Trojaner-Board - SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik (https://www.trojaner-board.de/102915-sasw-scan-findet-psguard-trojan-agent-gen-krpytik.html)

SASW-Scan findet PSGuard und Trojan.Agent/Gen-Krpytik

Hallihallo,

habe vor kurzen dank eurer Hilfe meinen Laptop gereinigt und mir die in den Tips genannten Scanner auch mal über mein Arbeitstier (Desktop PC) laufen lassen. Und siehe da, o.g. Trojaner sind vorhanden.

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 08/21/2011 at 02:25 PM
 

Application Version : 4.55.1000
 

Core Rules Database Version : 7369

Trace Rules Database Version: 5181
 

Scan type       : Complete Scan

Total Scan Time : 02:43:36
 

Memory items scanned      : 619

Memory threats detected   : 0

Registry items scanned    : 8667

Registry threats detected : 5

File items scanned        : 45424

File threats detected     : 1
 

Trojan.PSGuard

        HKLM\Software\PSGuard.com

        HKLM\Software\PSGuard.com\PSGuard

        HKLM\Software\PSGuard.com\PSGuard\P.S.Guard

        HKLM\Software\PSGuard.com\PSGuard\P.S.Guard\License
 

Disabled.SecurityCenterOption

        HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY
 

Trojan.Agent/Gen-Krpytik

        C:\SYSTEM VOLUME INFORMATION\_RESTORE{48B68672-9289-46DB-AAD7-5E9EDB5B7F7A}\RP486\A0150910.EXE

OTL Logfile

OTL Logfile:

Code:

OTL logfile created on: 27.08.2011 15:22:20 - Run 6

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Dokumente und Einstellungen\Heini\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,28% Memory free

3,85 Gb Paging File | 3,45 Gb Available in Paging File | 89,57% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74,55 Gb Total Space | 19,99 Gb Free Space | 26,81% Space Free | Partition Type: NTFS

Drive E: | 46,02 Gb Total Space | 3,23 Gb Free Space | 7,01% Space Free | Partition Type: NTFS

Drive G: | 40,00 Gb Total Space | 35,87 Gb Free Space | 89,67% Space Free | Partition Type: NTFS

Drive H: | 106,10 Gb Total Space | 103,33 Gb Free Space | 97,39% Space Free | Partition Type: NTFS

Drive I: | 982,13 Mb Total Space | 981,20 Mb Free Space | 99,91% Space Free | Partition Type: FAT

 

Computer Name: ARBEITSZIMMER | User Name: Heini | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()

PRC - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()

PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)

PRC - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)

PRC - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software)

PRC - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()

PRC - C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH)

PRC - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()

MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()

MOD - C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()

MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()

MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\EnumDevLib.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()

MOD - C:\Programme\WinRAR\RarExt.dll ()

MOD - C:\Programme\Sunbelt Software\CounterSpy\SBFDAccessLayer.dll ()

MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()

MOD - C:\Programme\SITECOM\300N USB Wireless LAN Utility\acAuth.dll ()

MOD - C:\Programme\Creative\Sync Manager Unicode\CTSyncRs.crl ()

MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanDll.dll ()

MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()

MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\tiwlnapi.dll ()

MOD - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\ExtWLANconfig.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AppMgmt) --  File not found

SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)

SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)

SRV - (SqueezeMySQL) -- C:\Programme\Squeezebox\server\Bin\MSWin32-x86-multi-thread\mysqld.exe ()

SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\programme\microsoft office\Office14\GROOVE.EXE (Microsoft Corporation)

SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (a2free) -- C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH)

SRV - (TryAndDecideService) -- C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe ()

SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)

SRV - (SBCSSvc) -- C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe (Sunbelt Software)

SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (TelekomNM3) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)

DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (RTL8192su) -- C:\WINDOWS\system32\drivers\rtl8192su.sys (Realtek Semiconductor Corporation                           )

DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)

DRV - (timounter) -- C:\WINDOWS\System32\DRIVERS\timntr.sys (Acronis)

DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)

DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)

DRV - (tdrpman) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)

DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (ACEDRV08) -- C:\WINDOWS\system32\drivers\ACEDRV08.sys (Protect Software GmbH)

DRV - (SBHR) -- C:\WINDOWS\system32\drivers\sbhr.sys ()

DRV - (ACRUSBTM) -- C:\WINDOWS\system32\drivers\ACRUSBTM.SYS ()

DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)

DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)

DRV - (ACEDRV05) -- C:\WINDOWS\system32\drivers\ACEDRV05.sys (Protect Software GmbH)

DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation)

DRV - (odysseyIM3) -- C:\WINDOWS\system32\drivers\odysseyIM3.sys (Funk Software, Inc.)

DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)

DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)

DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)

DRV - (bfubase) BlueFRITZ! USB (WinXP/2000) -- C:\WINDOWS\system32\drivers\bfubase.sys (AVM Berlin)

DRV - (CAPI_CIP) -- C:\WINDOWS\system32\drivers\capi_cip.sys (AVM Berlin)

DRV - (AVMBTSERIAL) -- C:\WINDOWS\system32\drivers\avmbtser.sys (AVM GmbH)

DRV - (AVMBTPARALLEL) -- C:\WINDOWS\system32\drivers\avmbtpar.sys (AVM GmbH)

DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH)

DRV - (AVMBTSND) -- C:\WINDOWS\system32\drivers\avmbtsnd.sys (AVM GmbH)

DRV - (NETBFPAN) -- C:\WINDOWS\system32\drivers\netbfpan.sys (AVM Berlin)

DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)

DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)

DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)

DRV - (AVMPORT) -- C:\WINDOWS\System32\drivers\avmport.sys (AVM Berlin)

DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)

DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\ASPI32.sys (Adaptec)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="

FF - prefs.js..browser.search.selectedEngine: "Winamp Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2

FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.07.03 17:44:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.21 11:33:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.07.03 17:45:04 | 000,000,000 | ---D | M]

 

[2008.07.16 19:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Extensions

[2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions

[2010.01.10 21:31:40 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2011.06.04 19:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions

[2010.03.11 21:51:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.01.10 21:58:07 | 000,001,201 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\0z1vro3b.default\searchplugins\winamp-search.xml

[2011.07.03 18:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2009.11.27 18:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2011.07.03 18:32:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011.08.21 11:33:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2008.01.29 14:51:48 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcdec.dll

[2008.01.29 14:51:49 | 000,125,848 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\atgpcext.dll

[2008.01.29 14:51:56 | 000,046,408 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\atmccli.dll

[2008.01.29 14:51:58 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\ieatgpc.dll

[2008.01.29 14:51:45 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- C:\Programme\mozilla firefox\plugins\npatgpc.dll

[2011.07.03 18:31:46 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2008.02.04 19:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\npOGAPlugin.dll

[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll

[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2008.01.12 14:36:52 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BCSSync] C:\programme\microsoft office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [CTCheck] C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)

O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [CTSyncU.exe] C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe ()

O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe (TuneUp Software GmbH)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Sitecom 300N USB Wireless LAN Utility.lnk = C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe (Sitecom Corp.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless Configuration Utility.lnk = C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258913469140 (WUWebControl Class)

O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Jasc Paint Shop Photo Album 5 Wallpaper.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe

O34 - HKLM BootExecute: (autocheck autochk*) -  File not found

O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {33666497-F8FD-B072-8516-BBFCA94B688C} - Microsoft Windows Media Player 6.4

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D250360C-56E2-6065-3DC5-8F6CBAFEB99A} - Windows Media Player

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

NetSvcs: 6to4 -  File not found

NetSvcs: AppMgmt -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk -  - File not found

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk - C:\Programme\Squeezebox\SqueezeTray.exe - (SlimDevices - A Logitech Company)

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe - ()

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.08.27 15:20:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe

[2011.08.21 20:51:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Malwarebytes

[2011.08.21 20:51:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011.08.21 20:51:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2011.08.21 20:51:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2011.08.21 20:51:41 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2011.08.21 20:51:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2011.08.21 11:32:03 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Heini\Recent

[2011.08.13 11:38:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com

[2007.08.10 17:28:21 | 021,733,696 | ---- | C] (Skype Technologies S.A.                                     ) -- C:\Programme\SkypeSetup.exe

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.08.27 15:20:15 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Heini\Desktop\OTL.exe

[2011.08.27 14:47:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011.08.27 13:44:31 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2011.08.27 13:43:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011.08.27 13:42:48 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job

[2011.08.27 13:42:46 | 000,021,760 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011.08.27 13:42:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011.08.26 07:13:56 | 1357,644,800 | ---- | M] () -- C:\WINDOWS\outlook.pst

[2011.08.23 22:00:19 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe

[2011.08.22 21:29:06 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable

[2011.08.21 20:51:47 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.08.21 17:47:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job

[2011.08.21 12:15:21 | 000,000,597 | ---- | M] () -- C:\Dokumente und Einstellungen\Heini\.Xauthority

[2011.08.14 22:14:44 | 000,001,211 | ---- | M] () -- C:\WINDOWS\wiso.ini

[2011.08.11 22:14:16 | 000,448,894 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2011.08.11 22:14:16 | 000,432,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011.08.11 22:14:16 | 000,080,558 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2011.08.11 22:14:16 | 000,067,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.08.23 22:00:18 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Desktop\n5mbq4tp.exe

[2011.08.22 21:29:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\defogger_reenable

[2011.08.21 20:51:47 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.06.02 21:17:38 | 000,000,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\default.rss

[2011.06.02 21:16:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2011.01.23 17:03:02 | 000,000,546 | ---- | C] () -- C:\WINDOWS\hpbafd.ini

[2010.12.08 16:54:08 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe

[2010.09.12 02:18:29 | 001,495,944 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat

[2010.09.11 19:55:07 | 000,000,279 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc

[2009.12.21 20:15:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2009.12.13 14:07:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\InstFunc.exe

[2009.12.09 22:33:15 | 000,108,021 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini

[2009.12.09 22:33:15 | 000,033,373 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini

[2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin

[2009.12.09 22:33:05 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin

[2009.12.09 22:33:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin

[2009.09.30 20:28:22 | 000,000,418 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\burnaware.ini

[2009.09.06 18:54:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI

[2009.01.10 20:39:34 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe

[2009.01.10 20:32:23 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini

[2009.01.04 19:00:31 | 000,000,823 | ---- | C] () -- C:\WINDOWS\uninst.ini

[2008.09.26 19:52:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\ACRUSBTM.SYS

[2008.03.09 20:42:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2008.03.09 14:48:29 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc

[2008.03.08 13:35:09 | 000,283,392 | R--- | C] () -- C:\WINDOWS\System32\drivers\GPlus.sys

[2007.12.12 00:00:21 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll

[2007.12.11 23:57:18 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2007.09.21 20:11:11 | 000,015,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sbhr.sys

[2007.09.19 20:39:52 | 000,002,779 | ---- | C] () -- C:\WINDOWS\tm.ini

[2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat

[2007.09.15 02:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBFC.dat

[2007.09.07 18:16:03 | 000,109,056 | ---- | C] () -- C:\WINDOWS\catchme.exe

[2007.09.07 18:16:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe

[2007.09.07 18:16:03 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe

[2007.08.09 20:48:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\$_hpcst$.hpc

[2007.05.27 14:00:35 | 000,002,513 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2007.05.27 13:53:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2007.05.08 19:55:53 | 000,000,054 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI

[2007.05.02 22:49:15 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2006.12.12 18:24:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2006.10.30 11:30:30 | 000,010,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBTEDrv.sys

[2006.09.03 19:08:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw110.INI

[2006.08.14 20:11:09 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html

[2006.08.14 20:09:00 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat

[2006.06.28 13:42:10 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini

[2006.04.28 22:05:14 | 000,127,614 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2006.04.22 12:21:18 | 000,083,455 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006.02.19 20:53:26 | 000,000,275 | ---- | C] () -- C:\WINDOWS\buhl.ini

[2006.02.19 20:52:48 | 000,001,211 | ---- | C] () -- C:\WINDOWS\wiso.ini

[2006.02.12 19:06:43 | 000,012,648 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_audio.Cache

[2005.11.15 22:55:31 | 001,297,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\rx_image.Cache

[2005.11.15 21:54:39 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2005.11.02 11:39:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll

[2005.11.02 11:39:16 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll

[2005.10.18 10:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\msdvd_uk.dll

[2005.10.18 10:40:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\msdvd_se.dll

[2005.10.18 10:39:00 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\msdvd_fr.dll

[2005.10.18 10:39:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\msdvd_en.dll

[2005.10.18 10:36:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\msdvd_de.dll

[2005.10.18 10:33:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\mp2EncoderDll.dll

[2005.10.18 10:32:00 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\mplex.dll

[2005.10.18 10:25:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ifoutil.dll

[2005.10.18 10:05:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ifoData.dll

[2005.10.18 10:04:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dvdscript.dll

[2005.10.18 10:03:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DVDExtractor.dll

[2005.10.18 09:48:00 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\decoderDll.dll

[2005.10.18 09:47:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\audioDecode.dll

[2005.10.04 10:15:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll

[2005.09.22 18:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005.09.17 12:38:56 | 000,151,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005.09.11 20:05:46 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

[2005.08.28 12:14:52 | 000,000,024 | ---- | C] () -- C:\WINDOWS\audiovie.ini

[2005.08.28 12:14:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WOC_CDDA.ini

[2005.08.28 12:07:33 | 000,000,122 | ---- | C] () -- C:\WINDOWS\cddabase.ini

[2005.08.03 21:13:49 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WinOnCD.ini

[2005.07.31 22:37:46 | 000,000,502 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005.07.31 22:09:55 | 000,010,823 | ---- | C] () -- C:\WINDOWS\extend.dat

[2005.07.31 22:08:30 | 000,000,183 | ---- | C] () -- C:\WINDOWS\PowerReg.dat

[2005.07.31 18:21:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL

[2005.07.31 18:21:31 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll

[2005.07.30 17:31:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005.07.30 17:29:52 | 000,860,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2005.07.30 16:54:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005.07.30 16:48:21 | 000,022,924 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005.05.30 01:06:58 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll

[2005.05.30 01:06:57 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll

[2004.08.21 11:36:20 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AnimWnd.dll

[2004.08.04 14:00:00 | 000,448,894 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2004.08.04 14:00:00 | 000,432,214 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004.08.04 14:00:00 | 000,080,558 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2004.08.04 14:00:00 | 000,067,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004.08.04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004.08.04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2004.05.10 04:02:12 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MstartSound.dll

[2004.05.10 04:02:12 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MstartScreen.dll

[2004.05.10 04:02:10 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\MshutSound.dll

[2004.05.10 04:02:10 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\MshutScreen.dll

[2003.06.17 12:25:12 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\libpng13.dll

[2003.06.17 12:25:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[2003.05.20 03:40:06 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\IrrShape.dll

[2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll

[2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll

[2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll

[2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

[2001.08.23 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001.08.23 14:00:00 | 001,868,944 | ---- | C] () -- C:\WINDOWS\System32\RSA32_16.DLL

[2001.08.23 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2001.08.23 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2001.08.23 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2001.08.23 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2001.08.23 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2001.08.23 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2001.08.23 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2001.08.23 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2000.04.12 10:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll

[2000.04.12 10:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll

[1997.10.18 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL

 
 ========== LOP Check ==========

 

[2009.05.09 17:32:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis

[2008.01.12 13:44:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Premium

[2009.05.12 22:48:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH

[2008.08.24 20:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications

[2007.09.05 19:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft

[2009.05.16 19:04:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound

[2011.05.29 10:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Netzmanager

[2010.09.11 19:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SanDisk

[2007.12.11 23:57:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft

[2010.08.01 19:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Squeezebox

[2009.11.29 20:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SqueezeCenter

[2009.05.12 22:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager

[2006.04.14 13:27:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online

[2009.05.12 22:48:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2007.08.09 21:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom

[2007.05.30 21:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2009.05.12 22:48:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems

[2010.12.06 23:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3BF7B6DE-D2D6-4888-83BE-488663791EB5}

[2010.12.06 22:55:03 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D8116CA6-DBDF-4415-AB4A-BE0CEFB71935}

[2009.05.06 22:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Acronis

[2009.08.12 22:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Amazon

[2011.06.02 21:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\AnvSoft

[2005.11.15 23:04:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Backup MyPC

[2008.10.05 17:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Buhl Data Service

[2007.12.12 00:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Canon

[2008.08.28 22:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DataDesign

[2010.09.12 18:05:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\DVDVideoSoftIEHelpers

[2010.12.21 20:49:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\EAC

[2010.12.13 14:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\foobar2000

[2010.09.12 18:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\HandBrake

[2009.01.10 20:52:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\IMP

[2009.04.06 22:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\InfraRecorder

[2008.11.04 21:32:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\KPSA-home

[2005.11.15 23:04:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Leadertech

[2008.11.04 21:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Logs

[2009.05.19 21:36:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Mp3tag

[2010.03.07 19:01:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NCH Swift Sound

[2007.12.22 15:17:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\NewSoft

[2007.12.11 23:57:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\ScanSoft

[2008.11.04 21:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SHD Kreative Planungs-Systeme

[2009.12.27 15:25:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\SqueezePlay

[2009.01.10 18:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\streamripper

[2006.01.17 00:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\T-DSL SpeedManager

[2006.01.15 18:11:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Teledat

[2011.02.07 23:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TheLastRipper

[2007.05.30 20:51:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\TuneUp Software

[2009.10.03 19:57:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heini\Anwendungsdaten\Ulead Systems

[2011.07.29 17:15:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2010.01.30 20:43:17 | 000,000,000 | ---D | M] -- C:\ATI

[2009.01.04 20:22:49 | 000,000,000 | ---D | M] -- C:\Bases_X

[2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\cleanroom

[2010.05.10 20:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2009.07.28 21:45:05 | 000,000,000 | ---D | M] -- C:\Meine Downloads

[2007.03.11 23:16:17 | 000,000,000 | ---D | M] -- C:\mirror

[2007.04.29 10:11:24 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2009.12.11 18:37:01 | 000,000,000 | ---D | M] -- C:\NVIDIA

[2009.11.07 17:49:36 | 000,000,000 | ---D | M] -- C:\Program Files

[2011.08.21 20:51:41 | 000,000,000 | ---D | M] -- C:\Programme

[2007.03.11 23:08:44 | 000,000,000 | ---D | M] -- C:\PVRCHEDSK

[2007.09.07 18:20:49 | 000,000,000 | ---D | M] -- C:\qoobox

[2005.10.03 13:08:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2009.01.10 20:53:04 | 000,000,000 | ---D | M] -- C:\setups

[2009.01.09 23:08:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2008.10.20 19:36:24 | 000,000,000 | ---D | M] -- C:\temp

[2007.05.03 01:01:38 | 000,000,000 | ---D | M] -- C:\VIDEO_TS

[2011.08.27 13:44:30 | 000,000,000 | ---D | M] -- C:\WINDOWS

[2009.05.07 07:07:36 | 000,000,000 | ---D | M] -- C:\Zubehör

 
 < %PROGRAMFILES%\*.exe >

[2007.08.10 17:35:39 | 021,733,696 | ---- | M] (Skype Technologies S.A.                                     ) -- C:\Programme\SkypeSetup.exe

 

Invalid Environment Variable: LOCALAPPDATA

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: EXPLORER.EXE  >

[2004.08.04 01:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 
 < MD5 for: REGEDIT.EXE  >

[2004.08.04 01:58:10 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe

[2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe

[2008.04.14 08:53:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008.04.14 08:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2004.08.04 01:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2004.08.04 01:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008.04.14 08:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 
 < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-25 11:08:43

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

@Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream
 

< End of report >

--- --- ---

[/code]

Keine Ahnung, aber auch nach mehreren Versuchen wird eine Extra.txt nicht abgespeichert. Welche Einstellungen in der Anwendung OTL muss ich vornehmen um diese Datei zu generieren?

Hier noch das GMER Ergebnis.
Auch diese Scans sind über mehrere Stunden (ca. 8!!!) gelaufen und haben in der Regel zum Stillstand des Rechners geführt.

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit quick scan 2011-08-24 20:06:34

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10

Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys
 
 

---- Devices - GMER 1.0.15 ----
 

AttachedDevice  \FileSystem\Ntfs \Ntfs  sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

AttachedDevice  \FileSystem\Ntfs \Ntfs  sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)
 

---- EOF - GMER 1.0.15 ----

Malwarebytes hatte ich auch rüberschauen lassen, aber scheinbar ohne Befund

Code:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org
 

Datenbank Version: 7529
 

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512
 

22.08.2011 03:12:19

mbam-log-2011-08-22 (03-12-19).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|G:\|H:\|)

Durchsuchte Objekte: 349795

Laufzeit: 6 Stunde(n), 19 Minute(n), 4 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

Soweit erst einmal die Logfiles. Was kann ich tun?
Vielen Dank schon einmal vorab.

Gruß

Heini

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Hallo Arne,
ich kann keine weiteren Logfiles finden!?:confused:
Soll ich den Scan noch einmal laufen lassen?
Müssten die Funde aus SASW sichtbar sein?

Gruß
Heini

Nein, führ erstmal ESET aus, danach sehen wir weiter:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Here it is:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=c9f9c47605380d41a5ace75ef84c1b42

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-08-29 06:50:55

# local_time=2011-08-29 08:50:55 (+0100, Westeuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=256 16777215 100 0 125452844 125452844 0 0

# compatibility_mode=1792 16777191 100 0 76385279 76385279 0 0

# compatibility_mode=8192 67108863 100 0 248 248 0 0

# scanned=169993

# found=4

# cleaned=0

# scan_time=41396

C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup.exe        a variant of Win32/Adware.ADON application (unable to clean)        00000000000000000000000000000000        I

C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\Programme\FreeCommander\fc_setup_.zip        a variant of Win32/Adware.ADON application (unable to clean)        00000000000000000000000000000000        I

E:\Jochen\Eigene Dateien Heini\Downloads\free-wma-mp3-converter.exe        probably a variant of Win32/PSW.Agent.BUPXGWL trojan (unable to clean)        00000000000000000000000000000000        I

E:\Jochen\Eigene Dateien Heini\Downloads\streamripper-windows-installer-1.63.4.exe        probably a variant of Win32/Agent.IMGROYR trojan (unable to clean)        00000000000000000000000000000000        I

Wie krieg ich die wieder wech???

Gruß
Heini

Die Funde von ESET kannste vernachlässigen, das sind Setups die nur angemeckert werden, weil die Toolbars mitinstallieren können.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005.07.30 16:51:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009.03.24 14:14:59 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell - "" = AutoRun

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\Shell\AutoRun\command - "" = I:\DPFMate.exe

@Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

@Alternate Data Stream - 76 bytes -> C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream

:Commands

[emptytemp]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Ich hoffe so ist´s richtig...

Code:

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

C:\AUTOEXEC.BAT moved successfully.

G:\AUTOEXEC.BAT moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1feb7726-0ee5-11e0-83d5-000cf69386b2}\ not found.

File I:\DPFMate.exe not found.

ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.

ADS C:\Dokumente und Einstellungen\Heini\Eigene Dateien\Eigene PSP-Dateien:Roxio EMC Stream deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 41 bytes

 

User: Heini

->Temp folder emptied: 7278268 bytes

->Temporary Internet Files folder emptied: 34129 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 96067112 bytes

->Flash cache emptied: 577 bytes

 

User: Isabel

->Temp folder emptied: 0 bytes

 

User: Isabel.ARBEITSZIMMER

->Temp folder emptied: 74812553 bytes

->Temporary Internet Files folder emptied: 46237393 bytes

->Java cache emptied: 31426424 bytes

->FireFox cache emptied: 649208472 bytes

->Flash cache emptied: 911 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 14471998 bytes

 

User: NetworkService

->Temp folder emptied: 244458 bytes

->Temporary Internet Files folder emptied: 37664 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 45027768 bytes

%systemroot%\System32 .tmp files removed: 3599239 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 74578995 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 995,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.26.5 log created on 08292011_203137
 

Files\Folders moved on Reboot...

C:\Dokumente und Einstellungen\Heini\Lokale Einstellungen\Temp\WCESLog.log moved successfully.
 

Registry entries deleted on Reboot...

Heini

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Hier isser:

Code:

2011/08/29 21:42:08.0562 2752        TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57

2011/08/29 21:42:08.0812 2752        ================================================================================

2011/08/29 21:42:08.0812 2752        SystemInfo:

2011/08/29 21:42:08.0812 2752        

2011/08/29 21:42:08.0812 2752        OS Version: 5.1.2600 ServicePack: 3.0

2011/08/29 21:42:08.0812 2752        Product type: Workstation

2011/08/29 21:42:08.0812 2752        ComputerName: ARBEITSZIMMER

2011/08/29 21:42:08.0812 2752        UserName: Heini

2011/08/29 21:42:08.0812 2752        Windows directory: C:\WINDOWS

2011/08/29 21:42:08.0812 2752        System windows directory: C:\WINDOWS

2011/08/29 21:42:08.0812 2752        Processor architecture: Intel x86

2011/08/29 21:42:08.0812 2752        Number of processors: 1

2011/08/29 21:42:08.0812 2752        Page size: 0x1000

2011/08/29 21:42:08.0812 2752        Boot type: Normal boot

2011/08/29 21:42:08.0812 2752        ================================================================================

2011/08/29 21:42:10.0968 2752        Initialize success

2011/08/29 21:43:08.0796 3564        ================================================================================

2011/08/29 21:43:08.0796 3564        Scan started

2011/08/29 21:43:08.0796 3564        Mode: Manual; 

2011/08/29 21:43:08.0796 3564        ================================================================================

2011/08/29 21:43:11.0015 3564        ACEDRV05        (0a1e97197609f92d2425b67da0bb0a7f) C:\WINDOWS\system32\drivers\ACEDRV05.sys

2011/08/29 21:43:11.0421 3564        ACEDRV08        (da06d89cdfdd0d24de75165cf6d4270b) C:\WINDOWS\system32\drivers\ACEDRV08.sys

2011/08/29 21:43:11.0875 3564        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/08/29 21:43:12.0250 3564        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/08/29 21:43:12.0687 3564        ACRUSBTM        (45b952a3ed567264acff89e46f65331d) C:\WINDOWS\system32\drivers\ACRUSBTM.SYS

2011/08/29 21:43:13.0500 3564        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/08/29 21:43:13.0937 3564        AegisP          (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys

2011/08/29 21:43:14.0437 3564        AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

2011/08/29 21:43:16.0109 3564        ALCXSENS        (ba88534a3ceb6161e7432438b9ea4f54) C:\WINDOWS\system32\drivers\ALCXSENS.SYS

2011/08/29 21:43:16.0921 3564        ALCXWDM         (9a6a99f0d75b457e3a2267776ebe9f47) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

2011/08/29 21:43:17.0890 3564        AmdK7           (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys

2011/08/29 21:43:20.0093 3564        ASPI32          (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\ASPI32.sys

2011/08/29 21:43:20.0500 3564        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/08/29 21:43:20.0890 3564        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/08/29 21:43:22.0171 3564        ati2mtag        (492bd2a5f65f218d4ede5764a3bb67e9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2011/08/29 21:43:22.0609 3564        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/08/29 21:43:23.0046 3564        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/08/29 21:43:23.0218 3564        avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys

2011/08/29 21:43:23.0656 3564        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

2011/08/29 21:43:24.0140 3564        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

2011/08/29 21:43:24.0578 3564        AVMBTPARALLEL   (6a759d41c97fcdc6ba27fa7f2f26ec49) C:\WINDOWS\system32\DRIVERS\avmbtpar.sys

2011/08/29 21:43:24.0984 3564        AVMBTSERIAL     (4bb8956474c4770083f4f50a51f26bcf) C:\WINDOWS\system32\DRIVERS\avmbtser.sys

2011/08/29 21:43:25.0390 3564        AVMBTSND        (b087792fa885da20cc0233d7a5154a7a) C:\WINDOWS\system32\drivers\avmbtsnd.sys

2011/08/29 21:43:25.0828 3564        AVMCOWAN        (dec96d9a2463b75944869041ed15c31c) C:\WINDOWS\system32\DRIVERS\avmcowan.sys

2011/08/29 21:43:26.0281 3564        AVMPORT         (02568a764ef2c37cfa6f9c471e67d475) C:\WINDOWS\System32\drivers\avmport.sys

2011/08/29 21:43:26.0718 3564        AVMWAN          (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys

2011/08/29 21:43:27.0171 3564        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/08/29 21:43:27.0828 3564        bfubase         (45f341d5fd3afc002650c28ad447530d) C:\WINDOWS\system32\DRIVERS\bfubase.sys

2011/08/29 21:43:28.0734 3564        CAPI_CIP        (6ca1dab2b1846a4f39eb00c25fdaecf5) C:\WINDOWS\system32\DRIVERS\capi_cip.sys

2011/08/29 21:43:29.0296 3564        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/08/29 21:43:30.0031 3564        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/08/29 21:43:30.0421 3564        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/08/29 21:43:30.0812 3564        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/08/29 21:43:33.0203 3564        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/08/29 21:43:33.0921 3564        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

2011/08/29 21:43:34.0734 3564        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

2011/08/29 21:43:35.0171 3564        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/08/29 21:43:35.0625 3564        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/08/29 21:43:36.0093 3564        Dot4            (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys

2011/08/29 21:43:36.0562 3564        Dot4Print       (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

2011/08/29 21:43:37.0281 3564        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/08/29 21:43:37.0718 3564        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/08/29 21:43:38.0078 3564        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/08/29 21:43:38.0453 3564        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

2011/08/29 21:43:38.0796 3564        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/08/29 21:43:39.0250 3564        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/08/29 21:43:39.0671 3564        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/08/29 21:43:40.0093 3564        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/08/29 21:43:41.0578 3564        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/08/29 21:43:41.0968 3564        grmnusb         (cd007d03a9284bfe67d49c01213132bf) C:\WINDOWS\system32\drivers\grmnusb.sys

2011/08/29 21:43:42.0421 3564        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/08/29 21:43:43.0578 3564        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/08/29 21:43:44.0703 3564        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/08/29 21:43:45.0109 3564        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/08/29 21:43:46.0250 3564        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/08/29 21:43:46.0656 3564        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/08/29 21:43:47.0062 3564        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/08/29 21:43:47.0484 3564        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/08/29 21:43:47.0843 3564        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/08/29 21:43:48.0250 3564        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/08/29 21:43:48.0625 3564        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/08/29 21:43:49.0015 3564        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/08/29 21:43:49.0375 3564        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/08/29 21:43:49.0796 3564        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/08/29 21:43:50.0234 3564        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/08/29 21:43:51.0046 3564        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/08/29 21:43:51.0453 3564        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

2011/08/29 21:43:51.0859 3564        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/08/29 21:43:52.0250 3564        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/08/29 21:43:52.0656 3564        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/08/29 21:43:53.0500 3564        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/08/29 21:43:54.0109 3564        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/08/29 21:43:54.0625 3564        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/08/29 21:43:54.0984 3564        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/08/29 21:43:55.0390 3564        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/08/29 21:43:55.0765 3564        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/08/29 21:43:56.0171 3564        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/08/29 21:43:56.0578 3564        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

2011/08/29 21:43:57.0000 3564        NCHSSVAD        (0df9cc7b5cc173f545723f23e68fac93) C:\WINDOWS\system32\drivers\nchssvad.sys

2011/08/29 21:43:57.0453 3564        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/08/29 21:43:57.0875 3564        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/08/29 21:43:58.0265 3564        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/08/29 21:43:58.0656 3564        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/08/29 21:43:59.0062 3564        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/08/29 21:43:59.0468 3564        NETBFPAN        (518c22c02da275cb30d5beb58786129f) C:\WINDOWS\system32\DRIVERS\netbfpan.sys

2011/08/29 21:43:59.0875 3564        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/08/29 21:44:00.0281 3564        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/08/29 21:44:01.0187 3564        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/08/29 21:44:01.0765 3564        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/08/29 21:44:02.0421 3564        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/08/29 21:44:02.0812 3564        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/08/29 21:44:03.0234 3564        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/08/29 21:44:03.0656 3564        odysseyIM3      (5dcc587deba479b1f8e33aa8fb079b8a) C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys

2011/08/29 21:44:04.0109 3564        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/08/29 21:44:04.0500 3564        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/08/29 21:44:04.0921 3564        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/08/29 21:44:05.0328 3564        PCASp50         (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys

2011/08/29 21:44:05.0765 3564        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/08/29 21:44:06.0609 3564        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys

2011/08/29 21:44:07.0046 3564        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/08/29 21:44:09.0703 3564        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/08/29 21:44:10.0093 3564        Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys

2011/08/29 21:44:10.0500 3564        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/08/29 21:44:11.0187 3564        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/08/29 21:44:13.0343 3564        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/08/29 21:44:13.0765 3564        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/08/29 21:44:14.0171 3564        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/08/29 21:44:14.0593 3564        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/08/29 21:44:15.0031 3564        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/08/29 21:44:15.0453 3564        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/08/29 21:44:15.0875 3564        RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/08/29 21:44:16.0265 3564        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/08/29 21:44:16.0687 3564        ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

2011/08/29 21:44:17.0328 3564        RTL8192su       (37a78c0c71be572f15fc534fdd3782de) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys

2011/08/29 21:44:17.0531 3564        SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS

2011/08/29 21:44:17.0625 3564        SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS

2011/08/29 21:44:18.0484 3564        SBHR            (c6ea8d8c6442648746f69e3d75cacf98) C:\WINDOWS\system32\drivers\sbhr.sys

2011/08/29 21:44:18.0906 3564        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/08/29 21:44:19.0328 3564        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/08/29 21:44:19.0703 3564        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/08/29 21:44:20.0109 3564        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/08/29 21:44:20.0937 3564        SiS315          (f1bf6158ac79912bbdf71a0382fefa65) C:\WINDOWS\system32\DRIVERS\sisgrp.sys

2011/08/29 21:44:21.0437 3564        SiSide          (b4485881bd8aed9b157a2e6cf43c2d51) C:\WINDOWS\system32\DRIVERS\siside.sys

2011/08/29 21:44:21.0812 3564        sisidex         (6225224b8e846ac230f8d9b343635910) C:\WINDOWS\system32\drivers\sisidex.sys

2011/08/29 21:44:22.0218 3564        SiSkp           (224ef1530777d62b65e8c2d5e9cfa511) C:\WINDOWS\system32\DRIVERS\srvkp.sys

2011/08/29 21:44:22.0609 3564        SISNIC          (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys

2011/08/29 21:44:23.0000 3564        SISNICXP        (a1348a901a44760ccd76043525e851d0) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys

2011/08/29 21:44:23.0406 3564        sisperf         (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys

2011/08/29 21:44:23.0843 3564        snapman         (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys

2011/08/29 21:44:24.0703 3564        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/08/29 21:44:25.0093 3564        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/08/29 21:44:25.0640 3564        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/08/29 21:44:26.0125 3564        ssmdrv          (5ec550b8952882ee856b862cf648522d) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

2011/08/29 21:44:26.0500 3564        STEC3           (e4ebf293d1f612bda19b646c36715b20) C:\WINDOWS\system32\STEC3.sys

2011/08/29 21:44:27.0046 3564        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/08/29 21:44:27.0421 3564        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/08/29 21:44:29.0203 3564        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/08/29 21:44:29.0781 3564        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/08/29 21:44:30.0218 3564        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/08/29 21:44:30.0765 3564        tdrpman         (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys

2011/08/29 21:44:31.0343 3564        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/08/29 21:44:31.0609 3564        TelekomNM3      (5d528200679c3b4595b4237e02c077d5) C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys

2011/08/29 21:44:32.0109 3564        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/08/29 21:44:32.0562 3564        tifsfilter      (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys

2011/08/29 21:44:33.0062 3564        timounter       (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys

2011/08/29 21:44:34.0015 3564        TVICHW32        (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS

2011/08/29 21:44:34.0437 3564        uagp35          (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys

2011/08/29 21:44:34.0875 3564        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/08/29 21:44:35.0750 3564        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/08/29 21:44:36.0359 3564        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/08/29 21:44:36.0765 3564        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/08/29 21:44:37.0187 3564        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/08/29 21:44:37.0578 3564        usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

2011/08/29 21:44:37.0937 3564        usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/08/29 21:44:38.0343 3564        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/08/29 21:44:38.0718 3564        usb_rndisx      (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

2011/08/29 21:44:39.0140 3564        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/08/29 21:44:40.0234 3564        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/08/29 21:44:40.0687 3564        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/08/29 21:44:41.0093 3564        wceusbsh        (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

2011/08/29 21:44:41.0968 3564        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/08/29 21:44:42.0515 3564        WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/08/29 21:44:42.0921 3564        WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/08/29 21:44:43.0359 3564        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/08/29 21:44:43.0796 3564        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/08/29 21:44:43.0984 3564        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/08/29 21:44:44.0296 3564        MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

2011/08/29 21:44:44.0375 3564        MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk2\DR4

2011/08/29 21:44:45.0171 3564        Boot (0x1200)   (bd700ff2b9c012930705b8494c5cffae) \Device\Harddisk0\DR0\Partition0

2011/08/29 21:44:45.0203 3564        Boot (0x1200)   (2f42f0c2fa2b09fcd41a3dac0d1acecf) \Device\Harddisk1\DR1\Partition0

2011/08/29 21:44:45.0250 3564        Boot (0x1200)   (089f1c3cb49acc6dca8572525dd7d34e) \Device\Harddisk2\DR4\Partition0

2011/08/29 21:44:45.0281 3564        Boot (0x1200)   (19d71d2d4312017ba4670c7903dc80f7) \Device\Harddisk2\DR4\Partition1

2011/08/29 21:44:45.0296 3564        ================================================================================

2011/08/29 21:44:45.0296 3564        Scan finished

2011/08/29 21:44:45.0296 3564        ================================================================================

2011/08/29 21:44:45.0359 1564        Detected object count: 0

2011/08/29 21:44:45.0359 1564        Actual detected object count: 0

Heini

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Hier die CF-Logdatei (Teil 1):

Code:

ComboFix 11-08-30.02 - Heini 30.08.2011  20:36:13.1.1 - x86

Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.2047.1577 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\Heini\Desktop\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\dokume~1\Heini\LOKALE~1\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll

c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll

c:\dokumente und einstellungen\Heini\WINDOWS

c:\programme\newsoft

c:\programme\newsoft\Presto! PageManager 7.15\AppClassName.ini

c:\programme\newsoft\Presto! PageManager 7.15\AudioData.dll

c:\programme\newsoft\Presto! PageManager 7.15\AutmnDoc.dll

c:\programme\newsoft\Presto! PageManager 7.15\AutmnPpt.dll

c:\programme\newsoft\Presto! PageManager 7.15\AutmnXls.dll

c:\programme\newsoft\Presto! PageManager 7.15\AutoCrop.dll

c:\programme\newsoft\Presto! PageManager 7.15\AvalonPage.dll

c:\programme\newsoft\Presto! PageManager 7.15\Avi2Mpeg1.dll

c:\programme\newsoft\Presto! PageManager 7.15\AviToMpeg2.dll

c:\programme\newsoft\Presto! PageManager 7.15\BITSOFT.DIR

c:\programme\newsoft\Presto! PageManager 7.15\BOLD.PAT

c:\programme\newsoft\Presto! PageManager 7.15\Burn.dll

c:\programme\newsoft\Presto! PageManager 7.15\ccmllnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\CDIC.DLL

c:\programme\newsoft\Presto! PageManager 7.15\cmdlnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\codecvt.dll

c:\programme\newsoft\Presto! PageManager 7.15\ComClass.dll

c:\programme\newsoft\Presto! PageManager 7.15\Convert.exe

c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\CZECH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\DA.DLL

c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\DANISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\A_RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\ARECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\AUX_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLAS_P.FAC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\CLUS_T.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\T4436.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCR\WORD_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\BIG5GB.TBX

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\DEF_BIG.DIC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FACTORP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FARG_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FEATURE.SET

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FID_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FRCG_BIG.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\FWD_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GBBIG5.TBX

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\GROUPP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\INFO_BIG.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\PC120P2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\POST_BIG.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\RCG_BIG.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SIM_BIG.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\SING_BIG.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PCCRCOMM\WORD_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\A_RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\ARECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\AUX_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLAS_P.FAC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\CLUS_T.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\E76.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PECR\WORD_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\A_RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\ARECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\AUX_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\BIG5.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLAS_P.FAC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\CLUS_T.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\E76.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FACTORP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FARG_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FEATURE.SET

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FID_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FRCG_BIG.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\FWD_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\GROUPP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\INFO_BIG.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\PC120P2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\POST_BIG.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RCG_BIG.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SIM_BIG.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\SING_BIG.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_BIG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\pecrcomm\WORD_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\A_RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\ARECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\AUX_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLAS_P.FAC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\CLUS_T.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\J3477.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCR\WORD_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\DEF_JIS.DIC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\ERR_JIS.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FACTORP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FARG_JIS.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\FEATURE.SET

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\GROUPP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\INFO_JIS.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JDIC.BIN

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\JIS.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\KANA.TRI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\PC120P2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\POST_JIS.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\RCG_JIS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SIM_JIS.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\SING_JIS.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PJCRCOMM\WORD_JIS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\a_recog.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\arecog_p.inf

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\aux_arg.dat

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dat

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clas_p.fac

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\clus_t.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\cos.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\KSC_CPNT.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_recog.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\nt_trans.dat

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\T4178.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCR\word_p.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\ERR_KSC.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FACTORP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FARG_KSC.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FEATURE.SET

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.dat

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FRCG_KSC.inf

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\FWD_KSC.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\GROUPP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\INFO_KSC.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\KSC120000.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\PC120P2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.DD1

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\POST_KSC120000.tbl

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\RCG_KSC.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SIM_KSC.tbl

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\SING_KSC.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PKCRCOMM\WORD_KSC.dbs

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\A_RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\ARECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\AUX_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_F.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_M.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLAS_P.FAC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\CLUS_T.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\COS.VAR

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\DBSINFO.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\FEAT_ARG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\RECOG_P.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\S3834.ID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCR\WORD_P.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\BIG5GB.TBX

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\DEF_GB.DIC

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FACTORP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FARG_GB.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FEATURE.SET

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FRCG_GB.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\FWD_GB.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GB.HID

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GBBIG5.TBX

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\GROUPP2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\INFO_GB.INI

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\PC120P2.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\POST_GB.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.DBS

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\RCG_GB.INF

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.DAT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SIM_GB.TBL

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\SING_GB.LUT

c:\programme\newsoft\Presto! PageManager 7.15\DBASE\PSCRCOMM\WORD_GB.DBS

c:\programme\newsoft\Presto! PageManager 7.15\dcexport.dll

c:\programme\newsoft\Presto! PageManager 7.15\dcfr.dll

c:\programme\newsoft\Presto! PageManager 7.15\Default.rec

c:\programme\newsoft\Presto! PageManager 7.15\DibToMpeg.dll

c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\DUTCH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE0.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE1.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE13.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE15.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE20.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE23.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE3.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE5.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGINE7.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\ENGLISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\ExcelVBA.dll

c:\programme\newsoft\Presto! PageManager 7.15\ExeBud32.dll

c:\programme\newsoft\Presto! PageManager 7.15\Execute.ini

c:\programme\newsoft\Presto! PageManager 7.15\EXPORT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE

c:\programme\newsoft\Presto! PageManager 7.15\EXPupk32.EXE.manifest

c:\programme\newsoft\Presto! PageManager 7.15\expvw.exe

c:\programme\newsoft\Presto! PageManager 7.15\faxlnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\fid.dll

c:\programme\newsoft\Presto! PageManager 7.15\FineOCREngine.dll

c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\FINNISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\Fioall.dll

c:\programme\newsoft\Presto! PageManager 7.15\Fioall.ini

c:\programme\newsoft\Presto! PageManager 7.15\FioAll32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioBmp32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL.INI

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOALL32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOBMP32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOEXT32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOFPX32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOGIF32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOJPG32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCD32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCT32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPCX32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPNG32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOPOF32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTGA32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOTIF32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\FIOWMF32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\JPEGLIB.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIG3432.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FIODLL\UCIJPG32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\FioExt32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioFpx32.dll

c:\programme\newsoft\Presto! PageManager 7.15\fiogif32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioJpg32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioPcd32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioPct32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioPcx32.dll

c:\programme\newsoft\Presto! PageManager 7.15\fiopng32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioPof32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioPsd32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioTga32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioThumb.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioTif32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FioWmf32.dll

c:\programme\newsoft\Presto! PageManager 7.15\FOBJ420.DLL

c:\programme\newsoft\Presto! PageManager 7.15\foldrlnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\FontTok.ini

c:\programme\newsoft\Presto! PageManager 7.15\fpxlib.dll

c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\FRENCH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\FT.dll

c:\programme\newsoft\Presto! PageManager 7.15\Function.ini

c:\programme\newsoft\Presto! PageManager 7.15\gdiplus.dll

c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LCD

c:\programme\newsoft\Presto! PageManager 7.15\GERMAN.LMD

c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.dll

c:\programme\newsoft\Presto! PageManager 7.15\GetPhotoPath.ini

c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LCD

c:\programme\newsoft\Presto! PageManager 7.15\GREEK.LMD

c:\programme\newsoft\Presto! PageManager 7.15\GRINF11.DLL

c:\programme\newsoft\Presto! PageManager 7.15\hookdll.dll

c:\programme\newsoft\Presto! PageManager 7.15\HUNGAR.LCD

c:\programme\newsoft\Presto! PageManager 7.15\iConvert16.dll

c:\programme\newsoft\Presto! PageManager 7.15\ijl15.dll

c:\programme\newsoft\Presto! PageManager 7.15\IMAGE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\ImgToAviExe.dll

c:\programme\newsoft\Presto! PageManager 7.15\imgtool.dll

c:\programme\newsoft\Presto! PageManager 7.15\Import.dll

c:\programme\newsoft\Presto! PageManager 7.15\ImportOldDB.exe

c:\programme\newsoft\Presto! PageManager 7.15\InitCtrl.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\adinit.dat

c:\programme\newsoft\Presto! PageManager 7.15\Inso\CMMAP000.BIN

c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEBMP.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEHEX.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\DEMET.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\DESS.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\DETREE.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\dewp.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBFPX2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBGP42.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBJPG2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPCD2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBPSD2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXBM2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXPM2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IBXWD2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD32.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD42.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD52.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD62.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD72.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCD82.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCDR2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM52.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCM72.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMCMX2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMDSF2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMFMV2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGDF2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMGEM2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMIGS2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMMET2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPIF2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPS_2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSI2.flt

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMPSZ2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IMRND2.FLT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\IPHGW2.flt

c:\programme\newsoft\Presto! PageManager 7.15\Inso\ISGDI32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSD13.TLB

c:\programme\newsoft\Presto! PageManager 7.15\Inso\LTSCSN10.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIN.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\LWPAPIPN.DAT

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCCH.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCDA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccdu.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCFI.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccfmt.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCLO.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCOLE.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\sccra.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCTA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCUT.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\SCCVW.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsacad.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSACS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSAMI.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBDR.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSBMP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSCGM.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDBS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDEZ.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDIF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDRW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSDX.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEMF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEN4.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSENW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSESHR.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSEXE2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFAX.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFCS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFFT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFLW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSFWK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSgdsf.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGIF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSGZIP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHGS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSHTML.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vshwp.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSICH6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIMG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSIWP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSJW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLEG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLWP.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSLZH.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSM11.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMANU.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMCW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsmif.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMM4.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMMFN.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMPP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMSW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWKS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWP2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWPF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSMWRK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSOW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPBM.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCL.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPCX.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspdfi.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPDX.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPFS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPGL.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPIC.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPICT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPNTG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP7.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPP97.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSPPL.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspsp6.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vspst.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQA.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQAD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSQP9.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRAS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRBS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRFX.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSRTF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSAM.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSC5.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSDW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSHW3.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSMT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSNAP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vsso6.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoc.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssoi.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vssow.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSSPT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTAZ.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTEXT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTGA.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTIF6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSTXT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVCRD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVISO.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSVW3.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSW97.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswbmp.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWG2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK4.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWK6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWKS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWM.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWMF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\vswml.dll

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORD.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWORK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP5.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWP6.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPF.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPG2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPL.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWPW.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSWS2.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXL5.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSXY.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Inso\VSZIP.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Ism.dll

c:\programme\newsoft\Presto! PageManager 7.15\IsmDraw.dll

c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LCD

c:\programme\newsoft\Presto! PageManager 7.15\ITALIAN.LMD

c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PAT

c:\programme\newsoft\Presto! PageManager 7.15\ITALIC.PTS

c:\programme\newsoft\Presto! PageManager 7.15\Jpeglib.dll

c:\programme\newsoft\Presto! PageManager 7.15\JpgLib.dll

c:\programme\newsoft\Presto! PageManager 7.15\KSC_CPNT.TBL

c:\programme\newsoft\Presto! PageManager 7.15\LANGUAGE\TEXTLANG.DAT

c:\programme\newsoft\Presto! PageManager 7.15\lcppn22.dll

c:\programme\newsoft\Presto! PageManager 7.15\LCSPELL.DLL

c:\programme\newsoft\Presto! PageManager 7.15\LICENSE of Info-Zip.txt

c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdate.dll

c:\programme\newsoft\Presto! PageManager 7.15\LiveUpdateTray.exe

c:\programme\newsoft\Presto! PageManager 7.15\Lpm.dll

c:\programme\newsoft\Presto! PageManager 7.15\LUTRAY.ini

c:\programme\newsoft\Presto! PageManager 7.15\LUTRAYMSG.ini

c:\programme\newsoft\Presto! PageManager 7.15\lzexpand.dlx

c:\programme\newsoft\Presto! PageManager 7.15\mapilnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PAT

c:\programme\newsoft\Presto! PageManager 7.15\MATRIX.PTS

c:\programme\newsoft\Presto! PageManager 7.15\memio.dll

c:\programme\newsoft\Presto! PageManager 7.15\MergePDF.dll

c:\programme\newsoft\Presto! PageManager 7.15\MFC40.DLL

c:\programme\newsoft\Presto! PageManager 7.15\MFC42.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Mpg1

c:\programme\newsoft\Presto! PageManager 7.15\MsMail.exe

c:\programme\newsoft\Presto! PageManager 7.15\msvcirt.dll

c:\programme\newsoft\Presto! PageManager 7.15\msvcp50.dll

c:\programme\newsoft\Presto! PageManager 7.15\MSVCP60.DLL

c:\programme\newsoft\Presto! PageManager 7.15\msvcrt.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetDll.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetFun2K.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetFun98.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetGroup.exe

c:\programme\newsoft\Presto! PageManager 7.15\NetGroupDll.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.dll

c:\programme\newsoft\Presto! PageManager 7.15\NetScanDll.lib

c:\programme\newsoft\Presto! PageManager 7.15\Netsearch.avi

c:\programme\newsoft\Presto! PageManager 7.15\NEWSOFT

c:\programme\newsoft\Presto! PageManager 7.15\NewsoftLink.dll

c:\programme\newsoft\Presto! PageManager 7.15\nextpwd.dll

c:\programme\newsoft\Presto! PageManager 7.15\NGRMCSY.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMDAN.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMDUT.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMENG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMFIN.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMFRA.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMGER.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMGRE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMITA.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMNON.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMNOR.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMPLK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMPTG.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMRUS.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMSPN.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMSWE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NGRMTRK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PAT

c:\programme\newsoft\Presto! PageManager 7.15\NORMAL.PTS

c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LCD

c:\programme\newsoft\Presto! PageManager 7.15\NORWBOK.LMD

c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LCD

c:\programme\newsoft\Presto! PageManager 7.15\NORWNYN.LMD

c:\programme\newsoft\Presto! PageManager 7.15\Noteslnk.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NSCDVD.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsFip.dll

c:\programme\newsoft\Presto! PageManager 7.15\nsfpx.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsFunTable.DB

c:\programme\newsoft\Presto! PageManager 7.15\NsKeyTable.DB

c:\programme\newsoft\Presto! PageManager 7.15\NSMEM.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsOEMKey.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsPdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsScan.dll

c:\programme\newsoft\Presto! PageManager 7.15\NsScanToOcr.exe

c:\programme\newsoft\Presto! PageManager 7.15\NsScanToPdf.exe

c:\programme\newsoft\Presto! PageManager 7.15\NSSP.dll

c:\programme\newsoft\Presto! PageManager 7.15\NSWia.dll

c:\programme\newsoft\Presto! PageManager 7.15\NSWinZip.dll

c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK16.DLL

c:\programme\newsoft\Presto! PageManager 7.15\NTSTHK32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\OCR.dll

c:\programme\newsoft\Presto! PageManager 7.15\ocr.str

c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.dll

c:\programme\newsoft\Presto! PageManager 7.15\OCRLang.ini

c:\programme\newsoft\Presto! PageManager 7.15\OCRUtil.dll

c:\programme\newsoft\Presto! PageManager 7.15\OLDPNG32.DLL

c:\programme\newsoft\Presto! PageManager 7.15\OnLine.txt

c:\programme\newsoft\Presto! PageManager 7.15\OutlookVBA.dll

c:\programme\newsoft\Presto! PageManager 7.15\pack.dll

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\back.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_dw.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\close_fy.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\NSVIDEO.DLL

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_dw.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\play_fy.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_dw.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_fy.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\stop_up.bmp

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VCARD.INI

c:\programme\newsoft\Presto! PageManager 7.15\PackExe\VMPLAYER.exe

c:\programme\newsoft\Presto! PageManager 7.15\Palette.map

c:\programme\newsoft\Presto! PageManager 7.15\Paper.lst

c:\programme\newsoft\Presto! PageManager 7.15\PART.PAT

c:\programme\newsoft\Presto! PageManager 7.15\PART.PTS

c:\programme\newsoft\Presto! PageManager 7.15\pccrsdk.dll

c:\programme\newsoft\Presto! PageManager 7.15\PcdLib32.dll

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.cab

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data1.hdr

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\data2.cab

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\engine32.cab

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\layout.bin

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.exe

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ibt

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.ini

c:\programme\newsoft\Presto! PageManager 7.15\PDFDrvSetup\setup.inx

c:\programme\newsoft\Presto! PageManager 7.15\pdflib.dll

c:\programme\newsoft\Presto! PageManager 7.15\PdfViewerDl.dll

c:\programme\newsoft\Presto! PageManager 7.15\PDFWDLL.dll

c:\programme\newsoft\Presto! PageManager 7.15\PDFWriter.dll

c:\programme\newsoft\Presto! PageManager 7.15\PerformOcr.dll

c:\programme\newsoft\Presto! PageManager 7.15\PHooKDlg.dll

c:\programme\newsoft\Presto! PageManager 7.15\Pm.ini

c:\programme\newsoft\Presto! PageManager 7.15\Pm60DB.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMANO.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMAnoSet.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMAppBar.dll

c:\programme\newsoft\Presto! PageManager 7.15\Pmapps.ini

c:\programme\newsoft\Presto! PageManager 7.15\PMAPPU.INI

c:\programme\newsoft\Presto! PageManager 7.15\PMApSet.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMCommon.dll

c:\programme\newsoft\Presto! PageManager 7.15\pmdata.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMDB.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMDocVW.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMExeBud.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMIEVW.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMImgVW.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMINSO.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMISM.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMMAIL.EXE.manifest

c:\programme\newsoft\Presto! PageManager 7.15\PMMKView.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMNotes.exe

c:\programme\newsoft\Presto! PageManager 7.15\pmNotes.str

c:\programme\newsoft\Presto! PageManager 7.15\PMPageVW.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFView.str

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\add-to-xpdfrc

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\Adobe-GB1.cidToUnicode

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-0

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-1

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-3

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-4

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\Adobe-GB1-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GB-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBK2K-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBKp-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-UCS2C

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBpc-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBT-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\GBTpc-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UCS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF16-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\CMap\UniGB-UTF8-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\EUC-CN.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\GBK.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\gkai00mp.ttf

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\ISO-2022-CN.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-s\README

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\add-to-xpdfrc

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Adobe-CNS1.cidToUnicode

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\Big5ascii.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\bkai00mp.ttf

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-0

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-1

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-3

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\Adobe-CNS1-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-UCS2C

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\B5pc-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS1-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\CNS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETen-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETenms-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\ETHK-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdla-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKdlb-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKgccs-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm314-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKm471-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\HKscs-B5-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UCS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF16-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\CMap\UniCNS-UTF8-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\chinese-t\README

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\add-to-xpdfrc

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Adobe-Japan1.cidToUnicode

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\78ms-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\83pv-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90ms-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90msp-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-UCS2C

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\90pv-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Add-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-0

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-1

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-3

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-4

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Adobe-Japan1-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Ext-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hankaku

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Hiragana

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Katakana

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\NWP-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\RKSJ-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\Roman

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-HW-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UCS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF16-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJIS-UTF8-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-HW-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UCS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\UniJISPro-UTF8-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\CMap\WP-Symbol

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\EUC-JP.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\ISO-2022-JP.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\kochi-mincho.ttf

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\README

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\japanese\Shift-JIS.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\add-to-xpdfrc

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\Adobe-Korea1.cidToUnicode

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\batang.ttf

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-0

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-1

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\Adobe-Korea1-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-Johab-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-HW-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCms-UHC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-UCS2C

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\KSCpc-EUC-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UCS2-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF16-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-H

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\CMap\UniKS-UTF8-V

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\ISO-2022-KR.unicodeMap

c:\programme\newsoft\Presto! PageManager 7.15\PMPDFVIEW\korean\README

c:\programme\newsoft\Presto! PageManager 7.15\PMProp.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMSave.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMSavePdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\pmsavepdf.str

c:\programme\newsoft\Presto! PageManager 7.15\PMSaveXPS.dll

c:\programme\newsoft\Presto! PageManager 7.15\Pmsb.exe

c:\programme\newsoft\Presto! PageManager 7.15\pmsb.ini

c:\programme\newsoft\Presto! PageManager 7.15\pmsb.str

c:\programme\newsoft\Presto! PageManager 7.15\PMScnSet.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMSearch.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMSet.dll

c:\programme\newsoft\Presto! PageManager 7.15\pmset.ini

c:\programme\newsoft\Presto! PageManager 7.15\pmsetap.ini

c:\programme\newsoft\Presto! PageManager 7.15\PMStatus.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMToApp.ilk

c:\programme\newsoft\Presto! PageManager 7.15\PMTree.dll

c:\programme\newsoft\Presto! PageManager 7.15\pmtwain.dll

c:\programme\newsoft\Presto! PageManager 7.15\pmVideo.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMView.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMVIEW.EX_

c:\programme\newsoft\Presto! PageManager 7.15\PMVLink.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMVoice.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMXpsCreator.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMXpsHostView.dll

c:\programme\newsoft\Presto! PageManager 7.15\PMXpsView.dll

c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\POLISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LCD

c:\programme\newsoft\Presto! PageManager 7.15\PORTUG.LMD

c:\programme\newsoft\Presto! PageManager 7.15\post.dll

c:\programme\newsoft\Presto! PageManager 7.15\PowerTVBA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Prestopm.exe

c:\programme\newsoft\Presto! PageManager 7.15\prestopm.str

c:\programme\newsoft\Presto! PageManager 7.15\Print.dll

c:\programme\newsoft\Presto! PageManager 7.15\Print.str

c:\programme\newsoft\Presto! PageManager 7.15\PrintFun.exe

c:\programme\newsoft\Presto! PageManager 7.15\PrintFunLnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\PrintHook.dll

c:\programme\newsoft\Presto! PageManager 7.15\printlnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\PrnDrvSetup.dll

c:\programme\newsoft\Presto! PageManager 7.15\PrnSetup.ini

c:\programme\newsoft\Presto! PageManager 7.15\Psapi.dll

c:\programme\newsoft\Presto! PageManager 7.15\PSaver.scr

c:\programme\newsoft\Presto! PageManager 7.15\PShow.exe

c:\programme\newsoft\Presto! PageManager 7.15\PTLIB.dll

c:\programme\newsoft\Presto! PageManager 7.15\Qem.dll

c:\programme\newsoft\Presto! PageManager 7.15\RapDocImg.dll

c:\programme\newsoft\Presto! PageManager 7.15\ReadFileData.dll

c:\programme\newsoft\Presto! PageManager 7.15\Readme.txt

c:\programme\newsoft\Presto! PageManager 7.15\ReadTxtInfo.dll

c:\programme\newsoft\Presto! PageManager 7.15\Recogn.dll

c:\programme\newsoft\Presto! PageManager 7.15\RECPAGE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe

c:\programme\newsoft\Presto! PageManager 7.15\regapp.exe.manifest

c:\programme\newsoft\Presto! PageManager 7.15\RegSession.dll

c:\programme\newsoft\Presto! PageManager 7.15\RemoveIcons.ico

c:\programme\newsoft\Presto! PageManager 7.15\RemovePMUserData.exe

c:\programme\newsoft\Presto! PageManager 7.15\res\Backup.ico

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_down.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_no.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_on.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_burn_up.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_down.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_no.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_on.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_eject_up.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_down.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_no.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_on.bmp

c:\programme\newsoft\Presto! PageManager 7.15\res\bt_record_up.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\blue_background.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p1.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P2.JPG

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p3.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P3.JPG

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Dlg_p4.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Resource\DLG_P4.JPG

c:\programme\newsoft\Presto! PageManager 7.15\Resource\IE_bg.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\MENUBAR_BG.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Resource\network_scanner.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p2.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p3.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Task_p4.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\Toolbar_bg.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Resource\toolbar_bg1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Restore.dll

c:\programme\newsoft\Presto! PageManager 7.15\RPR371.JRT

c:\programme\newsoft\Presto! PageManager 7.15\Samples\AutumnView.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Samples\BizCard 5.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\DVD PowerSuite 2.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Forms.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\History.JPG

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Lake.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Samples\License.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Mr.photo3.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\PageManager 7.pdf

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Play Ground.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Shop.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Samples\Tower.jpg

c:\programme\newsoft\Presto! PageManager 7.15\Samples\VideoWorks6.pdf

c:\programme\newsoft\Presto! PageManager 7.15\SaveToJpg.dll

c:\programme\newsoft\Presto! PageManager 7.15\SCANMAN.DRV

c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.dll

c:\programme\newsoft\Presto! PageManager 7.15\ScanModule.str

c:\programme\newsoft\Presto! PageManager 7.15\SCANNERS.DAT

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\card_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Doc_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Letter_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\magazine_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Other_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo.BMP

c:\programme\newsoft\Presto! PageManager 7.15\Scantype\Photo_c.BMP

c:\programme\newsoft\Presto! PageManager 7.15\ScrBase.dll

c:\programme\newsoft\Presto! PageManager 7.15\search.avi

c:\programme\newsoft\Presto! PageManager 7.15\Segment.dll

c:\programme\newsoft\Presto! PageManager 7.15\shfolder.dll

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\bottom.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button-1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Button.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\close.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Dlg_bk.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\header.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll2.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll3.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\hscroll4.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\left.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\listv_bk.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\mrphoto.nsz

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\right.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\top1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\treev_bk.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll2.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll3.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vscroll4.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin1.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\vspin2.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\3PForPM\Wnd_bk.bmp

c:\programme\newsoft\Presto! PageManager 7.15\Skin\skin.ini

c:\programme\newsoft\Presto! PageManager 7.15\SlideBarDLL.dll

c:\programme\newsoft\Presto! PageManager 7.15\sosalnk.dll

c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\SPANISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\ssceam2.clx

c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\SWEDISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\Tcm.dll

c:\programme\newsoft\Presto! PageManager 7.15\TestImage2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\Trash.ico

c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LCD

c:\programme\newsoft\Presto! PageManager 7.15\TURKISH.LMD

c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PAT

c:\programme\newsoft\Presto! PageManager 7.15\TYPEWRIT.PTS

c:\programme\newsoft\Presto! PageManager 7.15\UciG3432.dll

c:\programme\newsoft\Presto! PageManager 7.15\UciJpg32.dll

c:\programme\newsoft\Presto! PageManager 7.15\UFioDll.dll

c:\programme\newsoft\Presto! PageManager 7.15\UFSE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\umxnts32.dll

c:\programme\newsoft\Presto! PageManager 7.15\UNDERLIN.PAT

c:\programme\newsoft\Presto! PageManager 7.15\UNPACK.DLL

c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe

c:\programme\newsoft\Presto! PageManager 7.15\unregapp.exe.manifest

c:\programme\newsoft\Presto! PageManager 7.15\unzip32.dll

c:\programme\newsoft\Presto! PageManager 7.15\UserDict.tlx

c:\programme\newsoft\Presto! PageManager 7.15\UXFSE.DLL

c:\programme\newsoft\Presto! PageManager 7.15\Vcd_NTSC

c:\programme\newsoft\Presto! PageManager 7.15\Vcd_PAL

c:\programme\newsoft\Presto! PageManager 7.15\VideoData.dll

c:\programme\newsoft\Presto! PageManager 7.15\VisioVBA.dll

c:\programme\newsoft\Presto! PageManager 7.15\VMPLAYER.exe

c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe

c:\programme\newsoft\Presto! PageManager 7.15\Wait.exe.manifest

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_robohelp.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\cshdat_webhelp.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\default.skn

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\ehlpdhtm.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index.log

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_csh.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\index_rhc.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G.css

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\01.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\02.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\03.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\04.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\05.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\06.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\07.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\08.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\09.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\10.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\100.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\101.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\11.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\12.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\13.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\14.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\15.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\16.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\17.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\18.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\19.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\20.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\21.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\22.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\23.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\24.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\25.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\26.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\27.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\28.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\29.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\30.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\31.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\32.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\33.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\34.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\41.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\42.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\43.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\44.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\45.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\46.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\47.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\48.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\49.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\50.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\51.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\52.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\53.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\54.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\55.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\56.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\57.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\58.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\59.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\60.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\61.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\62.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\63.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\64.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\65.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\66.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\67.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\68.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\69.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\70.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\71.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\72.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\73.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\74.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\75.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\76.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\77.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\78.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\79.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\80.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\81.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\82.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\83.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\84.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\85.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\86.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\87.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\88.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\89.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\90.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\91.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\92.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\93.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\94.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\95.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\96.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\97.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\98.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\html\99.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image001.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image003.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image005.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image009.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image013.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image014.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image016.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image018.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image020.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image022.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image024.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image026.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image028.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image030.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image032.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image034.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image036.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image038.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image040.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image041.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image043.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image045.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image047.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image049.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image051.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image053.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image055.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image057.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image059.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image061.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image063.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image065.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image069.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image074.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image075.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image076.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image078.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image080.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image082.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image084.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image086.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image087.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image089.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image091.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image093.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image095.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image096.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image098.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image100.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image101.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image102.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image104.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image106.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image107.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image109.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image111.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image113.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image114.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image115.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image117.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image119.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image121.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image123.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image125.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image127.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image129.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image13.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image130.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image131.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image133.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image135.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image137.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image139.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image14.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image141.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image143.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image145.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image147.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image149.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image15.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image150.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image152.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image153.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image154.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image156.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image158.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image16.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image160.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image162.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image164.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image166.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image168.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image17.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image170.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image172.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image173.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image174.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image176.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image178.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image18.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image180.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image182.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image184.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image185.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image186.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image188.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image189.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image19.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image191.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image193.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image194.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image195.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image196.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image197.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image199.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image2.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image200.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image201.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image202.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image203.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image205.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image206.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image208.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image209.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image210.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image211.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image212.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\image3.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Introduction_G_copy.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\MainScreen_G_copy.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_files\image\Pageview_XPS_copy.jpg

und wg. der Größe hier Teil 2

Code:

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\PM7_G_ns.css

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\RoboHHRE.lng

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.cab

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\webhelp.jar

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcsh_home.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whcshdata.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whftdata0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfts.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata1.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata2.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata3.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata4.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whfwdata5.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whgdata.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whglo.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidata0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whidx.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtdata0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whdata\whtoc.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whestart.ico

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfbody.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfdhtml.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfform.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whfhost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whform.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whframes.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgbody.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whexpbar.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf1.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf10.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf11.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf2.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf3.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf4.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf5.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf6.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf7.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf8.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstf9.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl1.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl10.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl11.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl12.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl13.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl14.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl15.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl16.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl17.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl18.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl19.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl2.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl20.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl21.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl22.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl23.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl3.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl4.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl5.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl6.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl7.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl8.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstfl9.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstg0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlsti0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt0.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt1.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt10.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt11.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt12.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt13.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt14.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt15.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt16.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt17.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt18.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt19.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt2.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt20.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt21.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt22.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt3.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt4.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt5.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt6.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt7.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt8.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whlstt9.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf30.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf31.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf32.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvf33.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl31.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl32.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvl33.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp30.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp31.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp32.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvp33.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt30.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt31.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt32.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdata\whnvt33.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdef.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whgdhtml.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whghost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whhost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whibody.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whidhtml.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whiform.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whihost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whlang.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmozemu.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whmsg.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whnjs.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whphost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproj.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whproxy.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whres.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whrstart.ico

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_banner.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_blank.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset01.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_frmset010.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_homepage.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_info.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_mbars.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_papplet.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pdhtml.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_pickup.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_plist.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whskin_tbars.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whst_topics.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.ico

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstart.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whstub.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abge.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgi.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abgw.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abte.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abti.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_abtw.jpg

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_h.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_fts_n.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_h.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_glo_n.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_go.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_hide.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_h.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_idx_n.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo1.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_logo2.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_next_g.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_prev_g.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_spac.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_sync.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab0.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab1.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab2.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab3.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab4.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab5.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab6.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab7.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_tab8.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_h.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc_n.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc1.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc2.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc3.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_toc4.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\wht_ws_g.gif

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtbar.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtdhtml.htm

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whthost.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whtopic.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whutils.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whver.js

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whftdata0.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfts.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata0.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata1.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata2.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata3.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata4.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whfwdata5.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whglo.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidata0.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whidx.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtdata0.xml

c:\programme\newsoft\Presto! PageManager 7.15\WebHelp\whxdata\whtoc.xml

c:\programme\newsoft\Presto! PageManager 7.15\WEBSYNC.INI

c:\programme\newsoft\Presto! PageManager 7.15\WebSyncEx.dll

c:\programme\newsoft\Presto! PageManager 7.15\WordVBA.dll

c:\programme\newsoft\Presto! PageManager 7.15\Work\ANNODB\stamp.___

c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.exe

c:\programme\newsoft\Presto! PageManager 7.15\WpdfViewer.tlb

c:\programme\newsoft\Presto! PageManager 7.15\WriteData2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\WriteDriver2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\WriteIfo2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\WriteOcr2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\WriteTxt2Pdf.dll

c:\programme\newsoft\Presto! PageManager 7.15\xpdfrc

c:\programme\newsoft\Presto! PageManager 7.15\XpsCreator.dll

c:\programme\newsoft\Presto! PageManager 7.15\zip32.dll

c:\windows\IsUn0407.exe

c:\windows\unin0407.exe

c:\windows\XSxS

H:\install.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_STEC3

-------\Service_STEC3

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-07-28 bis 2011-08-30  ))))))))))))))))))))))))))))))

.

.

2011-08-29 22:29 . 2011-08-29 22:29        --------        d-----w-        c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Samsung

2011-08-29 22:27 . 2011-07-18 04:24        136808        ----a-w-        c:\windows\system32\drivers\ssadmdm.sys

2011-08-29 22:27 . 2011-07-18 04:24        12776        ----a-w-        c:\windows\system32\drivers\ssadmdfl.sys

2011-08-29 22:23 . 2011-08-29 22:26        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Samsung

2011-08-29 22:16 . 2011-08-29 22:16        --------        d-----w-        c:\dokumente und einstellungen\Heini\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations

2011-08-29 18:31 . 2011-08-29 18:31        --------        d-----w-        C:\_OTL

2011-08-28 19:16 . 2011-08-28 19:16        --------        d-----w-        c:\programme\ESET

2011-08-21 18:51 . 2011-08-21 18:51        --------        d-----w-        c:\dokumente und einstellungen\Heini\Anwendungsdaten\Malwarebytes

2011-08-21 18:51 . 2011-07-06 17:52        41272        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-21 18:51 . 2011-08-21 18:51        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2011-08-21 18:51 . 2011-08-21 18:51        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2011-08-21 18:51 . 2011-07-06 17:52        22712        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-08-13 09:38 . 2011-08-13 09:38        --------        d-----w-        c:\dokumente und einstellungen\Heini\Anwendungsdaten\SUPERAntiSpyware.com

2011-08-11 14:27 . 2011-06-24 14:10        139656        -c----w-        c:\windows\system32\dllcache\rdpwd.sys

2011-08-11 14:26 . 2011-07-08 14:02        10496        -c----w-        c:\windows\system32\dllcache\ndistapi.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-08-23 19:16 . 2011-05-15 10:00        404640        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-26 15:26 . 2011-07-26 15:26        90112        ----a-w-        c:\windows\MAMCityDownload.ocx

2011-07-26 15:26 . 2011-07-26 15:26        325552        ----a-w-        c:\windows\MASetupCaller.dll

2011-07-26 15:26 . 2011-07-26 15:26        30568        ----a-w-        c:\windows\MusiccityDownload.exe

2011-07-26 15:26 . 2011-07-26 15:26        974848        ----a-w-        c:\windows\system32\cis-2.4.dll

2011-07-26 15:26 . 2011-07-26 15:26        81920        ----a-w-        c:\windows\system32\issacapi_bs-2.3.dll

2011-07-26 15:26 . 2011-07-26 15:26        65536        ----a-w-        c:\windows\system32\issacapi_pe-2.3.dll

2011-07-26 15:26 . 2011-07-26 15:26        57344        ----a-w-        c:\windows\system32\MTXSYNCICON.dll

2011-07-26 15:26 . 2011-07-26 15:26        57344        ----a-w-        c:\windows\system32\MK_Lyric.dll

2011-07-26 15:26 . 2011-07-26 15:26        57344        ----a-w-        c:\windows\system32\issacapi_se-2.3.dll

2011-07-26 15:26 . 2011-07-26 15:26        569344        ----a-w-        c:\windows\system32\muzdecode.ax

2011-07-26 15:26 . 2011-07-26 15:26        491520        ----a-w-        c:\windows\system32\muzapp.dll

2011-07-26 15:26 . 2011-07-26 15:26        49152        ----a-w-        c:\windows\system32\MaJGUILib.dll

2011-07-26 15:26 . 2011-07-26 15:26        45056        ----a-w-        c:\windows\system32\MaXMLProto.dll

2011-07-26 15:26 . 2011-07-26 15:26        45056        ----a-w-        c:\windows\system32\MACXMLProto.dll

2011-07-26 15:26 . 2011-07-26 15:26        40960        ----a-w-        c:\windows\system32\MTTELECHIP.dll

2011-07-26 15:26 . 2011-07-26 15:26        40960        ----a-w-        c:\windows\system32\MAMACExtract.dll

2011-07-26 15:26 . 2011-07-26 15:26        352256        ----a-w-        c:\windows\system32\MSLUR71.dll

2011-07-26 15:26 . 2011-07-26 15:26        258048        ----a-w-        c:\windows\system32\muzoggsp.ax

2011-07-26 15:26 . 2011-07-26 15:26        245760        ----a-w-        c:\windows\system32\MSCLib.dll

2011-07-26 15:26 . 2011-07-26 15:26        24576        ----a-w-        c:\windows\system32\MASetupCleaner.exe

2011-07-26 15:26 . 2011-07-26 15:26        200704        ----a-w-        c:\windows\system32\muzwmts.dll

2011-07-26 15:26 . 2011-07-26 15:26        172032        ----a-w-        c:\windows\system32\muzapp.exe

2011-07-26 15:26 . 2011-07-26 15:26        155648        ----a-w-        c:\windows\system32\MSFLib.dll

2011-07-26 15:26 . 2011-07-26 15:26        143360        ----a-w-        c:\windows\system32\3DAudio.ax

2011-07-26 15:26 . 2011-07-26 15:26        14336        ----a-w-        c:\windows\system32\avrt.dll

2011-07-26 15:26 . 2011-07-26 15:26        135168        ----a-w-        c:\windows\system32\muzaf1.dll

2011-07-26 15:26 . 2011-07-26 15:26        131072        ----a-w-        c:\windows\system32\muzmpgsp.ax

2011-07-26 15:26 . 2011-07-26 15:26        122880        ----a-w-        c:\windows\system32\muzeffect.ax

2011-07-26 15:26 . 2011-07-26 15:26        118784        ----a-w-        c:\windows\system32\MaDRM.dll

2011-07-26 15:26 . 2011-07-26 15:26        110592        ----a-w-        c:\windows\system32\muzmp4sp.ax

2011-07-15 13:29 . 2001-08-23 12:00        456320        ----a-w-        c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02 . 2001-08-23 12:00        10496        ----a-w-        c:\windows\system32\drivers\ndistapi.sys

2011-07-03 16:31 . 2011-07-03 16:32        73728        ----a-w-        c:\windows\system32\javacpl.cpl

2011-07-03 16:31 . 2010-08-04 19:09        472808        ----a-w-        c:\windows\system32\deployJava1.dll

2011-06-30 18:49 . 2009-03-27 18:13        66616        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2011-06-30 18:49 . 2009-03-27 18:13        138192        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2011-06-24 14:10 . 2005-07-30 14:46        139656        ----a-w-        c:\windows\system32\drivers\rdpwd.sys

2011-06-21 18:18 . 2008-03-09 18:41        672768        ----a-w-        c:\windows\system32\wininet.dll

2011-06-21 18:18 . 2004-08-04 12:00        81920        ----a-w-        c:\windows\system32\ieencode.dll

2011-06-21 18:18 . 2001-08-23 12:00        61952        ----a-w-        c:\windows\system32\tdc.ocx

2011-06-21 18:16 . 2004-08-04 12:00        371200        ----a-w-        c:\windows\system32\html.iec

2011-06-20 17:44 . 2001-08-23 12:00        293888        ----a-w-        c:\windows\system32\winsrv.dll

2011-06-06 11:35 . 2001-08-23 12:00        1859072        ----a-w-        c:\windows\system32\win32k.sys

2007-08-10 15:35 . 2007-08-10 15:28        21733696        ----a-w-        c:\programme\SkypeSetup.exe

2008-01-29 12:51 . 2008-01-29 12:51        27976        ----a-w-        c:\programme\mozilla firefox\plugins\atgpcdec.dll

2008-01-29 12:51 . 2008-01-29 12:51        125848        ----a-w-        c:\programme\mozilla firefox\plugins\atgpcext.dll

2008-01-29 12:51 . 2008-01-29 12:51        46408        ----a-w-        c:\programme\mozilla firefox\plugins\atmccli.dll

2008-01-29 12:51 . 2008-01-29 12:51        98712        ----a-w-        c:\programme\mozilla firefox\plugins\ieatgpc.dll

2011-08-21 09:33 . 2011-03-29 16:48        134104        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TuneUp MemOptimizer"="c:\programme\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-26 313352]

"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

"CTSyncU.exe"="c:\programme\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]

"KiesPDLR"="c:\programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-22 20880]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]

"SiSPower"="SiSPower.dll" [2006-03-09 49152]

"BCSSync"="c:\programme\microsoft office\Office14\BCSSync.exe" [2010-03-13 91520]

"CTCheck"="c:\programme\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-07-03 273544]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-04-08 254696]

"KiesHelper"="c:\programme\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]

"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]

.

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\

Sitecom 300N USB Wireless LAN Utility.lnk - c:\programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe [2010-12-8 937984]

Wireless Configuration Utility.lnk - c:\programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe [2004-10-6 442368]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programme\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21        548352        ----a-w-        c:\programme\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk*\0sprestrt\0sprestrt

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SanDisk Media Manager.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\SanDisk Media Manager.lnk

backup=c:\windows\pss\SanDisk Media Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Squeezebox Server-Taskleisten-Tool.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Squeezebox Server-Taskleisten-Tool.lnk

backup=c:\windows\pss\Squeezebox Server-Taskleisten-Tool.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk

backup=c:\windows\pss\WISO Mein Steuer-Sparbuch heute.lnkCommon Startup

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\wcescomm.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SoundMan"=SOUNDMAN.EXE

"WrtMon.exe"=c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe

"TrueImageMonitor.exe"=c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe

"CanonSolutionMenu"=c:\programme\Canon\SolutionMenu\CNSLMAIN.exe /logon

"AcronisTimounterMonitor"=c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe

"Acronis Scheduler2 Service"="c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"

"SBCSTray"=c:\programme\Sunbelt Software\CounterSpy\SBCSTray.exe

"OpwareSE4"="c:\programme\ScanSoft\OmniPageSE4\OpwareSE4.exe"

"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

"ATIPTA"=c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe

"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programme\\NX Client for Windows\\nxclient.exe"=

"c:\\Programme\\NX Client for Windows\\bin\\nxssh.exe"=

"c:\programme\Microsoft ActiveSync\rapimgr.exe"= c:\programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\programme\Microsoft ActiveSync\wcescomm.exe"= c:\programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\programme\Microsoft ActiveSync\WCESMgr.exe"= c:\programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Programme\\Squeezebox\\SqueezePlay\\squeezeplay.exe"=

"c:\\Programme\\Microsoft Office\\Office14\\GROOVE.EXE"=

"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=

"c:\\Programme\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

"c:\\Programme\\SITECOM\\300N USB Wireless LAN Utility\\RtWLan.exe"=

"c:\\Programme\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\WINDOWS\\system32\\muzapp.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9000:TCP"= 9000:TCP:Squeezebox Server 9000 tcp (UI)

"3483:UDP"= 3483:UDP:Squeezebox Server 3483 udp

"3483:TCP"= 3483:TCP:Squeezebox Server 3483 tcp

"9090:TCP"= 9090:TCP:Squeezebox Server 9090 tcp (UI)

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"9001:TCP"= 9001:TCP:Squeezebox Server 9001 tcp (UI)

"9002:TCP"= 9002:TCP:Squeezebox Server 9002 tcp (UI)

"9003:TCP"= 9003:TCP:Squeezebox Server 9003 tcp (UI)

"9004:TCP"= 9004:TCP:Squeezebox Server 9004 tcp (UI)

"9005:TCP"= 9005:TCP:Squeezebox Server 9005 tcp (UI)

"9006:TCP"= 9006:TCP:Squeezebox Server 9006 tcp (UI)

"9007:TCP"= 9007:TCP:Squeezebox Server 9007 tcp (UI)

"9008:TCP"= 9008:TCP:Squeezebox Server 9008 tcp (UI)

"9009:TCP"= 9009:TCP:Squeezebox Server 9009 tcp (UI)

"9010:TCP"= 9010:TCP:Squeezebox Server 9010 tcp (UI)

"9100:TCP"= 9100:TCP:Squeezebox Server 9100 tcp (UI)

"8000:TCP"= 8000:TCP:Squeezebox Server 8000 tcp (UI)

"10000:TCP"= 10000:TCP:Squeezebox Server 10000 tcp (UI)

"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot

"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot

"53:UDP"= 53:UDP:Realtek AP UDP Prot

.

R0 SBHR;SBHR;c:\windows\system32\drivers\sbhr.sys [21.09.2007 20:11 15544]

R1 SASDIFSV;SASDIFSV;c:\programme\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 20:25 12872]

R1 SASKUTIL;SASKUTIL;c:\programme\SUPERAntiSpyware\SASKUTIL.SYS [10.05.2010 20:41 67656]

R2 a2free;a-squared Free Service;c:\programme\a-squared Free\a2service.exe [30.08.2007 21:19 380528]

R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [10.01.2009 20:41 108768]

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\programme\Avira\AntiVir Desktop\avmailc.exe [27.03.2009 20:13 340136]

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [27.03.2009 20:13 136360]

R2 AntiVirWebService;Avira AntiVir WebGuard;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [27.03.2009 20:13 428200]

R2 AVMPORT;AVMPORT;c:\windows\system32\drivers\avmport.sys [31.07.2005 19:03 59520]

R2 CDMA Device Service;CDMA Device Service;c:\programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [30.08.2011 00:28 63488]

R2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [04.11.2010 16:41 9728]

R2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\dokume~1\ALLUSE~1\ANWEND~1\SQUEEZ~2\Cache\my.cnf SqueezeMySQL [?]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [08.12.2010 16:54 605856]

S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]

S3 ACRUSBTM;ACRUSBTM;c:\windows\system32\drivers\ACRUSBTM.SYS [26.09.2008 19:52 28672]

S3 ALSysIO;ALSysIO;\??\c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys --> c:\dokume~1\Heini\LOKALE~1\Temp\ALSysIO.sys [?]

S3 AVMBTPARALLEL;AVM Bluetooth Druckeranschluss;c:\windows\system32\drivers\avmbtpar.sys [09.12.2003 02:00 60032]

S3 AVMBTSERIAL;AVM Bluetooth Kommunikationsanschluss;c:\windows\system32\drivers\avmbtser.sys [09.12.2003 02:00 61056]

S3 AVMBTSND;AVM Bluetooth Audio Driver;c:\windows\system32\drivers\avmbtsnd.sys [09.12.2003 02:00 48128]

S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmcowan.sys [09.12.2003 02:00 53120]

S3 AVMWAN;NDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmwan.sys [11.01.2002 02:00 37568]

S3 bfubase;BlueFRITZ! USB (WinXP/2000);c:\windows\system32\drivers\bfubase.sys [11.01.2002 02:00 741600]

S3 CAPI_CIP;AVM Bluetooth CAPI-Controller;c:\windows\system32\drivers\capi_cip.sys [09.12.2003 02:00 334464]

S3 FXDRV;FXDRV;\??\f:\fxdrv.sys --> f:\Fxdrv.sys [?]

S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys --> c:\windows\system32\DRIVERS\gflmouhid.sys [?]

S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys --> c:\windows\system32\DRIVERS\gMouPS2.sys [?]

S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [20.12.2009 22:09 135664]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programme\Microsoft Office\Office14\GROOVE.EXE [25.03.2010 10:25 30969208]

S3 NETBFPAN;AVM Bluetooth Netzwerkadapter;c:\windows\system32\drivers\netbfpan.sys [09.12.2003 02:00 35914]

S3 NETPPPOI;PPP over ISDN;c:\windows\system32\DRIVERS\NETPPPOI.SYS --> c:\windows\system32\DRIVERS\NETPPPOI.SYS [?]

S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]

S3 SBAPIFS;SBAPIFS;\??\c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [30.08.2011 00:27 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [30.08.2011 00:27 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [30.08.2011 00:27 136808]

S3 TelekomNM3;Telekom Netzmanager Packet Filter Driver;c:\programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [16.09.2010 17:02 35040]

S3 vmdmd;Fax Port Driver;c:\windows\system32\DRIVERS\vmdmd.sys --> c:\windows\system32\DRIVERS\vmdmd.sys [?]

.

Inhalt des "geplante Tasks" Ordners

.

2011-07-29 c:\windows\Tasks\1-Klick-Wartung.job

- c:\programme\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 18:08]

.

2011-08-30 c:\windows\Tasks\Google Software Updater.job

- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-24 08:49]

.

2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]

.

2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-20 20:09]

.

2011-08-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]

.

2011-08-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

mSearch Bar = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: An vorhandene PDF-Datei anfügen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: In Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Linkziel an vorhandene PDF-Datei anhängen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Linkziel in Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\dokumente und einstellungen\Heini\Anwendungsdaten\Mozilla\Firefox\Profiles\d0fnmop5.Heini\

FF - prefs.js: browser.startup.homepage - www.google.de

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\programme\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\programme\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\programme\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-12_Symbian_USB_Download_Driver - c:\programme\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe

AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\programme\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe

AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\programme\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\programme\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\programme\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\programme\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\programme\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe

AddRemove-26_VIA_driver2 - c:\programme\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2011-08-30 21:17

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32*]

"Class"=hex:ab,c2,74,5b,6c,67,a9,07,13,e0,e1,24,c4,1e,4a,fb,d0,dd,48,ff,50,95,

   74,f9,62,57,09,f4,e8,d4,30,f1,4b,a8,a7,f4,da,c8,33,9b,48,b8,7b,81,1c,3c,a0,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32*]

"Class"=hex:d4,5f,d4,fd,c6,b4,bf,77,56,75,0e,52,68,44,fd,05,8e,61,64,c7,8d,04,

   9a,0b,b9,cb,a4,63,56,e1,dc,88,12,6f,67,c0,be,41,6e,1a,5f,f5,6e,06,f1,d3,3b,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32*]

"Class"=hex:f3,ab,5e,97,03,e1,3c,b2,5c,49,a2,43,b6,d1,e5,c5,4b,ee,a8,8b,ce,e3,

   cb,73,38,b0,4e,da,18,a2,d6,e6,a5,c5,c6,e0,b7,1a,9c,c8,70,f7,de,d4,54,22,a8,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32*]

"Class"=hex:00,6d,78,af,8e,b4,c4,17,0d,65,d8,5a,38,fb,be,e6,2f,8e,89,d1,8e,02,

   54,5e,95,6e,74,67,f4,3e,de,b1,ca,82,ab,ce,60,43,ae,c2,54,81,2e,60,f2,26,2a,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32*]

"Class"=hex:89,da,99,86,00,20,ba,1a,0b,25,73,fb,c0,a4,b3,0a,6e,4f,c7,08,79,c4,

   d1,83,39,9c,db,89,9d,f2,49,60,5c,1f,96,f0,be,29,fa,4e,76,f3,eb,fa,6e,f6,eb,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32*]

"Class"=hex:e0,87,86,cb,2c,02,0d,e2,e4,2d,5f,b7,cc,39,20,ae,75,dd,d6,b4,27,7e,

   88,a3,95,7b,a8,60,04,6e,49,6d,c2,61,b4,4e,e4,fa,0e,8e,5d,e4,9e,e3,2c,8f,95,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32*]

"Class"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,

   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32*]

"Class"=hex:62,d9,7b,80,32,b6,7f,b4,72,cc,ad,10,b5,81,92,8c,f4,2d,3f,f2,17,44,

   72,ff,30,bf,6d,7f,b6,a7,14,b7,e4,dc,27,c8,a4,ed,83,e5,c2,49,5d,bc,c1,fa,a0,\

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

.

[HKEY_LOCAL_MACHINE\software\PSGuard.com\PSGuard\P.S.Guard\License*]

"Data"="InstallTime=1c5c537:93680c70\0d\0aLastRunTime=1c5c539:45626050\0d\0a"

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'winlogon.exe'(660)

c:\programme\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'lsass.exe'(716)

c:\programme\Avira\AntiVir Desktop\avsda.dll

.

- - - - - - - > 'explorer.exe'(3128)

c:\progra~1\GEMEIN~1\MICROS~1\OFFICE14\Cultures\office.odf

c:\progra~1\MICROS~2\Office14\1031\GrooveIntlResource.dll

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\programme\Avira\AntiVir Desktop\avguard.exe

c:\programme\Avira\AntiVir Desktop\avshadow.exe

c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

c:\windows\system32\CTsvcCDA.exe

c:\programme\Java\jre6\bin\jqs.exe

c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe

c:\programme\Sunbelt Software\CounterSpy\SBCSSvc.exe

c:\progra~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe

c:\programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\wscntfy.exe

c:\progra~1\MICROS~3\rapimgr.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2011-08-30  21:31:09 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2011-08-30 19:31

ComboFix2.txt  2007-09-07 16:21

.

Vor Suchlauf: 17 Verzeichnis(se), 21.577.994.240 Bytes frei

Nach Suchlauf: 19 Verzeichnis(se), 21.583.536.128 Bytes frei

.

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect

.

- - End Of File - - C430AB272156B5FD96A200FE93017425

Und nu?

Gruß
Heini

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Hier die Logs

[code]
GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2011-09-01 03:28:22

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SP0822N rev.WA100-10

Running: n5mbq4tp.exe; Driver: C:\DOKUME~1\Heini\LOKALE~1\Temp\kgliipow.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            F7B3B9F4                                                                                           ZwClose

SSDT            F7B3B9AE                                                                                           ZwCreateKey

SSDT            F7B3B9FE                                                                                           ZwCreateSection

SSDT            F7B3B9A4                                                                                           ZwCreateThread

SSDT            F7B3B9B3                                                                                           ZwDeleteKey

SSDT            F7B3B9BD                                                                                           ZwDeleteValueKey

SSDT            F7B3B9EF                                                                                           ZwDuplicateObject

SSDT            F7B3B9C2                                                                                           ZwLoadKey

SSDT            sbhr.sys                                                                                           ZwOpenKey [0xF789F4D0]

SSDT            F7B3B990                                                                                           ZwOpenProcess

SSDT            F7B3B995                                                                                           ZwOpenThread

SSDT            F7B3B9CC                                                                                           ZwReplaceKey

SSDT            F7B3B9C7                                                                                           ZwRestoreKey

SSDT            F7B3BA03                                                                                           ZwSetContextThread

SSDT            F7B3B9B8                                                                                           ZwSetValueKey

SSDT            F7B3B99F                                                                                           ZwTerminateProcess
 

---- Kernel code sections - GMER 1.0.15 ----
 

init            C:\WINDOWS\system32\drivers\ALCXSENS.SYS                                                           entry point in "init" section [0xB17F9900]

.text           C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           section is writeable [0xA93D2000, 0x30A4A, 0xE8000020]

.pklstb         C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           entry point in ".pklstb" section [0xA9414000]

.relo2          C:\WINDOWS\system32\drivers\ACEDRV05.sys                                                           unknown last section [0xA942F000, 0x8E, 0x42000040]

.text           C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           section is writeable [0xA9370000, 0x328BA, 0xE8000020]

.pklstb         C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           entry point in ".pklstb" section [0xA93B4000]

.relo2          C:\WINDOWS\system32\drivers\ACEDRV08.sys                                                           unknown last section [0xA93D0000, 0x8E, 0x42000040]
 

---- User code sections - GMER 1.0.15 ----
 

.text           C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2092] ntdll.dll!DbgUiRemoteBreakin  7C9620EC 1 Byte  [C3]
 

---- Devices - GMER 1.0.15 ----
 

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                             sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                             sisidex.sys (SISIDEX Driver/Windows (R) 2000 DDK provider)

AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume3                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume4                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume5                                                             tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
 

---- Registry - GMER 1.0.15 ----
 

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@Class            0xAB 0xC2 0x74 0x5B ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-08ab-d9f0-6a52fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-1f88-36b0-b09afa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@Class            0xD4 0x5F 0xD4 0xFD ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-2576-8912-f53dfa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-3150-4425-126ffa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@Class            0xF3 0xAB 0x5E 0x97 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-64ef-77df-c2c1fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6636-c91b-6095fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6e26-b11c-3015fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-6f17-c4cf-3ea4fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@Class            0x00 0x6D 0x78 0xAF ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7c74-c331-6118fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@Class            0x89 0xDA 0x99 0x86 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-7f38-c99b-f006fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-99e4-1168-679dfa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@Class            0xE0 0x87 0x86 0xCB ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-af5c-ec88-46a0fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@Class            0x00 0x00 0x00 0x00 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-bcd3-c197-9e28fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32                  

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@Class            0x62 0xD9 0x7B 0x80 ...

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@ThreadingModel   Apartment

Reg             HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-caf3-6d62-7c91fa0881df}\InprocServer32@                 C:\WINDOWS\system32\OLE32.DLL
 

---- EOF - GMER 1.0.15 ----

--- --- ---

OSAM

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 20:31:23 on 01.09.2011
 

OS: Windows XP Home Edition Service Pack 3 (Build 2600)

Default Browser: Mozilla Corporation Firefox 6.0
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Boot Execute]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----

"BootExecute" - ? - autochk*  (File not found)
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

"Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

"RealUpgradeLogonTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe

"RealUpgradeScheduledTaskS-1-5-21-436374069-507921405-725345543-1005.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe

"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl

"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl

"FINDFAST.CPL" - "Microsoft Corporation" - C:\WINDOWS\system32\FINDFAST.CPL

"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

"mbllnk.cpl" - "AvantGo, Inc." - C:\WINDOWS\system32\mbllnk.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Avira AntiVir PersonalEdition Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"Avira AntiVir PersonalEdition Premium Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)

"Avira AntiVir Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL

"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"ACEDRV05" (ACEDRV05) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV05.sys

"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys

"Acronis Snapshots Manager" (snapman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\snapman.sys

"Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\timntr.sys

"Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tifsfilt.sys

"Acronis Try&Decide and Restore Points filter" (tdrpman) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tdrpman.sys

"ACRUSBTM" (ACRUSBTM) - ? - C:\WINDOWS\system32\drivers\ACRUSBTM.SYS

"Add Performance Filter Driver" (sisperf) - "Silicon Integrated Systems Corp." - C:\WINDOWS\System32\drivers\sisperf.sys

"AEGIS Protocol (IEEE 802.1x) v3.7.5.0" (AegisP) - "Cisco Systems, Inc." - C:\WINDOWS\System32\DRIVERS\AegisP.sys

"ALSysIO" (ALSysIO) - ? - C:\DOKUME~1\Heini\LOKALE~1\Temp\ALSysIO.sys  (File not found)

"ASPI32" (ASPI32) - "Adaptec" - C:\WINDOWS\system32\drivers\ASPI32.sys

"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys

"AVM Bluetooth Audio Driver" (AVMBTSND) - "AVM GmbH" - C:\WINDOWS\System32\drivers\avmbtsnd.sys

"AVM Bluetooth CAPI-Controller" (CAPI_CIP) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\capi_cip.sys

"AVM Bluetooth Druckeranschluss" (AVMBTPARALLEL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtpar.sys

"AVM Bluetooth Kommunikationsanschluss" (AVMBTSERIAL) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmbtser.sys

"AVM Bluetooth Netzwerkadapter" (NETBFPAN) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\netbfpan.sys

"AVM ISDN CoNDIS WAN CAPI Treiber" (AVMCOWAN) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmcowan.sys

"AVMPORT" (AVMPORT) - "AVM Berlin" - C:\WINDOWS\System32\drivers\avmport.sys

"BlueFRITZ! USB (WinXP/2000)" (bfubase) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\bfubase.sys

"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)

"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"Fax Port Driver" (vmdmd) - ? - C:\WINDOWS\System32\DRIVERS\vmdmd.sys  (File not found)

"FXDRV" (FXDRV) - ? - F:\Fxdrv.sys  (File not found)

"grmnusb" (grmnusb) - "GARMIN Corp." - C:\WINDOWS\System32\drivers\grmnusb.sys

"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"PCANDIS5 Protocol Driver" (PCANDIS5) - ? - C:\D-Link\AIRPLU~1\PCANDIS5.SYS  (File not found)

"PCASp50 NDIS Protocol Driver" (PCASp50) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\System32\Drivers\PCASp50.sys

"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"PPP over ISDN" (NETPPPOI) - ? - C:\WINDOWS\System32\DRIVERS\NETPPPOI.SYS  (File not found)

"PS2 Scroll Mouse Device" (gMouPS2) - ? - C:\WINDOWS\System32\DRIVERS\gMouPS2.sys  (File not found)

"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys

"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS

"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS

"SBAPIFS" (SBAPIFS) - ? - C:\WINDOWS\system32\drivers\sbapifs.sys  (File not found)

"SBHR" (SBHR) - ? - C:\WINDOWS\System32\drivers\sbhr.sys

"Scroll Mouse Driver" (genmcmn) - ? - C:\WINDOWS\System32\DRIVERS\gmfiltr.sys  (File not found)

"sisidex" (sisidex) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\System32\drivers\sisidex.sys

"SoundTap Recorder" (NCHSSVAD) - "NCH Swift Sound" - C:\WINDOWS\System32\drivers\nchssvad.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys

"Telekom Netzmanager Packet Filter Driver" (TelekomNM3) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys

"TVICHW32" (TVICHW32) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS

"USB Scroll Mouse Driver" (genmcmnUSB) - ? - C:\WINDOWS\System32\DRIVERS\gflmouhid.sys  (File not found)

"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll

{17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9} "{17F04EC2-42D3-4e8c-BDA1-FA579B38ADC9}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Classes\Protocols\Filter )-----

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll

{d7b95390-b1c5-11d0-b111-0080c712fe82} "mctp" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll

{C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll

{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\VISSHE.DLL

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll

{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONFILTER.DLL

{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL

{49BF5420-FA7F-11cf-8011-00A0C90A8F78} "Mobiles Gerät" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Wcesview.dll

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll

{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll

{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\OLKFSTUB.DLL

{A12BE4C1-968E-4b81-96E3-E9ECA5913634} "PBN.PBNMaximumMP3ShellExtension" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll

{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll

{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SDShelEx-win32.dll

{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

{4AFB2C17-9D16-4478-AEF4-C3FC539961E4} "ZEN Media Explorer" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\SHCTMTP.dll
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

<binary data> "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{6C269571-C6D7-4818-BCA4-32A035E8C884} "Creative Software AutoUpdate" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTSUEngn.ocx / hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab

{F6ACF75C-C32C-447B-9BEF-46B766368D29} "Creative Software AutoUpdate Support Package" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPID.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab

{D4B68B83-8710-488B-A692-D74B50BA558E} "Creative Software AutoUpdate Support Package 2" - "Creative Technology Ltd" - C:\WINDOWS\DOWNLO~1\CTPIDPDE.ocx / hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

{4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\System32\legitcheckcontrol.dll / hxxp://go.microsoft.com/fwlink/?linkid=39204

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIE.dll

{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll

{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "Create Mobile Favorite" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\INetRepl.dll

{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\programme\microsoft office\Office14\ONBttnIELinkedNotes.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

"Sitecom 300N USB Wireless LAN Utility.lnk" - "Sitecom Corp." - C:\Programme\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe  (Shortcut exists | File exists)

"Wireless Configuration Utility.lnk" - ? - C:\Programme\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe  (Shortcut exists | File exists)

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\Heini\Startmenü\Programme\Autostart\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"CTSyncU.exe" - ? - "C:\Programme\Creative\Sync Manager Unicode\CTSyncU.exe"

"H/PC Connection Agent" - "Microsoft Corporation" - "C:\Programme\Microsoft ActiveSync\wcescomm.exe"

"KiesPDLR" - ? - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

"TuneUp MemOptimizer" - "TuneUp Software GmbH" - "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

"BCSSync" - "Microsoft Corporation" - "C:\programme\microsoft office\Office14\BCSSync.exe" /DelayServices

"CTCheck" - "Creative Technology Ltd" - C:\Programme\Creative\ZEN Media Explorer\CTCheck.exe

"KiesHelper" - "Samsung" - C:\Programme\Samsung\Kies\KiesHelper.exe /s

"KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Programme\Samsung\Kies\KiesTrayAgent.exe

"SiSPower" - "Silicon Integrated Systems Corporation" - Rundll32.exe SiSPower.dll,ModeAgent

"SiSUSBRG" - "Silicon Integrated Systems Corp." - C:\WINDOWS\SiSUSBrg.exe

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

"TkBellExe" - "RealNetworks, Inc." - "C:\program files\real\realplayer\update\realsched.exe"  -osboot
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Teledat 150 Color Fax Port Monitor" - ? - TelColorPort.dll  (File not found)
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"a-squared Free Service" (a2free) - "Emsi Software GmbH" - C:\Programme\a-squared Free\a2service.exe

"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

"Acronis Try And Decide Service" (TryAndDecideService) - ? - C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe  (File found, but it contains no detailed information)

"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)

"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

"ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avmailc.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe

"Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE

"CDMA Device Service" (CDMA Device Service) - ? - C:\Programme\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe

"Creative Service for CDROM Access" (Creative Service for CDROM Access) - "Creative Technology Ltd" - C:\WINDOWS\system32\CTsvcCDA.exe

"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe

"Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\programme\microsoft office\Office14\GROOVE.EXE

"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe

"Netzmanager Infrastruktur Informationssystem Dienst" (Netzmanager Service) - "Deutsche Telekom AG" - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe

"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

"SqueezeMySQL" (SqueezeMySQL) - ? - C:\PROGRA~1\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe  (File found, but it contains no detailed information)

"Sunbelt CounterSpy Antispyware" (SBCSSvc) - "Sunbelt Software" - C:\Programme\Sunbelt Software\CounterSpy\SBCSSvc.exe

"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL

"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----

"AVSDA" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avsda.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

--- --- ---

AVAST ist mir während des Scans mit folgender Meldung abgestürzt

Code:

avast! Antirootkit hat ein Problem festgestellt und muss beendet werden.
 

Problemsignatur____________________________________________________
 

AppName: aswmbr.exe         AppVer: 0.9.8.986         ModName: ntdll.dll

ModVer: 5.1.2600.6055         Offset: 00011689

Soll ich den Scan noch einmal laufen lassen?

Gruß
Heini

Ja, Avast nochmal probieren. Fall es wieder abkachelt, mach dann ein Log mit dem "älteren" mbrcheck:

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur wenige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes