManager 7.15\iConvert16.dll
c:\programme\newsoft\Presto! PageManager 7.15\ijl15.dll
c:\programme\newsoft\Presto! PageManager 7.15\IMAGE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\ImgToAviExe.dll
c:\programme\newsoft\Presto! PageManager 7.15\imgtool.dll
c:\programme\newsoft\Presto! PageManager 7.15\Import.dll
c:\programme\newsoft\Presto! PageManager 7.15\ImportOldDB.exe
c:\programme\newsoft\Presto! PageManager 7.15\InitCtrl.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\adinit.dat
c:\programme\newsoft\Presto! PageManager 7.15\Inso\CMMAP000.BIN
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEBMP.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEHEX.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEMET.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DESS.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\DETREE.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\dewp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBFPX2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBGP42.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBJPG2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPCD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPSD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXBM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXPM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXWD2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD32.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD42.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD52.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD62.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD72.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD82.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCDR2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM52.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM72.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCMX2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMDSF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMFMV2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGDF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGEM2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMIGS2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMMET2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPIF2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPS_2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSI2.flt
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSZ2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMRND2.FLT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\IPHGW2.flt
c:\programme\newsoft\Presto! PageManager 7.15\Inso\ISGDI32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSD13.TLB
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSN10.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIPN.DAT
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCH.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCDA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccdu.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFI.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccfmt.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCLO.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCOLE.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccra.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCTA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCUT.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsacad.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSACS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSAMI.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBDR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBMP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSCGM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDBS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDEZ.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDIF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDRW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEMF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEN4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSESHR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEXE2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFAX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFFT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFLW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFWK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSgdsf.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGIF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGZIP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHGS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHTML.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vshwp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIMG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIWP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSJW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLEG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLWP.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLZH.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSM11.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMANU.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMCW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsmif.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMMFN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMPP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWP2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWPF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWRK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSOW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPBM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdfi.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPDX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPFS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPGL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPIC.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPICT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNTG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP7.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP97.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPPL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspsp6.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspst.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQAD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP9.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRAS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRBS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFX.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRTF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSAM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSC5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSDW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSHW3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSNAP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsso6.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoc.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoi.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssow.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSPT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTAZ.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTEXT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTGA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTIF6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTXT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVCRD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVISO.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVW3.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW97.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswbmp.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWG2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK4.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWKS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWM.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWMF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswml.dll
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORD.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP6.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPF.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPW.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS2.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXL5.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXY.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSZIP.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Ism.dll
c:\programme\newsoft\Presto! PageManager 7.15\IsmDraw.dll
c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PAT
c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PTS
c:\programme\newsoft\Presto! PageManager 7.15\Jpeglib.dll
c:\programme\newsoft\Presto! PageManager 7.15\JpgLib.dll
c:\programme\newsoft\Presto! PageManager 7.15\KSC_CPNT.TBL
c:\programme\newsoft\Presto! PageManager 7.15\LANGUAGE\TEXTLANG.DAT
c:\programme\newsoft\Presto! PageManager 7.15\lcppn22.dll
c:\programme\newsoft\Presto! PageManager 7.15\LCSPELL.DLL
c:\programme\newsoft\Presto! PageManager 7.15\LICENSE of Info-Zip.txt
c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdate.dll
c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdateTray.exe
c:\programme\newsoft\Presto! PageManager 7.15\Lpm.dll
c:\programme\newsoft\Presto! PageManager 7.15\LUTRAY.ini
c:\programme\newsoft\Presto! PageManager 7.15\LUTRAYMSG.ini
c:\programme\newsoft\Presto! PageManager 7.15\lzexpand.dlx
c:\programme\newsoft\Presto! PageManager 7.15\mapilnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PAT
c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PTS
c:\programme\newsoft\Presto! PageManager 7.15\memio.dll
c:\programme\newsoft\Presto! PageManager 7.15\MergePDF.dll
c:\programme\newsoft\Presto! PageManager 7.15\MFC40.DLL
c:\programme\newsoft\Presto! PageManager 7.15\MFC42.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Mpg1
c:\programme\newsoft\Presto! PageManager 7.15\MsMail.exe
c:\programme\newsoft\Presto! PageManager 7.15\msvcirt.dll
c:\programme\newsoft\Presto! PageManager 7.15\msvcp50.dll
c:\programme\newsoft\Presto! PageManager 7.15\MSVCP60.DLL
c:\programme\newsoft\Presto! PageManager 7.15\msvcrt.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetFun2K.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetFun98.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetGroup.exe
c:\programme\newsoft\Presto! PageManager 7.15\NetGroupDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.lib
c:\programme\newsoft\Presto! PageManager 7.15\Netsearch.avi
c:\programme\newsoft\Presto! PageManager 7.15\NEWSOFT
c:\programme\newsoft\Presto! PageManager 7.15\NewsoftLink.dll
c:\programme\newsoft\Presto! PageManager 7.15\nextpwd.dll
c:\programme\newsoft\Presto! PageManager 7.15\NGRMCSY.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMDAN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMDUT.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMENG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMFIN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMFRA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMGER.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMGRE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMITA.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMNON.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMNOR.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMPLK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMPTG.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMRUS.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMSPN.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMSWE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NGRMTRK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PAT
c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PTS
c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LCD
c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LMD
c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LCD
c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Noteslnk.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NSCDVD.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsFip.dll
c:\programme\newsoft\Presto! PageManager 7.15\nsfpx.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsFunTable.DB
c:\programme\newsoft\Presto! PageManager 7.15\NsKeyTable.DB
c:\programme\newsoft\Presto! PageManager 7.15\NSMEM.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsOEMKey.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsPdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsScan.dll
c:\programme\newsoft\Presto! PageManager 7.15\NsScanToOcr.exe
c:\programme\newsoft\Presto! PageManager 7.15\NsScanToPdf.exe
c:\programme\newsoft\Presto! PageManager 7.15\NSSP.dll
c:\programme\newsoft\Presto! PageManager 7.15\NSWia.dll
c:\programme\newsoft\Presto! PageManager 7.15\NSWinZip.dll
c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK16.DLL
c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\OCR.dll
c:\programme\newsoft\Presto! PageManager 7.15\ocr.str
c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.dll
c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.ini
c:\programme\newsoft\Presto! PageManager 7.15\OCRUtil.dll
c:\programme\newsoft\Presto! PageManager 7.15\OLDPNG32.DLL
c:\programme\newsoft\Presto! PageManager 7.15\OnLine.txt
c:\programme\newsoft\Presto! PageManager 7.15\OutlookVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\pack.dll
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\back.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\NSVIDEO.DLL
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_dw.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_fy.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VCARD.INI
c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VMPLAYER.exe
c:\programme\newsoft\Presto! PageManager 7.15\Palette.map
c:\programme\newsoft\Presto! PageManager 7.15\Paper.lst
c:\programme\newsoft\Presto! PageManager 7.15\PART.PAT
c:\programme\newsoft\Presto! PageManager 7.15\PART.PTS
c:\programme\newsoft\Presto! PageManager 7.15\pccrsdk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PcdLib32.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.hdr
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data2.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\engine32.cab
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\layout.bin
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.exe
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ibt
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ini
c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.inx
c:\programme\newsoft\Presto! PageManager 7.15\pdflib.dll
c:\programme\newsoft\Presto! PageManager 7.15\PdfViewerDl.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFWDLL.dll
c:\programme\newsoft\Presto! PageManager 7.15\PDFWriter.dll
c:\programme\newsoft\Presto! PageManager 7.15\PerformOcr.dll
c:\programme\newsoft\Presto! PageManager 7.15\PHooKDlg.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pm.ini
c:\programme\newsoft\Presto! PageManager 7.15\Pm60DB.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMANO.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMAnoSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMAppBar.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pmapps.ini
c:\programme\newsoft\Presto! PageManager 7.15\PMAPPU.INI
c:\programme\newsoft\Presto! PageManager 7.15\PMApSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMCommon.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmdata.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMDB.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMDocVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMExeBud.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMIEVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMImgVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMINSO.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMISM.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMMAIL.EXE.manifest
c:\programme\newsoft\Presto! PageManager 7.15\PMMKView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMNotes.exe
c:\programme\newsoft\Presto! PageManager 7.15\pmNotes.str
c:\programme\newsoft\Presto! PageManager 7.15\PMPageVW.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.str
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\Adobe-GB1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-4
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\EUC-CN.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\GBK.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\gkai00mp.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\ISO-2022-CN.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Adobe-CNS1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5ascii.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\bkai00mp.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Adobe-Japan1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\83pv-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-3
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-4
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hankaku
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hiragana
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Katakana
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Roman
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\WP-Symbol
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\EUC-JP.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\ISO-2022-JP.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\kochi-mincho.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\README
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Shift-JIS.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\add-to-xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\Adobe-Korea1.cidToUnicode
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\batang.ttf
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-0
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-1
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2C
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-H
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-V
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\ISO-2022-KR.unicodeMap
c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\README
c:\programme\newsoft\Presto! PageManager 7.15\PMProp.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSave.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSavePdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmsavepdf.str
c:\programme\newsoft\Presto! PageManager 7.15\PMSaveXPS.dll
c:\programme\newsoft\Presto! PageManager 7.15\Pmsb.exe
c:\programme\newsoft\Presto! PageManager 7.15\pmsb.ini
c:\programme\newsoft\Presto! PageManager 7.15\pmsb.str
c:\programme\newsoft\Presto! PageManager 7.15\PMScnSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSearch.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMSet.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmset.ini
c:\programme\newsoft\Presto! PageManager 7.15\pmsetap.ini
c:\programme\newsoft\Presto! PageManager 7.15\PMStatus.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.ilk
c:\programme\newsoft\Presto! PageManager 7.15\PMTree.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmtwain.dll
c:\programme\newsoft\Presto! PageManager 7.15\pmVideo.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMVIEW.EX_
c:\programme\newsoft\Presto! PageManager 7.15\PMVLink.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMVoice.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsCreator.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsHostView.dll
c:\programme\newsoft\Presto! PageManager 7.15\PMXpsView.dll
c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LCD
c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LMD
c:\programme\newsoft\Presto! PageManager 7.15\post.dll
c:\programme\newsoft\Presto! PageManager 7.15\PowerTVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Prestopm.exe
c:\programme\newsoft\Presto! PageManager 7.15\prestopm.str
c:\programme\newsoft\Presto! PageManager 7.15\Print.dll
c:\programme\newsoft\Presto! PageManager 7.15\Print.str
c:\programme\newsoft\Presto! PageManager 7.15\PrintFun.exe
c:\programme\newsoft\Presto! PageManager 7.15\PrintFunLnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrintHook.dll
c:\programme\newsoft\Presto! PageManager 7.15\printlnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrnDrvSetup.dll
c:\programme\newsoft\Presto! PageManager 7.15\PrnSetup.ini
c:\programme\newsoft\Presto! PageManager 7.15\Psapi.dll
c:\programme\newsoft\Presto! PageManager 7.15\PSaver.scr
c:\programme\newsoft\Presto! PageManager 7.15\PShow.exe
c:\programme\newsoft\Presto! PageManager 7.15\PTLIB.dll
c:\programme\newsoft\Presto! PageManager 7.15\Qem.dll
c:\programme\newsoft\Presto! PageManager 7.15\RapDocImg.dll
c:\programme\newsoft\Presto! PageManager 7.15\ReadFileData.dll
c:\programme\newsoft\Presto! PageManager 7.15\Readme.txt
c:\programme\newsoft\Presto! PageManager 7.15\ReadTxtInfo.dll
c:\programme\newsoft\Presto! PageManager 7.15\Recogn.dll
c:\programme\newsoft\Presto! PageManager 7.15\RECPAGE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe
c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\RegSession.dll
c:\programme\newsoft\Presto! PageManager 7.15\RemoveIcons.ico
c:\programme\newsoft\Presto! PageManager 7.15\RemovePMUserData.exe
c:\programme\newsoft\Presto! PageManager 7.15\res\Backup.ico
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_down.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_no.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_on.bmp
c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_up.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\blue_background.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P2.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p3.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P3.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p4.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P4.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Resource\IE_bg.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\MENUBAR_BG.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Resource\network_scanner.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\Toolbar_bg.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Resource\toolbar_bg1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Restore.dll
c:\programme\newsoft\Presto! PageManager 7.15\RPR371.JRT
c:\programme\newsoft\Presto! PageManager 7.15\Samples\AutumnView.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\BizCard 5.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\DVD PowerSuite 2.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Forms.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\History.JPG
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Lake.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\License.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Mr.photo3.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\PageManager 7.pdf
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Play Ground.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Shop.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\Tower.jpg
c:\programme\newsoft\Presto! PageManager 7.15\Samples\VideoWorks6.pdf
c:\programme\newsoft\Presto! PageManager 7.15\SaveToJpg.dll
c:\programme\newsoft\Presto! PageManager 7.15\SCANMAN.DRV
c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.dll
c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.str
c:\programme\newsoft\Presto! PageManager 7.15\SCANNERS.DAT
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\card_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Doc_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Letter_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\magazine_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Other_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo.BMP
c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo_c.BMP
c:\programme\newsoft\Presto! PageManager 7.15\ScrBase.dll
c:\programme\newsoft\Presto! PageManager 7.15\search.avi
c:\programme\newsoft\Presto! PageManager 7.15\Segment.dll
c:\programme\newsoft\Presto! PageManager 7.15\shfolder.dll
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\bottom.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button-1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\close.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Dlg_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\header.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\left.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\listv_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\mrphoto.nsz
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\right.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\treev_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll3.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll4.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin1.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin2.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Wnd_bk.bmp
c:\programme\newsoft\Presto! PageManager 7.15\Skin\skin.ini
c:\programme\newsoft\Presto! PageManager 7.15\SlideBarDLL.dll
c:\programme\newsoft\Presto! PageManager 7.15\sosalnk.dll
c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\ssceam2.clx
c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\Tcm.dll
c:\programme\newsoft\Presto! PageManager 7.15\TestImage2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\Trash.ico
c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LCD
c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LMD
c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PAT
c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PTS
c:\programme\newsoft\Presto! PageManager 7.15\UciG3432.dll
c:\programme\newsoft\Presto! PageManager 7.15\UciJpg32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UFioDll.dll
c:\programme\newsoft\Presto! PageManager 7.15\UFSE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\umxnts32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UNDERLIN.PAT
c:\programme\newsoft\Presto! PageManager 7.15\UNPACK.DLL
c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe
c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\unzip32.dll
c:\programme\newsoft\Presto! PageManager 7.15\UserDict.tlx
c:\programme\newsoft\Presto! PageManager 7.15\UXFSE.DLL
c:\programme\newsoft\Presto! PageManager 7.15\Vcd_NTSC
c:\programme\newsoft\Presto! PageManager 7.15\Vcd_PAL
c:\programme\newsoft\Presto! PageManager 7.15\VideoData.dll
c:\programme\newsoft\Presto! PageManager 7.15\VisioVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\VMPLAYER.exe
c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe
c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe.manifest
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_robohelp.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_webhelp.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\default.skn
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\ehlpdhtm.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.log
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_csh.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_rhc.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G.css
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\01.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\02.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\03.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\04.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\05.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\06.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\07.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\08.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\09.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\100.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\101.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\23.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\24.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\25.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\26.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\27.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\28.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\29.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\34.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\41.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\42.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\43.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\44.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\45.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\46.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\47.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\48.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\49.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\50.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\51.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\52.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\53.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\54.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\55.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\56.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\57.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\58.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\59.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\60.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\61.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\62.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\63.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\64.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\65.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\66.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\67.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\68.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\69.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\70.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\71.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\72.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\73.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\74.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\75.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\76.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\77.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\78.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\79.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\80.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\81.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\82.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\83.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\84.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\85.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\86.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\87.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\88.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\89.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\90.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\91.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\92.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\93.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\94.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\95.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\96.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\97.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\98.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\99.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image003.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image005.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image009.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image013.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image014.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image016.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image018.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image020.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image022.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image024.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image026.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image028.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image030.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image032.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image034.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image036.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image038.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image040.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image041.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image043.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image045.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image047.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image049.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image051.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image053.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image055.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image057.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image059.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image061.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image063.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image065.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image069.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image074.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image075.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image076.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image078.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image080.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image082.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image084.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image086.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image087.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image089.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image091.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image093.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image095.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image096.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image098.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image100.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image101.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image102.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image104.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image106.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image107.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image109.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image111.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image113.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image114.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image115.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image117.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image119.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image121.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image123.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image125.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image127.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image129.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image13.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image130.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image131.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image133.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image135.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image137.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image139.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image14.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image141.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image143.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image145.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image147.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image149.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image15.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image150.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image152.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image153.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image154.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image156.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image158.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image16.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image160.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image162.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image164.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image166.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image168.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image17.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image170.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image172.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image173.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image174.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image176.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image178.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image18.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image180.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image182.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image184.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image185.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image186.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image188.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image189.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image19.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image191.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image193.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image194.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image195.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image196.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image197.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image199.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image200.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image201.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image202.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image203.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image205.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image206.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image208.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image209.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image210.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image211.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image212.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Introduction_G_copy.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\MainScreen_G_copy.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Pageview_XPS_copy.jpg
|
|
30.08.2011, 20:42
| #12 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik und wg. der Größe hier Teil 2 Code:
ATTFilter c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_ns.css
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\RoboHHRE.lng
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.cab
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.jar
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcsh_home.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcshdata.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whgdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whestart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfbody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfform.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfhost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whform.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whframes.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgbody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whexpbar.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl23.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstg0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlsti0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt0.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt1.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt10.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt11.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt12.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt13.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt14.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt15.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt16.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt17.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt18.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt19.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt2.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt20.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt21.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt22.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt3.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt4.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt5.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt6.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt7.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt8.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt9.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt30.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt31.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt32.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt33.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdef.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whghost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whhost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whibody.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whidhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whiform.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whihost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whlang.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmozemu.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmsg.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whnjs.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whphost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproxy.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whres.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whrstart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_banner.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_blank.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset01.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset010.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_homepage.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_info.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_mbars.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_papplet.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pickup.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_plist.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_tbars.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whst_topics.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.ico
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstub.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abge.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgi.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgw.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abte.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abti.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abtw.jpg
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_go.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_hide.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_spac.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_sync.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab0.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab4.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab5.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab6.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab7.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab8.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_h.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_n.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc1.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc2.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc3.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc4.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws_g.gif
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtbar.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtdhtml.htm
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whthost.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtopic.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whutils.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whver.js
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whftdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfts.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata1.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata2.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata3.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata4.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata5.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whglo.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidx.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtdata0.xml
c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtoc.xml
c:\programme\newsoft\Presto! PageManager 7.15\WEBSYNC.INI
c:\programme\newsoft\Presto! PageManager 7.15\WebSyncEx.dll
c:\programme\newsoft\Presto! PageManager 7.15\WordVBA.dll
c:\programme\newsoft\Presto! PageManager 7.15\Work\ANNODB\stamp.___
c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.exe
c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.tlb
c:\programme\newsoft\Presto! PageManager 7.15\WriteData2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteDriver2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteIfo2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteOcr2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\WriteTxt2Pdf.dll
c:\programme\newsoft\Presto! PageManager 7.15\xpdfrc
c:\programme\newsoft\Presto! PageManager 7.15\XpsCreator.dll
c:\programme\newsoft\Presto! PageManager 7.15\zip32.dll
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
c:\windows\XSxS
H:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_STEC3
-------\Service_STEC3
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-07-28 bis 2011-08-30 ))))))))))))))))))))))))))))))
.
.
2011-08-29 22:29 . 2011-08-29 22:29 -------- d-----w- c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Samsung
2011-08-29 22:27 . 2011-07-18 04:24 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-08-29 22:27 . 2011-07-18 04:24 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-08-29 22:23 . 2011-08-29 22:26 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Samsung
2011-08-29 22:16 . 2011-08-29 22:16 -------- d-----w- c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
2011-08-29 18:31 . 2011-08-29 18:31 -------- d-----w- C:\_OTL
2011-08-28 19:16 . 2011-08-28 19:16 -------- d-----w- c:\programme\ESET
2011-08-21 18:51 . 2011-08-21 18:51 -------- d-----w- c:\dokumente und einstellungen\Heini\Anwendungsdaten\Malwarebytes
2011-08-21 18:51 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-21 18:51 . 2011-08-21 18:51 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2011-08-21 18:51 . 2011-08-21 18:51 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2011-08-21 18:51 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-13 09:38 . 2011-08-13 09:38 -------- d-----w- c:\dokumente und einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com
2011-08-11 14:27 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 14:26 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-23 19:16 . 2011-05-15 10:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-26 15:26 . 2011-07-26 15:26 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-07-26 15:26 . 2011-07-26 15:26 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-07-26 15:26 . 2011-07-26 15:26 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-07-26 15:26 . 2011-07-26 15:26 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-07-26 15:26 . 2011-07-26 15:26 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-07-26 15:26 . 2011-07-26 15:26 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-07-26 15:26 . 2011-07-26 15:26 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-07-26 15:26 . 2011-07-26 15:26 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-07-26 15:26 . 2011-07-26 15:26 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-07-26 15:26 . 2011-07-26 15:26 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-07-26 15:26 . 2011-07-26 15:26 172032 ----a-w- c:\windows\system32\muzapp.exe
2011-07-26 15:26 . 2011-07-26 15:26 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\avrt.dll
2011-07-26 15:26 . 2011-07-26 15:26 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-07-26 15:26 . 2011-07-26 15:26 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-07-26 15:26 . 2011-07-26 15:26 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-07-26 15:26 . 2011-07-26 15:26 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-07-15 13:29 . 2001-08-23 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-08-23 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-03 16:31 . 2011-07-03 16:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-03 16:31 . 2010-08-04 19:09 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-30 18:49 . 2009-03-27 18:13 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-30 18:49 . 2009-03-27 18:13 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-24 14:10 . 2005-07-30 14:46 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2008-03-09 18:41 672768 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:18 . 2001-08-23 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-06-21 18:16 . 2004-08-04 12:00 371200 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2001-08-23 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2001-08-23 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys
2007-08-10 15:35 . 2007-08-10 15:28 21733696 ----a-w- c:\programme\SkypeSetup.exe
2008-01-29 12:51 . 2008-01-29 12:51 27976 ----a-w- c:\programme\mozilla firefox\plugins\atgpcdec.dll
2008-01-29 12:51 . 2008-01-29 12:51 125848 ----a-w- c:\programme\mozilla firefox\plugins\atgpcext.dll
2008-01-29 12:51 . 2008-01-29 12:51 46408 ----a-w- c:\programme\mozilla firefox\plugins\atmccli.dll
2008-01-29 12:51 . 2008-01-29 12:51 98712 ----a-w- c:\programme\mozilla firefox\plugins\ieatgpc.dll
2011-08-21 09:33 . 2011-03-29 16:48 134104 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="c:\programme\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-26 313352]
"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"CTSyncU.exe"="c:\programme\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"KiesPDLR"="c:\programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-22 20880]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"SiSPower"="SiSPower.dll" [2006-03-09 49152]
"BCSSync"="c:\programme\microsoft office\Office14\BCSSync.exe" [2010-03-13 91520]
"CTCheck"="c:\programme\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-03 273544]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-04-08 254696]
"KiesHelper"="c:\programme\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Sitecom 300N USB Wireless LAN Utility.lnk - c:\programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe [2010-12-8 937984]
Wireless Configuration Utility.lnk - c:\programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe [2004-10-6 442368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programme\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\programme\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk*\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\SanDisk Media Manager.lnk
backup=c:\windows\pss\SanDisk Media Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Squeezebox Server-Taskleisten-Tool.lnk
backup=c:\windows\pss\Squeezebox Server-Taskleisten-Tool.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk
backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnkCommon Startup
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"WrtMon.exe"=c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
"TrueImageMonitor.exe"=c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe
"CanonSolutionMenu"=c:\programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"AcronisTimounterMonitor"=c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe
"Acronis Scheduler2 Service"="c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
"SBCSTray"=c:\programme\Sunbelt Software\CounterSpy\SBCSTray.exe
"OpwareSE4"="c:\programme\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"ATIPTA"=c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\NX Client for Windows\\nxclient.exe"=
"c:\\Programme\\NX Client for Windows\\bin\\nxssh.exe"=
"c:\programme\Microsoft ActiveSync\rapimgr.exe"= c:\programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programme\Microsoft ActiveSync\wcescomm.exe"= c:\programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programme\Microsoft ActiveSync\WCESMgr.exe"= c:\programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programme\\Squeezebox\\SqueezePlay\\squeezeplay.exe"=
"c:\\Programme\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Programme\\SITECOM\\300N USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\Programme\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9000:TCP"= 9000:TCP:Squeezebox Server 9000 tcp (UI)
"3483:UDP"= 3483:UDP:Squeezebox Server 3483 udp
"3483:TCP"= 3483:TCP:Squeezebox Server 3483 tcp
"9090:TCP"= 9090:TCP:Squeezebox Server 9090 tcp (UI)
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"9001:TCP"= 9001:TCP:Squeezebox Server 9001 tcp (UI)
"9002:TCP"= 9002:TCP:Squeezebox Server 9002 tcp (UI)
"9003:TCP"= 9003:TCP:Squeezebox Server 9003 tcp (UI)
"9004:TCP"= 9004:TCP:Squeezebox Server 9004 tcp (UI)
"9005:TCP"= 9005:TCP:Squeezebox Server 9005 tcp (UI)
"9006:TCP"= 9006:TCP:Squeezebox Server 9006 tcp (UI)
"9007:TCP"= 9007:TCP:Squeezebox Server 9007 tcp (UI)
"9008:TCP"= 9008:TCP:Squeezebox Server 9008 tcp (UI)
"9009:TCP"= 9009:TCP:Squeezebox Server 9009 tcp (UI)
"9010:TCP"= 9010:TCP:Squeezebox Server 9010 tcp (UI)
"9100:TCP"= 9100:TCP:Squeezebox Server 9100 tcp (UI)
"8000:TCP"= 8000:TCP:Squeezebox Server 8000 tcp (UI)
"10000:TCP"= 10000:TCP:Squeezebox Server 10000 tcp (UI)
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R0 SBHR;SBHR;c:\windows\system32\drivers\sbhr.sys [21.09.2007 20:11 15544]
R1 SASDIFSV;SASDIFSV;c:\programme\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\programme\SUPERAntiSpyware\SASKUTIL.SYS [10.05.2010 20:41 67656]
R2 a2free;a-squared Free Service;c:\programme\a-squared Free\a2service.exe [30.08.2007 21:19 380528]
R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [10.01.2009 20:41 108768]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\programme\Avira\AntiVir Desktop\avmailc.exe [27.03.2009 20:13 340136]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.03.2009 20:13 136360]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [27.03.2009 20:13 428200]
R2 AVMPORT;AVMPORT;c:\windows\system32\drivers\avmport.sys [31.07.2005 19:03 59520]
R2 CDMA Device Service;CDMA Device Service;c:\programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [30.08.2011 00:28 63488]
R2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [04.11.2010 16:41 9728]
R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL [?]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [08.12.2010 16:54 605856]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]
S3 ACRUSBTM;ACRUSBTM;c:\windows\system32\drivers\ACRUSBTM.SYS [26.09.2008 19:52 28672]
S3 ALSysIO;ALSysIO;\??\c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys --> c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys [?]
S3 AVMBTPARALLEL;AVM Bluetooth Druckeranschluss;c:\windows\system32\drivers\avmbtpar.sys [09.12.2003 02:00 60032]
S3 AVMBTSERIAL;AVM Bluetooth Kommunikationsanschluss;c:\windows\system32\drivers\avmbtser.sys [09.12.2003 02:00 61056]
S3 AVMBTSND;AVM Bluetooth Audio Driver;c:\windows\system32\drivers\avmbtsnd.sys [09.12.2003 02:00 48128]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmcowan.sys [09.12.2003 02:00 53120]
S3 AVMWAN;NDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmwan.sys [11.01.2002 02:00 37568]
S3 bfubase;BlueFRITZ! USB (WinXP/2000);c:\windows\system32\drivers\bfubase.sys [11.01.2002 02:00 741600]
S3 CAPI_CIP;AVM Bluetooth CAPI-Controller;c:\windows\system32\drivers\capi_cip.sys [09.12.2003 02:00 334464]
S3 FXDRV;FXDRV;\??\f:\fxdrv.sys --> f:\Fxdrv.sys [?]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys --> c:\windows\system32\DRIVERS\gflmouhid.sys [?]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys --> c:\windows\system32\DRIVERS\gMouPS2.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programme\Microsoft Office\Office14\GROOVE.EXE [25.03.2010 10:25 30969208]
S3 NETBFPAN;AVM Bluetooth Netzwerkadapter;c:\windows\system32\drivers\netbfpan.sys [09.12.2003 02:00 35914]
S3 NETPPPOI;PPP over ISDN;c:\windows\system32\DRIVERS\NETPPPOI.SYS --> c:\windows\system32\DRIVERS\NETPPPOI.SYS [?]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]
S3 SBAPIFS;SBAPIFS;\??\c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [30.08.2011 00:27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [30.08.2011 00:27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [30.08.2011 00:27 136808]
S3 TelekomNM3;Telekom Netzmanager Packet Filter Driver;c:\programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [16.09.2010 17:02 35040]
S3 vmdmd;Fax Port Driver;c:\windows\system32\DRIVERS\vmdmd.sys --> c:\windows\system32\DRIVERS\vmdmd.sys [?]
.
Inhalt des "geplante Tasks" Ordners
.
2011-07-29 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 18:08]
.
2011-08-30 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-24 08:49]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]
.
2011-08-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\programme\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\programme\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\programme\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\programme\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\programme\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\programme\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\programme\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\programme\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\programme\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\programme\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\programme\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-08-30 21:17
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32*]
"Class"=hex:ab,c2,74,5b,6c,67,a9,07,13,e0,e1,24,c4,1e,4a,fb,d0,dd,48,ff,50,95,
74,f9,62,57,09,f4,e8,d4,30,f1,4b,a8,a7,f4,da,c8,33,9b,48,b8,7b,81,1c,3c,a0,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32*]
"Class"=hex:d4,5f,d4,fd,c6,b4,bf,77,56,75,0e,52,68,44,fd,05,8e,61,64,c7,8d,04,
9a,0b,b9,cb,a4,63,56,e1,dc,88,12,6f,67,c0,be,41,6e,1a,5f,f5,6e,06,f1,d3,3b,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32*]
"Class"=hex:f3,ab,5e,97,03,e1,3c,b2,5c,49,a2,43,b6,d1,e5,c5,4b,ee,a8,8b,ce,e3,
cb,73,38,b0,4e,da,18,a2,d6,e6,a5,c5,c6,e0,b7,1a,9c,c8,70,f7,de,d4,54,22,a8,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32*]
"Class"=hex:00,6d,78,af,8e,b4,c4,17,0d,65,d8,5a,38,fb,be,e6,2f,8e,89,d1,8e,02,
54,5e,95,6e,74,67,f4,3e,de,b1,ca,82,ab,ce,60,43,ae,c2,54,81,2e,60,f2,26,2a,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32*]
"Class"=hex:89,da,99,86,00,20,ba,1a,0b,25,73,fb,c0,a4,b3,0a,6e,4f,c7,08,79,c4,
d1,83,39,9c,db,89,9d,f2,49,60,5c,1f,96,f0,be,29,fa,4e,76,f3,eb,fa,6e,f6,eb,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32*]
"Class"=hex:e0,87,86,cb,2c,02,0d,e2,e4,2d,5f,b7,cc,39,20,ae,75,dd,d6,b4,27,7e,
88,a3,95,7b,a8,60,04,6e,49,6d,c2,61,b4,4e,e4,fa,0e,8e,5d,e4,9e,e3,2c,8f,95,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32*]
"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32*]
"Class"=hex:62,d9,7b,80,32,b6,7f,b4,72,cc,ad,10,b5,81,92,8c,f4,2d,3f,f2,17,44,
72,ff,30,bf,6d,7f,b6,a7,14,b7,e4,dc,27,c8,a4,ed,83,e5,c2,49,5d,bc,c1,fa,a0,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\PSGuard.com\PSGuard\P.S.Guard\License*]
"Data"="InstallTime=1c5c537:93680c70\0d\0aLastRunTime=1c5c539:45626050\0d\0a"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(660)
c:\programme\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(716)
c:\programme\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(3128)
c:\progra~1\GEMEIN~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1031\GrooveIntlResource.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
c:\windows\system32\CTsvcCDA.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
c:\programme\Sunbelt Software\CounterSpy\SBCSSvc.exe
c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe
c:\programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\MICROS~3\rapimgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-08-30 21:31:09 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-08-30 19:31
ComboFix2.txt 2007-09-07 16:21
.
Vor Suchlauf: 17 Verzeichnis(se), 21.577.994.240 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 21.583.536.128 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
.
- - End Of File - - C430AB272156B5FD96A200FE93017425
Gruß Heini |
|
31.08.2011, 10:55
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.09.2011, 21:20
| #14 |
| | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Hier die Logs [code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-09-01 03:28:22
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10
Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys
---- System - GMER 1.0.15 ----
SSDT F7B3B9F4 ZwClose
SSDT F7B3B9AE ZwCreateKey
SSDT F7B3B9FE ZwCreateSection
SSDT F7B3B9A4 ZwCreateThread
SSDT F7B3B9B3 ZwDeleteKey
SSDT F7B3B9BD ZwDeleteValueKey
SSDT F7B3B9EF ZwDuplicateObject
SSDT F7B3B9C2 ZwLoadKey
SSDT sbhr.sys ZwOpenKey [0xF789F4D0]
SSDT F7B3B990 ZwOpenProcess
SSDT F7B3B995 ZwOpenThread
SSDT F7B3B9CC ZwReplaceKey
SSDT F7B3B9C7 ZwRestoreKey
SSDT F7B3BA03 ZwSetContextThread
SSDT F7B3B9B8 ZwSetValueKey
SSDT F7B3B99F ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xB17F9900]
.text C:\WINDOWS\system32\drivers\ACEDRV05.sys section is writeable [0xA93D2000, 0x30A4A, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0xA9414000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV05.sys unknown last section [0xA942F000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\drivers\ACEDRV08.sys section is writeable [0xA9370000, 0x328BA, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV08.sys entry point in ".pklstb" section [0xA93B4000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV08.sys unknown last section [0xA93D0000, 0x8E, 0x42000040]
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2092] ntdll.dll!DbgUiRemoteBreakin 7C9620EC 1 Byte [C3]
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \FileSystem\Ntfs \Ntfs sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@Class 0xAB 0xC2 0x74 0x5B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@Class 0xD4 0x5F 0xD4 0xFD ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@Class 0xF3 0xAB 0x5E 0x97 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@Class 0x00 0x6D 0x78 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@Class 0x89 0xDA 0x99 0x86 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@Class 0xE0 0x87 0x86 0xCB ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@Class 0x00 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@Class 0x62 0xD9 0x7B 0x80 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
---- EOF - GMER 1.0.15 ----
OSAM OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 20:31:23 on 01.09.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 6.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - ? - autochk* (File not found) [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe "RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe "RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe "1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl "ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl "FINDFAST.CPL" - "Microsoft Corporation" - C:\WINDOWS\system32\FINDFAST.CPL "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "mbllnk.cpl" - "AvantGo, Inc." - C:\WINDOWS\system32\mbllnk.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir PersonalEdition Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Avira AntiVir PersonalEdition Premium Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl (File not found) "Avira AntiVir Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL "Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ACEDRV05" (ACEDRV05) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV05.sys "ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys "Acronis Snapshots Manager" (snapman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\snapman.sys "Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\timntr.sys "Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tifsfilt.sys "Acronis Try&Decide and Restore Points filter" (tdrpman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tdrpman.sys "ACRUSBTM" (ACRUSBTM) - ? - C:\WINDOWS\system32\drivers\ACRUSBTM.SYS "Add Performance Filter Driver" (sisperf) - "Silicon Integrated Systems Corp." - C:\WINDOWS\System32\drivers\sisperf.sys "AEGIS Protocol (IEEE 802.1x) v3.7.5.0" (AegisP) - "Cisco Systems, Inc." - C:\WINDOWS\System32\DRIVERS\AegisP.sys "ALSysIO" (ALSysIO) - ? - C:\DOKUME~1\Heini\LOKALE~1\Temp\ALSysIO.sys (File not found) "ASPI32" (ASPI32) - "Adaptec" - C:\WINDOWS\system32\drivers\ASPI32.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "AVM Bluetooth Audio Driver" (AVMBTSND) - "AVM GmbH" - C:\WINDOWS\System32\drivers\avmbtsnd.sys "AVM Bluetooth CAPI-Controller" (CAPI_CIP) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\capi_cip.sys "AVM Bluetooth Druckeranschluss" (AVMBTPARALLEL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtpar.sys "AVM Bluetooth Kommunikationsanschluss" (AVMBTSERIAL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtser.sys "AVM Bluetooth Netzwerkadapter" (NETBFPAN) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\netbfpan.sys "AVM ISDN CoNDIS WAN CAPI Treiber" (AVMCOWAN) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmcowan.sys "AVMPORT" (AVMPORT) - "AVM Berlin" - C:\WINDOWS\System32\drivers\avmport.sys "BlueFRITZ! USB (WinXP/2000)" (bfubase) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\bfubase.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Fax Port Driver" (vmdmd) - ? - C:\WINDOWS\System32\DRIVERS\vmdmd.sys (File not found) "FXDRV" (FXDRV) - ? - F:\Fxdrv.sys (File not found) "grmnusb" (grmnusb) - "GARMIN Corp." - C:\WINDOWS\System32\drivers\grmnusb.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCANDIS5 Protocol Driver" (PCANDIS5) - ? - C:\D-Link\AIRPLU~1\PCANDIS5.SYS (File not found) "PCASp50 NDIS Protocol Driver" (PCASp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\System32\Drivers\PCASp50.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PPP over ISDN" (NETPPPOI) - ? - C:\WINDOWS\System32\DRIVERS\NETPPPOI.SYS (File not found) "PS2 Scroll Mouse Device" (gMouPS2) - ? - C:\WINDOWS\System32\DRIVERS\gMouPS2.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS "SBAPIFS" (SBAPIFS) - ? - C:\WINDOWS\system32\drivers\sbapifs.sys (File not found) "SBHR" (SBHR) - ? - C:\WINDOWS\System32\drivers\sbhr.sys "Scroll Mouse Driver" (genmcmn) - ? - C:\WINDOWS\System32\DRIVERS\gmfiltr.sys (File not found) "sisidex" (sisidex) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\System32\drivers\sisidex.sys "SoundTap Recorder" (NCHSSVAD) - "NCH Swift Sound" - C:\WINDOWS\System32\drivers\nchssvad.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "Telekom Netzmanager Packet Filter Driver" (TelekomNM3) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys "TVICHW32" (TVICHW32) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS "USB Scroll Mouse Driver" (genmcmnUSB) - ? - C:\WINDOWS\System32\DRIVERS\gflmouhid.sys (File not found) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9} "{17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll {d7b95390-b1c5-11d0-b111-0080c712fe82} "mctp" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll {C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL {49BF5420-FA7F-11cf-8011-00A0C90A8F78} "Mobiles Gerät" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Wcesview.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\OLKFSTUB.DLL {A12BE4C1-968E-4b81-96E3-E9ECA5913634} "PBN.PBNMaximumMP3ShellExtension" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information) {4AFB2C17-9D16-4478-AEF4-C3FC539961E4} "ZEN Media Explorer" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\SHCTMTP.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {6C269571-C6D7-4818-BCA4-32A035E8C884} "Creative Software AutoUpdate" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTSUEngn.ocx / hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab {F6ACF75C-C32C-447B-9BEF-46B766368D29} "Creative Software AutoUpdate Support Package" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPID.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab {D4B68B83-8710-488B-A692-D74B50BA558E} "Creative Software AutoUpdate Support Package 2" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPIDPDE.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab {4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\System32\legitcheckcontrol.dll / hxxp://go.microsoft.com/fwlink/?linkid=39204 -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIE.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "Create Mobile Favorite" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Sitecom 300N USB Wireless LAN Utility.lnk" - "Sitecom Corp." - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Shortcut exists | File exists) "Wireless Configuration Utility.lnk" - ? - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Heini\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "CTSyncU.exe" - ? - "C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe" "H/PC Connection Agent" - "Microsoft Corporation" - "C:\Programme\Microsoft ActiveSync\wcescomm.exe" "KiesPDLR" - ? - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe "TuneUp MemOptimizer" - "TuneUp Software GmbH" - "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "BCSSync" - "Microsoft Corporation" - "C:\programme\microsoft office\Office14\BCSSync.exe" /DelayServices "CTCheck" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe "KiesHelper" - "Samsung" - C:\Programme\Samsung\Kies\KiesHelper.exe /s "KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Programme\Samsung\Kies\KiesTrayAgent.exe "SiSPower" - "Silicon Integrated Systems Corporation" - Rundll32.exe SiSPower.dll,ModeAgent "SiSUSBRG" - "Silicon Integrated Systems Corp." - C:\WINDOWS\SiSUSBrg.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" "TkBellExe" - "RealNetworks, Inc." - "C:\program files\real\realplayer\update\realsched.exe" -osboot [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Teledat 150 Color Fax Port Monitor" - ? - TelColorPort.dll (File not found) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "a-squared Free Service" (a2free) - "Emsi Software GmbH" - C:\Programme\a-squared Free\a2service.exe "Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe "Acronis Try And Decide Service" (TryAndDecideService) - ? - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe (File found, but it contains no detailed information) "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avmailc.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE "CDMA Device Service" (CDMA Device Service) - ? - C:\Programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe "Creative Service for CDROM Access" (Creative Service for CDROM Access) - "Creative Technology Ltd" - C:\WINDOWS\system32\CTsvcCDA.exe "Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\programme\microsoft office\Office14\GROOVE.EXE "Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe "Netzmanager Infrastruktur Informationssystem Dienst" (Netzmanager Service) - "Deutsche Telekom AG" - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "SqueezeMySQL" (SqueezeMySQL) - ? - C:\PROGRA~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe (File found, but it contains no detailed information) "Sunbelt CounterSpy Antispyware" (SBCSSvc) - "Sunbelt Software" - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe "TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== --- --- --- AVAST ist mir während des Scans mit folgender Meldung abgestürzt Code:
ATTFilter avast! Antirootkit hat ein Problem festgestellt und muss beendet werden.
Problemsignatur____________________________________________________
AppName: aswmbr.exe AppVer: 0.9.8.986 ModName: ntdll.dll
ModVer: 5.1.2600.6055 Offset: 00011689
Gruß Heini Geändert von Heini66 (01.09.2011 um 21:23 Uhr) Grund: falsche Formatierung |
|
01.09.2011, 21:44
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik Ja, Avast nochmal probieren. Fall es wieder abkachelt, mach dann ein Log mit dem "älteren" mbrcheck: Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik |
| 0x00000001, acedrv05.sys, adobe, alternate, antivir, avira, bho, c:\windows\system32\rundll32.exe, desktop, document, einstellungen, error, excel.exe, explorer, firefox, fontcache, gereinigt, google earth, helper, home, mp3, object, plug-in, realtek, rundll, scan, sched.exe, senden, server, software, system, trojaner, usb, winlogon.exe, wiso |
Linear-Darstellung
