| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox startet immer bestimmte SeiteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.06.2011, 20:51
| #16 |
 |  Firefox startet immer bestimmte Seite Hallo M-K-D-B, ich kann die Datei nicht finden. Ich glaube aber auch, das Tool funktioniert bei mir nicht so, wie es soll. Ich habe es nochmal gemacht. Der Scan dauert etwa zehn Sekunden, dann steht dort, ich soll Enter drücken. Wenn ich das mache, ist die DOS-Maske einfach weg. Als Administrator habe ich es noch nicht versucht. Blöde Frage, was muss ich tun, um das als Administrator zu machen. Viele Grüße, Rainer |
|
02.06.2011, 21:02
| #17 | |
| /// TB-Ausbilder   | Firefox startet immer bestimmte Seite Hallo Rainer,
__________________Zitat:
Rechtsklick auf MBRCheck.exe -> Als Administrator starten Wenns nicht funktioniert, bitte einfach mit OTL fortfahren.  |
|
02.06.2011, 21:27
| #18 |
| | Firefox startet immer bestimmte Seite Hallo M-K-D-B,
__________________das mit MBRCheck klappt nicht. Es öffnet sich jetzt zwar ein Fenster, wo ich Administrator anwählen kann, aber da ich nicht das Kennwort zur Anmeldung kenne, komme ich dort nicht weiter. Unten also dann die beiden Logfiles von OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.06.2011 22:05:03 - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,82% Memory free
3,84 Gb Paging File | 3,07 Gb Available in Paging File | 80,06% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 349,31 Gb Total Space | 119,17 Gb Free Space | 34,12% Space Free | Partition Type: NTFS
Drive F: | 349,32 Gb Total Space | 349,25 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: RAINER-BF5EC4B3 | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.01 18:52:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\OTL(1).exe
PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.05.29 09:11:22 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011.05.25 23:30:14 | 000,063,912 | ---- | M] (Raptr, Inc) -- C:\Programme\Raptr\raptr.exe
PRC - [2011.05.25 23:30:14 | 000,043,944 | ---- | M] (Raptr, Inc) -- C:\Programme\Raptr\raptr_im.exe
PRC - [2011.05.01 07:31:17 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.04.29 23:40:52 | 012,594,352 | ---- | M] (Mozilla Messaging) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.03.22 16:15:27 | 000,189,824 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\Zlh.exe
PRC - [2010.12.17 15:22:48 | 000,288,072 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nse\Bin\Nsesvc.exe
PRC - [2010.12.02 11:13:55 | 000,308,408 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\Zanda.exe
PRC - [2010.11.11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\elogsvc.exe
PRC - [2010.11.10 14:59:37 | 000,090,656 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Ngs\Bin\nprosec.exe
PRC - [2010.11.10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Ngs\Bin\nnf.exe
PRC - [2010.11.08 18:02:27 | 000,111,912 | ---- | M] () -- C:\Programme\Norman\Npm\Bin\Njeeves.exe
PRC - [2010.11.08 18:02:27 | 000,099,312 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\scheduler.exe
PRC - [2010.11.08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\nvoy.exe
PRC - [2010.11.08 16:56:34 | 000,198,168 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Nvcoas.exe
PRC - [2010.11.08 16:56:34 | 000,182,712 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Nip.exe
PRC - [2010.11.08 16:56:34 | 000,074,592 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\CClaw.exe
PRC - [2010.10.29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.10.08 21:50:37 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.09.08 18:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.08.17 11:50:00 | 000,483,144 | ---- | M] (Corel, Inc.) -- C:\Programme\Corel\Corel MediaOne\Corel Photo Downloader.exe
PRC - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005.11.22 18:03:44 | 000,114,688 | ---- | M] (Arcsoft, Inc.) -- C:\Programme\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe
========== Modules (SafeList) ==========
MOD - [2011.06.01 18:52:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\OTL(1).exe
MOD - [2011.05.18 03:53:06 | 000,074,664 | ---- | M] (Raptr Inc.) -- C:\Programme\Raptr\ltc_help32-51289.dll
MOD - [2010.11.08 16:56:34 | 000,251,240 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Niphk.dll
MOD - [2010.08.23 18:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.05.18 04:04:06 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2010.12.17 15:22:48 | 000,288,072 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Nse\Bin\NSESVC.EXE -- (nsesvc)
SRV - [2010.12.02 11:13:55 | 000,308,408 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Npm\Bin\Zanda.exe -- (Norman ZANDA)
SRV - [2010.11.11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Npm\Bin\elogsvc.exe -- (eLoggerSvc6)
SRV - [2010.11.10 14:59:37 | 000,090,656 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Ngs\Bin\Nprosec.exe -- (NPROSECSVC)
SRV - [2010.11.10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Ngs\Bin\Nnf.exe -- (NNFSVC)
SRV - [2010.11.08 18:02:27 | 000,111,912 | ---- | M] () [On_Demand | Running] -- C:\Programme\Norman\Npm\Bin\Njeeves.exe -- (Norman NJeeves)
SRV - [2010.11.08 18:02:27 | 000,099,312 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Npm\Bin\scheduler.exe -- (Scheduler)
SRV - [2010.11.08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\npm\bin\nvoy.exe -- (NVOY)
SRV - [2010.11.08 16:56:34 | 000,198,168 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Nvc\Bin\nvcoas.exe -- (nvcoas)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.09.08 18:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.12.21 10:42:00 | 000,323,584 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\WPE\wpeserv.exe -- (WPEServ)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.01.09 13:44:34 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2010.11.11 13:01:54 | 000,024,176 | ---- | M] (Norman ASA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvcw32mf.sys -- (NvcMFlt)
DRV - [2010.11.10 15:48:11 | 000,040,384 | ---- | M] (Norman ASA) [Kernel | Auto | Running] -- C:\Programme\Norman\Ngs\Bin\nregsec.sys -- (nregsec)
DRV - [2010.11.10 15:48:00 | 000,074,144 | ---- | M] (Norman ASA) [Kernel | System | Running] -- C:\Programme\Norman\Ngs\Bin\nprosec.sys -- (NPROSEC)
DRV - [2010.10.08 21:50:36 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.07.28 12:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.09 13:18:56 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010.07.06 11:13:00 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.04.27 23:41:57 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010.01.04 14:44:43 | 000,026,744 | ---- | M] (Norman ASA) [Kernel | System | Running] -- c:\Programme\Norman\Ngs\Bin\ngs.sys -- (NGS)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.09 13:24:40 | 000,022,880 | ---- | M] (Norman ASA) [Kernel | Auto | Running] -- C:\Programme\Norman\Nse\Bin\Ndiskio.sys -- (Ndiskio)
DRV - [2005.12.01 11:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\drhard.sys -- (drhard)
DRV - [2003.09.20 09:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Benutzer:Rainer_Lippert"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {90eee664-34b1-422a-a782-779af65cdf6d}:3.2.5.2
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.01 07:31:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.04.05 22:16:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.04.29 23:40:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2011.06.01 22:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 16:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.01 22:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions
[2011.04.07 05:58:50 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.10.13 22:31:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.01 22:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\d4e3j7nv.default\extensions
[2011.06.01 22:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\Profiles\extensions
[2011.06.01 22:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.10.12 10:17:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.10 18:16:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.01 23:38:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.13 18:09:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2010.10.11 16:01:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.01 07:31:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.05.01 07:31:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.05.01 07:31:19 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.05.01 07:31:19 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.05.01 07:31:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.05.01 07:31:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.05.01 07:31:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.06.01 23:27:01 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel MediaOne\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Norman ZANDA] C:\Programme\Norman\Npm\Bin\ZLH.EXE (Norman ASA)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [CAHeadless] C:\Programme\Adobe\Elements 9 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Raptr] C:\Programme\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Monitor.lnk = C:\Programme\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe (Arcsoft, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O9 - Extra 'Tools' menuitem : Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1286800746168 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.161 83.169.184.225
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.11 14:08:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.01 23:12:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.06.01 23:09:02 | 000,024,176 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\nvcw32mf.sys
[2011.06.01 23:08:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.06.01 23:08:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.06.01 23:08:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.06.01 23:08:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.06.01 23:08:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.06.01 23:06:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.06.01 23:06:12 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Rainer\Startmenü\Programme\Verwaltung
[2011.06.01 22:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.01 18:40:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Rainer\Recent
[2011.05.30 22:40:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\Ilivid Player
[2011.05.30 22:29:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iLivid
[2011.05.30 22:29:13 | 000,000,000 | ---D | C] -- C:\Programme\iLivid
[2011.05.30 22:28:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\PackageAware
[4 C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.02 22:11:05 | 000,001,214 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1177238915-1801674531-1003UA.job
[2011.06.02 22:11:01 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1177238915-1801674531-1003Core.job
[2011.06.02 21:18:07 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.02 21:18:06 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.02 18:14:19 | 000,002,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Microsoft Word.lnk
[2011.06.02 16:54:33 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.02 16:54:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.02 10:32:55 | 002,286,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Maintor_Karlstadt.jpg
[2011.06.02 09:44:42 | 000,183,753 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4a.jpg
[2011.06.02 09:42:47 | 026,706,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.02 09:41:57 | 000,093,154 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\473px-Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.02 08:52:39 | 000,002,513 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Microsoft Excel.lnk
[2011.06.01 23:27:01 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.06.01 23:12:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.06.01 18:50:08 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Defogger.exe
[2011.06.01 18:46:56 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\defogger_reenable
[2011.06.01 16:10:40 | 002,246,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\scan__2011-06-01_15-02-05.zip
[2011.05.30 22:41:03 | 000,062,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.30 22:29:26 | 000,000,674 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iLivid Download Manager.lnk
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.05.28 18:32:19 | 000,674,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Buche, 2.jpg
[2011.05.26 23:05:59 | 000,002,373 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Google Chrome.lnk
[2011.05.26 19:48:11 | 000,003,685 | -H-- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\.picasa.ini
[2011.05.26 19:34:53 | 000,654,248 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hochzeit.jpg
[2011.05.25 08:14:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.05.22 11:20:04 | 001,029,365 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Image00000.jpg
[2011.05.22 11:05:18 | 000,034,542 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\L5FKJ6BE.htm.part
[2011.05.22 10:31:32 | 000,308,439 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1830_1.jpg
[2011.05.21 20:02:44 | 000,582,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1838_1.jpg
[2011.05.15 18:08:11 | 004,043,542 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011_bearbeitet-1.jpg
[2011.05.15 18:05:51 | 003,994,385 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011.jpg
[2011.05.14 12:00:40 | 001,262,848 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hutbuche_bei_Frauenroth.jpg
[2011.05.12 17:37:37 | 000,035,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\bericht_okto_09.pdf
[2011.05.08 10:58:57 | 000,423,429 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-1s.jpg
[2011.05.08 10:55:57 | 002,171,085 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-14.jpg
[2011.05.08 10:50:52 | 007,271,058 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa.jpg
[2011.05.08 10:48:32 | 006,407,016 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausen.jpg
[2011.05.07 09:13:04 | 000,005,191 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\file.php
[2011.05.06 19:22:19 | 001,684,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Große_Linde_bei_Teuchatz,_9.jpg
[2011.05.06 16:48:25 | 007,501,285 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Schloss_Steinau,_3.jpg
[2011.05.04 16:55:29 | 003,195,659 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\20110504074803!Bamberg_Sankt_Gangolf_BW_2.jpg
[4 C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.02 10:32:54 | 002,286,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Maintor_Karlstadt.jpg
[2011.06.02 09:44:36 | 000,183,753 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4a.jpg
[2011.06.02 09:41:57 | 000,093,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\473px-Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.01 23:12:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.06.01 23:12:05 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2011.06.01 23:08:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.06.01 23:08:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.06.01 23:08:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.06.01 23:08:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.06.01 23:08:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.06.01 18:50:08 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Defogger.exe
[2011.06.01 18:46:56 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\defogger_reenable
[2011.06.01 16:10:37 | 002,246,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\scan__2011-06-01_15-02-05.zip
[2011.05.30 22:29:26 | 000,000,674 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iLivid Download Manager.lnk
[2011.05.28 18:32:18 | 000,674,545 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Buche, 2.jpg
[2011.05.26 21:22:18 | 026,706,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4.jpg
[2011.05.26 19:34:32 | 000,654,248 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hochzeit.jpg
[2011.05.22 11:20:04 | 001,029,365 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Image00000.jpg
[2011.05.22 11:05:18 | 000,034,542 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\L5FKJ6BE.htm.part
[2011.05.22 10:31:31 | 000,308,439 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1830_1.jpg
[2011.05.21 20:02:43 | 000,582,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1838_1.jpg
[2011.05.15 18:08:06 | 004,043,542 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011_bearbeitet-1.jpg
[2011.05.15 18:03:04 | 003,994,385 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011.jpg
[2011.05.14 12:00:39 | 001,262,848 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hutbuche_bei_Frauenroth.jpg
[2011.05.12 17:37:36 | 000,035,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\bericht_okto_09.pdf
[2011.05.08 10:58:51 | 000,423,429 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-1s.jpg
[2011.05.08 10:55:52 | 002,171,085 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-14.jpg
[2011.05.08 10:50:38 | 007,271,058 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa.jpg
[2011.05.08 10:48:21 | 006,407,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausen.jpg
[2011.05.07 09:13:03 | 000,005,191 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\file.php
[2011.05.06 19:22:19 | 001,684,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Große_Linde_bei_Teuchatz,_9.jpg
[2011.05.06 16:48:18 | 007,501,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Schloss_Steinau,_3.jpg
[2011.05.04 16:52:39 | 003,195,659 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\20110504074803!Bamberg_Sankt_Gangolf_BW_2.jpg
[2011.04.08 18:38:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011.02.02 00:05:28 | 000,028,256 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.01.07 18:06:57 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.11.22 15:44:14 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\gnuplot_history
[2010.11.06 15:46:39 | 000,575,472 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.10.29 17:37:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.10.25 13:52:28 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit_.INI
[2010.10.20 19:29:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.18 22:17:46 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini
[2010.10.15 20:11:39 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.10.14 22:50:01 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2010.10.14 13:51:38 | 000,001,099 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\ShiftN.ini
[2010.10.14 13:46:19 | 000,002,181 | ---- | C] () -- C:\WINDOWS\Helicon Debug Window.ini
[2010.10.13 23:09:57 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2010.10.13 23:09:57 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2010.10.13 21:59:30 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.10.13 21:44:19 | 000,080,117 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2010.10.13 21:44:19 | 000,001,547 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2010.10.13 21:42:52 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2010.10.13 21:42:52 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010.10.11 16:41:07 | 000,000,717 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.10.11 16:31:33 | 000,062,976 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.11 16:23:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.10.11 14:58:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.10.11 14:58:06 | 000,171,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.11 14:37:09 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.10.11 14:25:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\igxpun.exe
[2010.10.11 14:09:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.10.11 14:05:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,516,516 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 14:00:00 | 000,493,190 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,100,670 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 14:00:00 | 000,083,734 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 400 bytes -> C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\desktop.ini:bf5af20ce7a419b1178ece347eddc338
< End of report >
OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 02.06.2011 22:05:03 - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,82% Memory free
3,84 Gb Paging File | 3,07 Gb Available in Paging File | 80,06% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 349,31 Gb Total Space | 119,17 Gb Free Space | 34,12% Space Free | Partition Type: NTFS
Drive F: | 349,32 Gb Total Space | 349,25 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: RAINER-BF5EC4B3 | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Raptr\raptr.exe" = C:\Programme\Raptr\raptr.exe:*:Enabled:Raptr Client -- (Raptr, Inc)
"C:\Programme\Raptr\raptr_im.exe" = C:\Programme\Raptr\raptr_im.exe:*:Enabled:Raptr IM -- (Raptr, Inc)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}" = Corel Painter Essentials 3
"{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C569633-C8DE-46E2-BB8F-F65198681C2F}" = Corel MediaOne
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{548D4E14-F59D-4FA3-A357-CE5BA0D41D34}" = Opera 11.01
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{641FE800-650B-4E99-A304-9D50E7235BAF}" = Topo Deutschland v2
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AEC15C1-6D21-468F-A29D-B3339C31CCCA}" = Garmin BaseCamp
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{79214B92-A439-4841-B160-0896E977A383}" = Norman Security Suite
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3896A21-47E5-4B40-9E90-529C1D6EDDF5}" = PDF Genie 3.0
"{C7C82ED1-E5AD-48CF-8B92-38DD9B49610C}" = Garmin TOPO Deutschland 2010
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3898C20-7186-499F-8CCC-A57C3F13B13C}" = Hama Digital Software Suite
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Akamai" = Akamai NetSession Interface
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Dr. Hardware 2009_is1" = Dr. Hardware 2009 9.9.5d
"Dr. Hardware 2010_is1" = Dr. Hardware 2010 10.5d
"Exif-Viewer" = Exif-Viewer 2.50
"FormatFactory" = FormatFactory 2.50
"FoxTab PDF Converter" = FoxTab PDF Converter
"Free Disc Burner_is1" = Free Disc Burner version 2.5
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"ie8" = Windows Internet Explorer 8
"ImageConverter Plus_is1" = ImageConverter Plus 8.0
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" = Nero Digital
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"PhotoME Beta-Release_is1" = PhotoME Beta-Release
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"PremElem90" = Adobe Premiere Elements 9
"Raptr" = Raptr
"ShiftN_is1" = ShiftN 3.5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.1
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.05.2011 16:11:54 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 04.05.2011 16:12:22 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 04.05.2011 16:15:32 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 04.05.2011 16:16:08 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:39:20 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:40:22 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:40:39 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:03:17 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:03:30 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:04:21 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
< End of report >
Viele Grüße, Rainer |
|
03.06.2011, 12:56
| #19 |
| /// TB-Ausbilder | Firefox startet immer bestimmte Seite Hallo Rainer, Wir habens bald geschafft. Bevor wir zum Abschluss kommen, führe bitte noch folgende Kontrollscans und Updates durch: Schritt # 1: Kontrollscan mit Malwarebytes' Anti-Malware (MBAM)
Schritt # 2: Scan mit SuperAntiSpyware (SAS)
Schritt # 3: Java in Firefox deaktivieren/deinstallieren
Schritt # 4: Fix mit OTL
Code:
ATTFilter :OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
[2010.10.12 10:17:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.10 18:16:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.01 23:38:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.13 18:09:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2011.06.01 22:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\BabylonToolbar
:Commands
[emptytemp]
Schritt # 5: Java deinstallieren/neu installieren
Schritt # 6: ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
 + R Taste und kopiere folgenden Text in das Ausführen Fenster.Code:
ATTFilter "%ProgramFiles%\Eset\Eset Online Scanner\log.txt"
Schritt # 7: Systemscan mit OTL
Schritt # 8: Durchführung einer Sicherheitskontrolle Downloade Dir bitte SecurityCheck
Schritt # 9: Deine Rückmeldung Zur weiteren Analyse benötige ich zusammen mit deiner nächsten Antwort
|
|
03.06.2011, 16:52
| #20 |
| | Firefox startet immer bestimmte Seite Hallo M-K-D-B, falls noch benötigt, die Logfiles von MBRCheck habe ich heute Zufällig gefunden. Die anderen Scans laufen noch, folgt dann später. MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x0000003c Kernel Drivers (total 126): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E6000 \WINDOWS\system32\hal.dll 0xBA5A8000 \WINDOWS\system32\KDCOM.DLL 0xBA4B8000 \WINDOWS\system32\BOOTVID.dll 0xB9F78000 ACPI.sys 0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xB9F67000 pci.sys 0xBA0A8000 isapnp.sys 0xBA670000 pciide.sys 0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS 0xBA0B8000 MountMgr.sys 0xB9F48000 ftdisk.sys 0xBA5AC000 dmload.sys 0xB9F22000 dmio.sys 0xBA330000 PartMgr.sys 0xBA0C8000 VolSnap.sys 0xB9F0A000 atapi.sys 0xBA0D8000 disk.sys 0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xB9EEA000 fltMgr.sys 0xB9ED8000 sr.sys 0xBA0F8000 PxHelp20.sys 0xB9EC1000 KSecDD.sys 0xB9E34000 Ntfs.sys 0xB9E07000 NDIS.sys 0xB9DED000 Mup.sys 0xBA318000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xB913D000 \SystemRoot\system32\DRIVERS\igxpmp32.sys 0xB9129000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xB9101000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xB90CA000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys 0xBA418000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0xB90A6000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xBA420000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xBA128000 \SystemRoot\system32\DRIVERS\serial.sys 0xBA59C000 \SystemRoot\system32\DRIVERS\serenum.sys 0xB9092000 \SystemRoot\system32\DRIVERS\parport.sys 0xB97CA000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0xBA428000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xB97BA000 \SystemRoot\system32\DRIVERS\imapi.sys 0xBA430000 \SystemRoot\system32\drivers\pfc.sys 0xB97AA000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xB979A000 \SystemRoot\system32\DRIVERS\redbook.sys 0xB906F000 \SystemRoot\system32\DRIVERS\ks.sys 0xBA7D9000 \SystemRoot\system32\DRIVERS\audstub.sys 0xB978A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xB9DC9000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xB9058000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xB977A000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xB976A000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xBA438000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xB9047000 \SystemRoot\system32\DRIVERS\psched.sys 0xB975A000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xBA440000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xBA448000 \SystemRoot\system32\DRIVERS\raspti.sys 0xB9017000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xB974A000 \SystemRoot\system32\DRIVERS\termdd.sys 0xBA450000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xBA5EC000 \SystemRoot\system32\DRIVERS\swenum.sys 0xB8FB9000 \SystemRoot\system32\DRIVERS\update.sys 0xB9DA9000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xB973A000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xA8856000 \SystemRoot\system32\drivers\RtkHDAud.sys 0xA8832000 \SystemRoot\system32\drivers\portcls.sys 0xBA148000 \SystemRoot\system32\drivers\drmk.sys 0xBA158000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xBA5F0000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xA87D1000 \??\C:\Programme\Norman\Ngs\Bin\nprosec.sys 0xBA5F2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xBA755000 \SystemRoot\System32\Drivers\Null.SYS 0xBA5F4000 \SystemRoot\System32\Drivers\Beep.SYS 0xBA470000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xBA478000 \SystemRoot\System32\drivers\vga.sys 0xBA5F6000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xBA5F8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xBA480000 \SystemRoot\System32\Drivers\Msfs.SYS 0xBA488000 \SystemRoot\System32\Drivers\Npfs.SYS 0xBA580000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xA879E000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xA8745000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xA871D000 \SystemRoot\system32\DRIVERS\netbt.sys 0xA86F7000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xA86D5000 \SystemRoot\System32\drivers\afd.sys 0xBA168000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xBA178000 \SystemRoot\system32\DRIVERS\netbios.sys 0xA86B3000 \??\C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASKUTIL.SYS 0xBA490000 \??\C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASDIFSV.SYS 0xA8688000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xBA498000 \??\c:\programme\norman\ngs\bin\ngs.sys 0xA8618000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xBA188000 \SystemRoot\System32\Drivers\Fips.SYS 0xBA598000 \SystemRoot\system32\DRIVERS\usbscan.sys 0xB8F83000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xBA1B8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xB8F7F000 \SystemRoot\system32\DRIVERS\mouhid.sys 0xBA1C8000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xA85D8000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xBA5FA000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xA882E000 \SystemRoot\System32\drivers\Dxapi.sys 0xBA4A0000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xBA6E1000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF024000 \SystemRoot\System32\igxpgd32.dll 0xBF012000 \SystemRoot\System32\igxprd32.dll 0xBF058000 \SystemRoot\System32\igxpdv32.DLL 0xBF2E8000 \SystemRoot\System32\igxpdx32.DLL 0xBF691000 \SystemRoot\System32\ATMFD.DLL 0xA8524000 \??\C:\WINDOWS\system32\drivers\mbam.sys 0xA8436000 \??\C:\WINDOWS\system32\drivers\ACEDRV08.sys 0xA84E8000 \??\C:\Programme\Norman\Nse\Bin\NDISKIO.SYS 0xA8432000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xA80D9000 \SystemRoot\system32\drivers\wdmaud.sys 0xA8578000 \SystemRoot\system32\drivers\sysaudio.sys 0xBA388000 \SystemRoot\System32\Drivers\drhard.SYS 0xBA652000 \SystemRoot\System32\Drivers\ParVdm.SYS 0xA7E53000 \SystemRoot\system32\DRIVERS\srv.sys 0xA7EF3000 \??\C:\Programme\Norman\Ngs\Bin\nregsec.sys 0xA78DB000 \SystemRoot\system32\DRIVERS\nvcw32mf.sys 0xBA7EC000 \??\C:\Programme\Norman\Npm\Bin\NmchInjDrv.sys 0xA7617000 \SystemRoot\System32\Drivers\HTTP.sys 0xA7E23000 \??\C:\DOKUME~1\Rainer\LOKALE~1\Temp\aswMBR.sys 0xBA668000 \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS 0xA62A7000 \??\C:\DOKUME~1\Rainer\LOKALE~1\Temp\catchme.sys 0xA4E8E000 \SystemRoot\system32\drivers\kmixer.sys 0x7C910000 \WINDOWS\system32\ntdll.dll Processes (total 58): 0 System Idle Process 4 System 640 C:\WINDOWS\system32\smss.exe 692 C:\WINDOWS\system32\csrss.exe 716 C:\WINDOWS\system32\winlogon.exe 768 C:\WINDOWS\system32\services.exe 780 C:\WINDOWS\system32\lsass.exe 956 C:\Programme\Norman\Npm\Bin\elogsvc.exe 968 C:\Programme\Norman\Ngs\Bin\nnf.exe 988 C:\Programme\Norman\Ngs\Bin\nprosec.exe 1044 C:\WINDOWS\system32\svchost.exe 1112 C:\WINDOWS\system32\svchost.exe 1208 C:\WINDOWS\system32\svchost.exe 1248 C:\Programme\Norman\Npm\Bin\Zanda.exe 1280 C:\Programme\Norman\Npm\Bin\nvoy.exe 1676 C:\WINDOWS\system32\svchost.exe 1832 C:\WINDOWS\system32\spoolsv.exe 156 C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 228 C:\WINDOWS\system32\svchost.exe 244 C:\Programme\Bonjour\mDNSResponder.exe 112 C:\Programme\Java\jre6\bin\jqs.exe 744 C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe 1184 C:\Programme\CDBurnerXP\NMSAccessU.exe 1520 C:\WINDOWS\system32\PSIService.exe 1760 C:\WINDOWS\system32\svchost.exe 508 C:\Programme\Canon\CAL\CALMAIN.exe 2160 C:\WINDOWS\system32\alg.exe 2508 C:\WINDOWS\system32\wbem\wmiapsrv.exe 2628 C:\Programme\Norman\Npm\Bin\scheduler.exe 2656 C:\Programme\Norman\Npm\Bin\Njeeves.exe 2696 C:\Programme\Norman\Nse\Bin\Nsesvc.exe 3064 C:\Programme\Norman\Nvc\Bin\Nvcoas.exe 3268 C:\WINDOWS\system32\igfxtray.exe 3280 C:\WINDOWS\system32\hkcmd.exe 3304 C:\WINDOWS\system32\igfxpers.exe 3324 C:\WINDOWS\system32\igfxsrvc.exe 3368 C:\WINDOWS\RTHDCPL.EXE 3384 C:\Programme\Norman\Npm\Bin\Zlh.exe 3412 C:\Programme\HP\HP Software Update\hpwuschd2.exe 3472 C:\Programme\CyberLink\PowerDVD\PDVDServ.exe 3500 C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe 3596 C:\Programme\Norman\Nvc\Bin\Nip.exe 3780 C:\Programme\Norman\Nvc\Bin\CClaw.exe 3808 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe 3932 C:\Programme\Corel\Corel MediaOne\Corel Photo Downloader.exe 4056 C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE 1540 C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe 2392 C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe 1608 C:\WINDOWS\system32\svchost.exe 2952 C:\Programme\HP\Digital Imaging\bin\hpqste08.exe 3040 C:\PROGRA~1\Raptr\raptr.exe 3144 C:\Programme\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe 3952 C:\PROGRA~1\Raptr\raptr_im.exe 3240 C:\WINDOWS\explorer.exe 3424 C:\WINDOWS\system32\notepad.exe 4068 C:\Programme\Mozilla Thunderbird\thunderbird.exe 3224 C:\Programme\Mozilla Firefox\firefox.exe 620 C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\F: --> \\.\PhysicalDrive0 at offset 0x00000057`54144000 (NTFS) PhysicalDrive0 Model Number: SAMSUNGHD753LJ, Rev: 1AA01118 Size Device Name MBR Status -------------------------------------------- 698 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11 Done! Viele Grüße, Rainer |
|
03.06.2011, 16:57
| #21 |
| | Firefox startet immer bestimmte Seite Hier dann mal die Logfiles von Malwarebytes und SuperAntiSpyware: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6763 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 03.06.2011 16:13:59 mbam-log-2011-06-03 (16-13-59).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 150663 Laufzeit: 6 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 06/03/2011 at 05:36 PM Application Version : 4.44.1000 Core Rules Database Version : 7191 Trace Rules Database Version: 5003 Scan type : Complete Scan Total Scan Time : 00:58:30 Memory items scanned : 624 Memory threats detected : 0 Registry items scanned : 7181 Registry threats detected : 0 File items scanned : 39875 File threats detected : 860 PUP.Whitesmoke C:\Programme\WHITESMOKE\FloatButtonWhiteApps.txt C:\Programme\WHITESMOKE\html\english\common\iepngfix\blank.gif C:\Programme\WHITESMOKE\html\english\common\iepngfix\checkerboard.gif C:\Programme\WHITESMOKE\html\english\common\iepngfix\helix.gif C:\Programme\WHITESMOKE\html\english\common\iepngfix\iepngfix.html C:\Programme\WHITESMOKE\html\english\common\iepngfix\opacity.png C:\Programme\WHITESMOKE\html\english\common\iepngfix C:\Programme\WHITESMOKE\html\english\common\js\common.js C:\Programme\WHITESMOKE\html\english\common\js\pngfix.js C:\Programme\WHITESMOKE\html\english\common\js\prototype.js C:\Programme\WHITESMOKE\html\english\common\js\xmlhttp.js C:\Programme\WHITESMOKE\html\english\common\js C:\Programme\WHITESMOKE\html\english\common C:\Programme\WHITESMOKE\html\english\dictClientDic\dictionary.html C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\ajax-loader.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\corner_bottom_left.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\corner_bottom_right.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\corner_top_left.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\corner_top_right.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\down_arrow.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\input_bg.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\input_bg_old.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\leftSide.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\leftSide2.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\left_input.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\loading_dictionary.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\rightSide.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\right_input.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background\search_strip_bg3.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Background C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\down_arrow.png C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\go_over.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\go_press.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\go_up.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\humanTranslation_press.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\humanTranslation_roll.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\humanTranslation_up.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\moreLang_press.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\moreLang_roll.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons\moreLang_up.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img\Buttons C:\Programme\WHITESMOKE\html\english\dictClientDic\img\spacer.gif C:\Programme\WHITESMOKE\html\english\dictClientDic\img C:\Programme\WHITESMOKE\html\english\dictClientDic\index.html C:\Programme\WHITESMOKE\html\english\dictClientDic\js\common.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\Contextmenu.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\dictInterface.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\jquery-1.4.2.min.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\jquery.combobox.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\jquery.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\prototype.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\transInterface.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js\xmlhttp.js C:\Programme\WHITESMOKE\html\english\dictClientDic\js C:\Programme\WHITESMOKE\html\english\dictClientDic\style\combobox.css C:\Programme\WHITESMOKE\html\english\dictClientDic\style\Contextmenu.css C:\Programme\WHITESMOKE\html\english\dictClientDic\style\dictionary.css C:\Programme\WHITESMOKE\html\english\dictClientDic\style C:\Programme\WHITESMOKE\html\english\dictClientDic\translator.html C:\Programme\WHITESMOKE\html\english\dictClientDic C:\Programme\WHITESMOKE\html\english\floatingButton\blue-Q-rollover.gif C:\Programme\WHITESMOKE\html\english\floatingButton\blue-rollover.gif C:\Programme\WHITESMOKE\html\english\floatingButton\blue-X-rollover.gif C:\Programme\WHITESMOKE\html\english\floatingButton\blue.gif C:\Programme\WHITESMOKE\html\english\floatingButton\index.html C:\Programme\WHITESMOKE\html\english\floatingButton\red&blue.gif C:\Programme\WHITESMOKE\html\english\floatingButton\Thumbs.db C:\Programme\WHITESMOKE\html\english\floatingButton C:\Programme\WHITESMOKE\html\english\floatingButton_howto\img\Background\howto_bg.gif C:\Programme\WHITESMOKE\html\english\floatingButton_howto\img\Background C:\Programme\WHITESMOKE\html\english\floatingButton_howto\img\spacer.gif C:\Programme\WHITESMOKE\html\english\floatingButton_howto\img\Thumbs.db C:\Programme\WHITESMOKE\html\english\floatingButton_howto\img C:\Programme\WHITESMOKE\html\english\floatingButton_howto\index.html C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix\blank.gif C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix\checkerboard.gif C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix\helix.gif C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix\iepngfix.html C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix\opacity.png C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\iepngfix C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js\index.js C:\Programme\WHITESMOKE\html\english\floatingButton_howto\js C:\Programme\WHITESMOKE\html\english\floatingButton_howto\style\style.css C:\Programme\WHITESMOKE\html\english\floatingButton_howto\style C:\Programme\WHITESMOKE\html\english\floatingButton_howto C:\Programme\WHITESMOKE\html\english\gui\img\Background\ajax-loader.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\base_fade_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\blue.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\blue_bg_.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\blue_dark_bg.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\blue_dark_bg_.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\blue_top_bg_.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\bottom_grey_strip.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\buttons_tray_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\buttons_tray_px.p_goldng C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_bar_re_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_bar_re_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_bar_re_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_bottom_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\caption_strip_right_corner.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\cascade.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\collapse.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_bl2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_br2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_dot.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_menu_bg.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_submenu.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_submenu_dis.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_sub_menu_bg.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_tl2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\context_tr2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\Copy of notice_right_top_bg.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\down_arrow.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\dpreloader.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_footer_left.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_footer_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_footer_right.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_header_left.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_header_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_header_right.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\edit_sidefade.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\feather.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\green.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\inputline_fade_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\input_bg.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\leftBottom3.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\leftSide.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\leftSide2.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\leftSide3.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\left_input.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\logo.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\logo.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\logo2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\main_background.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\main_background_11.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\main_background_old.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\notice_checkbox_checked.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\notice_checkbox_unchecked.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\red.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\red2.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\resize_gripper.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\result_area_top_bg.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\rightBottom.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\rightSide.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\rightSide2.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\rightSide2_11.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\right_input.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\spacer.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\spacer_.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\strike_blue.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\strike_green.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\strike_green2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\strike_purple.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\strike_red.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_apply_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_apply_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_apply_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_check_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_check_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_check_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_left_corner.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\summaryline_right_corner.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\ticket.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\topButtonsLeft.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\topButtonsLeft_from_home.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\topButtonsLeft__.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\topButtonsRight.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\topRightBorder.png C:\Programme\WHITESMOKE\html\english\gui\img\Background\top_grey_strip.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background\wslogo.gif C:\Programme\WHITESMOKE\html\english\gui\img\Background C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\blue.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\bottom_right_corner.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\buttons_tray_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_bar_re_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_bar_re_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_bar_re_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_bottom_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\caption_strip_right_corner.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\get-full.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\get-full3.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\green.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\help_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\help_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\help_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\left_input.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\logo.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\logo.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\logo2.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\main_background.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_dictionary_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_dictionary_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_dictionary_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_dictionary_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_templates_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_templates_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_templates_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_templates_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_toolkit_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_toolkit_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_toolkit_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_toolkit_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_translator_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_translator_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_translator_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_translator_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_tutorials_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_tutorials_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_tutorials_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_tutorials_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_writer_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_writer_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_writer_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\menuline_writer_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\red.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\red2.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\right_input.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\sitting_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\sitting_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\sitting_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\smallclosebutton.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\store_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\store_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\store_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_apply_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_apply_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_apply_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_check_down.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_check_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_check_up.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\summaryline_px.png C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\x.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\x.jpg C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\x_hover.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\x_hover_old.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons\x_old.gif C:\Programme\WHITESMOKE\html\english\gui\img\Buttons C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\blue.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\bottom_right_corner.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\buttons_tray_px.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_close_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_close_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_close_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_max_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_max_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_max_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_re_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_re_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bar_re_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_bottom_px.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_px.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\caption_px_11.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\green.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\leftCaptionCorner.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\leftCaptionCorner2.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\left_input.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\logo.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\logo3.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\logologo2_11.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\logo_1.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\main_background.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_dictionary_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_dictionary_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_dictionary_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_dictionary_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_templates_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_templates_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_templates_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_templates_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_toolkit_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_toolkit_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_toolkit_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_toolkit_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_translator_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_translator_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_translator_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_translator_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_tutorials_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_tutorials_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_tutorials_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_tutorials_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_writer_down.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_writer_on.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_writer_roll.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\menuline_writer_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\red.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\red2.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\rightCaptionCorner.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\rightCaptionCorner.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\rightCaptionCorner2.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\rightCaptionCorner3.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\rightCaptionCorner3_11.gif C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\right_input.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\store_down.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\store_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\store_up.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_apply_down.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_apply_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_apply_up.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_check_down.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_check_roll.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_check_up.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar\summaryline_px.png C:\Programme\WHITESMOKE\html\english\gui\img\captionbar C:\Programme\WHITESMOKE\html\english\gui\img\grammar\addto_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\addto_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\addto_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\definition_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\definition_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\definition_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\enrichment_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\enrichment_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\enrichment_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\explanation_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\explanation_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\explanation_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\grammarexpclosebutton.gif C:\Programme\WHITESMOKE\html\english\gui\img\grammar\howto_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\howto_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\howto_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\search_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\search_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\search_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\thesaurus_disabled.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\thesaurus_hover.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar\thesaurus_up.png C:\Programme\WHITESMOKE\html\english\gui\img\grammar C:\Programme\WHITESMOKE\html\english\gui\img\review-section\closedy2.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\content-review4.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\dot.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\down-content.gif C:\Programme\WHITESMOKE\html\english\gui\img\review-section\down.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\grade1.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\grade2.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\grade3.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\grade4.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\grade5.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\li-content.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\opencq8.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\report.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\score1.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\score2.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\score3.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\score4.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\score5.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\shadow.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\shadow2.png C:\Programme\WHITESMOKE\html\english\gui\img\review-section\shdow.gif C:\Programme\WHITESMOKE\html\english\gui\img\review-section\shdow_good.gif C:\Programme\WHITESMOKE\html\english\gui\img\review-section C:\Programme\WHITESMOKE\html\english\gui\img\screens\button_no_down.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\button_no_up.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\button_yes_down.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\button_yes_up.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\caption_bar_close_over.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\ico_analyze.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\ico_complete.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\ico_connection.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\ico_expired.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\loading_window.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\loading_window.swf C:\Programme\WHITESMOKE\html\english\gui\img\screens\myWelcome.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_bg.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_bg_bottom.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_bg_gold.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_bg_old.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_bg_top.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_captionbar_press.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_captionbar_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_getitnow_press.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_getitnow_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_ok_press.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_ok_press.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_ok_up.gif C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_ok_up.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\screen_ok_up_11.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeClose_down.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeClose_over.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeClose_up.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeGo_down.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeGo_over.png C:\Programme\WHITESMOKE\html\english\gui\img\screens\welcomeGo_up.png C:\Programme\WHITESMOKE\html\english\gui\img\screens C:\Programme\WHITESMOKE\html\english\gui\img\spacer.gif C:\Programme\WHITESMOKE\html\english\gui\img C:\Programme\WHITESMOKE\html\english\gui\index.html C:\Programme\WHITESMOKE\html\english\gui\js\appInterface.js C:\Programme\WHITESMOKE\html\english\gui\js\builder.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\common.js C:\Programme\WHITESMOKE\html\english\gui\js\Contextmenu.js C:\Programme\WHITESMOKE\html\english\gui\js\controls.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\dictionaryContextMenu.class.js C:\Programme\WHITESMOKE\html\english\gui\js\dragdrop.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\effects.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\enrichmentContextMenu.class.js C:\Programme\WHITESMOKE\html\english\gui\js\enrichmentsContextMenu.class.js C:\Programme\WHITESMOKE\html\english\gui\js\final.js C:\Programme\WHITESMOKE\html\english\gui\js\gmonitor.js C:\Programme\WHITESMOKE\html\english\gui\js\grammarCache.class.js C:\Programme\WHITESMOKE\html\english\gui\js\grammarContextMenu.class.js C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix\blank.gif C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix\checkerboard.gif C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix\helix.gif C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix\iepngfix.html C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix\opacity.png C:\Programme\WHITESMOKE\html\english\gui\js\iepngfix C:\Programme\WHITESMOKE\html\english\gui\js\iframeTest.js C:\Programme\WHITESMOKE\html\english\gui\js\jqModal.js C:\Programme\WHITESMOKE\html\english\gui\js\jquery-1.2.6.pack.NotUSED.js C:\Programme\WHITESMOKE\html\english\gui\js\jquery-1.3.2.js C:\Programme\WHITESMOKE\html\english\gui\js\jquery-1.3.2.min.js C:\Programme\WHITESMOKE\html\english\gui\js\jquery.ba-throttle-debounce.js C:\Programme\WHITESMOKE\html\english\gui\js\jquery.jeegoocontext.min.js C:\Programme\WHITESMOKE\html\english\gui\js\monitor.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\builder.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\controls.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\dragdrop.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\effects.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\prototype.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\slider.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion\sound.js C:\Programme\WHITESMOKE\html\english\gui\js\NonPackedVersion C:\Programme\WHITESMOKE\html\english\gui\js\prototype.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\scriptaculous.js C:\Programme\WHITESMOKE\html\english\gui\js\slider.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\sound.pack.js C:\Programme\WHITESMOKE\html\english\gui\js\spellingContextMenu.class.js C:\Programme\WHITESMOKE\html\english\gui\js\summary.js C:\Programme\WHITESMOKE\html\english\gui\js\supersleight.js C:\Programme\WHITESMOKE\html\english\gui\js\switchcontent.js C:\Programme\WHITESMOKE\html\english\gui\js\tooltip.js C:\Programme\WHITESMOKE\html\english\gui\js\unittest.js C:\Programme\WHITESMOKE\html\english\gui\js\ws_content_manager.js C:\Programme\WHITESMOKE\html\english\gui\js\ws_functions.js C:\Programme\WHITESMOKE\html\english\gui\js\ws_links.js C:\Programme\WHITESMOKE\html\english\gui\js\x.gif C:\Programme\WHITESMOKE\html\english\gui\js\xmlhttp.js C:\Programme\WHITESMOKE\html\english\gui\js\ypSlideOutMenus.js C:\Programme\WHITESMOKE\html\english\gui\js\ypSlideOutMenusContext.js C:\Programme\WHITESMOKE\html\english\gui\js C:\Programme\WHITESMOKE\html\english\gui\style\combobox.css C:\Programme\WHITESMOKE\html\english\gui\style\Contextmenu.css C:\Programme\WHITESMOKE\html\english\gui\style\dictionary.css C:\Programme\WHITESMOKE\html\english\gui\style\enrichment.css C:\Programme\WHITESMOKE\html\english\gui\style\enrichments.css C:\Programme\WHITESMOKE\html\english\gui\style\grammar.css C:\Programme\WHITESMOKE\html\english\gui\style\iframeTest.css C:\Programme\WHITESMOKE\html\english\gui\style\indexnew.css C:\Programme\WHITESMOKE\html\english\gui\style\jeegoo.css C:\Programme\WHITESMOKE\html\english\gui\style\jqModal.css C:\Programme\WHITESMOKE\html\english\gui\style\screens.css C:\Programme\WHITESMOKE\html\english\gui\style\spelling.css C:\Programme\WHITESMOKE\html\english\gui\style C:\Programme\WHITESMOKE\html\english\gui C:\Programme\WHITESMOKE\html\english\registration\img\banner.gif C:\Programme\WHITESMOKE\html\english\registration\img\banner.png C:\Programme\WHITESMOKE\html\english\registration\img\captionbar\caption_bar_close_down.gif C:\Programme\WHITESMOKE\html\english\registration\img\captionbar\caption_bar_close_up.gif C:\Programme\WHITESMOKE\html\english\registration\img\captionbar\caption_bar_close_up_over.gif C:\Programme\WHITESMOKE\html\english\registration\img\captionbar C:\Programme\WHITESMOKE\html\english\registration\img\continue_button_click.gif C:\Programme\WHITESMOKE\html\english\registration\img\continue_button_over.gif C:\Programme\WHITESMOKE\html\english\registration\img\continue_button_up.gif C:\Programme\WHITESMOKE\html\english\registration\img\down.gif C:\Programme\WHITESMOKE\html\english\registration\img\down.png C:\Programme\WHITESMOKE\html\english\registration\img\f2.gif C:\Programme\WHITESMOKE\html\english\registration\img C:\Programme\WHITESMOKE\html\english\registration\index.html C:\Programme\WHITESMOKE\html\english\registration\js\regInterface.js C:\Programme\WHITESMOKE\html\english\registration\js C:\Programme\WHITESMOKE\html\english\registration\style\registration.css C:\Programme\WHITESMOKE\html\english\registration\style C:\Programme\WHITESMOKE\html\english\registration C:\Programme\WHITESMOKE\html\english\settings\css\index.css C:\Programme\WHITESMOKE\html\english\settings\css C:\Programme\WHITESMOKE\html\english\settings\img\Background\logo.png C:\Programme\WHITESMOKE\html\english\settings\img\Background\main_bg.png C:\Programme\WHITESMOKE\html\english\settings\img\Background C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\cancel_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\cancel_down.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\cancel_over.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\cancel_up.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\save_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\save_down.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\save_over.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\save_up.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_connection_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_connection_off.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_connection_on.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_content_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_content_off.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_content_on.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_general_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_general_off.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_general_on.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_info_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_info_off.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_info_on.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_shortcut_disabled.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_shortcut_off.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons\tab_shortcut_on.png C:\Programme\WHITESMOKE\html\english\settings\img\Buttons C:\Programme\WHITESMOKE\html\english\settings\img\captionbar\caption_bar_close_down.gif C:\Programme\WHITESMOKE\html\english\settings\img\captionbar\caption_bar_close_over.gif C:\Programme\WHITESMOKE\html\english\settings\img\captionbar\caption_bar_close_up.gif C:\Programme\WHITESMOKE\html\english\settings\img\captionbar C:\Programme\WHITESMOKE\html\english\settings\img C:\Programme\WHITESMOKE\html\english\settings\index.html C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix\blank.gif C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix\checkerboard.gif C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix\helix.gif C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix\iepngfix.html C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix\opacity.png C:\Programme\WHITESMOKE\html\english\settings\js\iepngfix C:\Programme\WHITESMOKE\html\english\settings\js\settingsInterface.js C:\Programme\WHITESMOKE\html\english\settings\js C:\Programme\WHITESMOKE\html\english\settings C:\Programme\WHITESMOKE\html\english\templates\dtree.css C:\Programme\WHITESMOKE\html\english\templates\dtree.js C:\Programme\WHITESMOKE\html\english\templates\General\Apologies\ApologyInnappropriateBehavior.html C:\Programme\WHITESMOKE\html\english\templates\General\Apologies\ApologyUnjustBehavior.html C:\Programme\WHITESMOKE\html\english\templates\General\Apologies C:\Programme\WHITESMOKE\html\english\templates\General\Community Work\ResignationFromVoluntaryPosition.html C:\Programme\WHITESMOKE\html\english\templates\General\Community Work C:\Programme\WHITESMOKE\html\english\templates\General\Condolences\LetterOfCondolence.html C:\Programme\WHITESMOKE\html\english\templates\General\Condolences C:\Programme\WHITESMOKE\html\english\templates\General\Cover Letters\CoverLetter.html C:\Programme\WHITESMOKE\html\english\templates\General\Cover Letters\GrantCoverSheet.html C:\Programme\WHITESMOKE\html\english\templates\General\Cover Letters C:\Programme\WHITESMOKE\html\english\templates\General\Family\FamilyNewsUpdate.html C:\Programme\WHITESMOKE\html\english\templates\General\Family C:\Programme\WHITESMOKE\html\english\templates\General\Finance\AgreementToCompromiseDebt.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\BankError.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\DebtValidation.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\InvestigationOfBillingInquiry.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\LetterOfCreditGeneral.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\LetterOfCreditIrrevocable.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\LetterOfCreditRevolving.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\LetterOfDispute.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\RemovalOfInadequateInformation.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\ReplyToApplicationForCredit.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\RequestForIncreaseOfCreditLimit.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\ReturningUnsignedCheck.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance\UnauthorizedCreditInquiry.html C:\Programme\WHITESMOKE\html\english\templates\General\Finance C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\AChristmasWish.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ArrivalOfChristmas.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\BlessingsAtChristmas.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ChristmasGreetings.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsMessage.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsToASpouse.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ChristmasGreetingsToWorkers.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\ChristmasWishes.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\HappyChristmasGreeting.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\InTheStillOfTheNightChristmasGreeting.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\JoyousOccasion.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\LovePeaceAndJoy.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\MerryChristmasAndHappyNewYear.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas\MerryChristmasToFamily.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Christmas C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Graduation\CongratulationsOnYourGraduation.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Graduation\CongratulationsToTheGraduate.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Graduation\YouHaveGraduated.html C:\Programme\WHITESMOKE\html\english\templates\General\Greetings\Graduation C:\Programme\WHITESMOKE\html\english\templates\General\Greetings C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\EmployeePerformanceReviewAndPlanningSessions.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\EmploymentApplications.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\HealthRelatedIssues.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\NewEmployeeOrientation.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\TerminationOfEmployment.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual\TuitionReimbursementPolicy.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Manual C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\EmploymentReferenceLetter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\JobReferenceLetter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\LetterOfReference.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\ReferenceLetterByAcquaintance.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\RequestForEmployeeReferenceLetter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters\VerificationOfEmploymentLetter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employee Reference Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Letter Requesting Pay Raise.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Refusal of Resquest For Raise.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request for Leave of Absence.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request for Letter of Reference.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request for Meeting Regarding Pay Raise.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request for Paid or Unpaid Leave.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request For Salary Increase.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests\Request to Schedule an Interview.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Employment Requests C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Acknowledgment of Job Application.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Confirmation of Job Dismissal.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Final Warning Before Dismissal.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Job Rejection Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Job Rejection Letter2.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection\Rejection of Job Offer.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Dismissal and Rejection C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Employment Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Introduction of New Employee.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Letter for Assistant Professor.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\LetterForTenureTrackAssociateProfessor.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Offer of Employment.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters\Request for Employment Test.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Employment Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Accept or Decline Job Offer.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Acceptance Letter 2.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Acceptance Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance\Job Offer Acceptance.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Job Acceptance C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Thank You Letters\Thank You Letter After Interview.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Thank You Letters\Thank You to Applicant for Testing.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees\Thank You Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Hiring Employees C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Acceptance of Employee's Resignation.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Employee Termination Notice.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters\Job Resignation Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination\Resignation Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Hiring and Termination C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Personnel Office\Notice of Decision to Reprimand.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Personnel Office C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Cover Letter Auditor Development Program.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Application Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Search Cover Letter - Disabled Citizens.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Job Search Cover Letter - Software Employment.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Law Internship Cover Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Resume Cover Letter.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters\Resume Cover Letter2.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Job Search Cover Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Letters of Recommendation\Letter of Recommendation.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Letters of Recommendation C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Accounting Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Administrative Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Banking Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Customer Service Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Database and Application Developer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\End User Trainer and Instructional Designer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Engineering Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Freelance Marcom Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\General CV Format.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Graphic Designer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Healthcare Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Internship Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Java Developer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Management Resume 2.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Management Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Administrator Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Director Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Marketing Manager Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Essay Residency Experience.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Resume - Physician.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Medical Resume Partnership in General Practice.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\PowerPoint Designer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Product Delivery Engineer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Sales Representative Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Software QA Engineer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Technical Publication Manager Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Technical Writer.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Web Developer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes\Web Maintainer Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters\Resumes C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources\Resumes and Cover Letters C:\Programme\WHITESMOKE\html\english\templates\General\Human Resources C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Advertising\Advertising Commitment Form.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Advertising\Art Advertising Flyer.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Advertising\Request for Advertising Rate.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Advertising\Subscriber Letter News Service.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Advertising C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Legal\Assignment of Literary Property.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Legal C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Comments to Author Regarding Book.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Introduction of Novel.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Letter of Interest to Magazine.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Letter of Recommendation.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Magazine Review.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions\Promotional Letter Antique Shop.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Promotions C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Resumes\Actor Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Literary\Resumes C:\Programme\WHITESMOKE\html\english\templates\General\Literary C:\Programme\WHITESMOKE\html\english\templates\General\Personal Matters\Career Change.html C:\Programme\WHITESMOKE\html\english\templates\General\Personal Matters\Letter to a Friend Regarding Change of Job.html C:\Programme\WHITESMOKE\html\english\templates\General\Personal Matters\Sale of Automobile or Other Motor Vehicle.html C:\Programme\WHITESMOKE\html\english\templates\General\Personal Matters\Upset Regarding Loss of Job.html C:\Programme\WHITESMOKE\html\english\templates\General\Personal Matters C:\Programme\WHITESMOKE\html\english\templates\General\Students\Admissions Essays\Admissions Essay for Entrance to Theater Institute.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Admissions Essays\Essay - Describe Events.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Admissions Essays\Graduate School Literary Essay.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Admissions Essays C:\Programme\WHITESMOKE\html\english\templates\General\Students\Careers\Career Letter for Accounting Position.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Careers\Career Letter in Journalism.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Careers C:\Programme\WHITESMOKE\html\english\templates\General\Students\Personal Correspondence\Compliment Student on Graduation.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Personal Correspondence\Congratulations to High School Graduate.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Personal Correspondence\Personal Letter of Recommendation.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Personal Correspondence\Request for Financial Assistance from Parents.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Personal Correspondence C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes\Resume for After-School Job.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes\Student Resume Automotive Service Industry.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes\Student Resume Forestry.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes\Student Resume Wildlife.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes\Student Resume.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\Resumes C:\Programme\WHITESMOKE\html\english\templates\General\Students\University Correspondence\Appreciation of Scholarship.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\University Correspondence\Request for Reference.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\University Correspondence\Request for University Application Material.html C:\Programme\WHITESMOKE\html\english\templates\General\Students\University Correspondence C:\Programme\WHITESMOKE\html\english\templates\General\Students C:\Programme\WHITESMOKE\html\english\templates\General\Thank You\Letter Thanking Coworker for Support.html C:\Programme\WHITESMOKE\html\english\templates\General\Thank You\Message of Thanks.html C:\Programme\WHITESMOKE\html\english\templates\General\Thank You\Thank You Staff for Emotional Support.html C:\Programme\WHITESMOKE\html\english\templates\General\Thank You C:\Programme\WHITESMOKE\html\english\templates\General\Well Wishes\Letter of Congratulations.html C:\Programme\WHITESMOKE\html\english\templates\General\Well Wishes\Welcome New Tenants.html C:\Programme\WHITESMOKE\html\english\templates\General\Well Wishes\Wishes for Speedy Recovery.html C:\Programme\WHITESMOKE\html\english\templates\General\Well Wishes C:\Programme\WHITESMOKE\html\english\templates\General C:\Programme\WHITESMOKE\html\english\templates\images\jspDrag.gif C:\Programme\WHITESMOKE\html\english\templates\images\jspVerticalBar.gif C:\Programme\WHITESMOKE\html\english\templates\images C:\Programme\WHITESMOKE\html\english\templates\img\apply_over.png C:\Programme\WHITESMOKE\html\english\templates\img\apply_press.png C:\Programme\WHITESMOKE\html\english\templates\img\apply_up.png C:\Programme\WHITESMOKE\html\english\templates\img\atart_arrow.jpg C:\Programme\WHITESMOKE\html\english\templates\img\base.gif C:\Programme\WHITESMOKE\html\english\templates\img\borders.png C:\Programme\WHITESMOKE\html\english\templates\img\borders2.png C:\Programme\WHITESMOKE\html\english\templates\img\borders3.png C:\Programme\WHITESMOKE\html\english\templates\img\borders_good.png C:\Programme\WHITESMOKE\html\english\templates\img\bullet.gif C:\Programme\WHITESMOKE\html\english\templates\img\cd.gif C:\Programme\WHITESMOKE\html\english\templates\img\close.png C:\Programme\WHITESMOKE\html\english\templates\img\close2.png C:\Programme\WHITESMOKE\html\english\templates\img\dirClose.png C:\Programme\WHITESMOKE\html\english\templates\img\dirOpen.png C:\Programme\WHITESMOKE\html\english\templates\img\empty - Copy.gif C:\Programme\WHITESMOKE\html\english\templates\img\empty.gif C:\Programme\WHITESMOKE\html\english\templates\img\empty2.gif C:\Programme\WHITESMOKE\html\english\templates\img\folder.gif C:\Programme\WHITESMOKE\html\english\templates\img\folderopen.gif C:\Programme\WHITESMOKE\html\english\templates\img\globe.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\base.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\cd.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\empty.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\folder.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\folderopen.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\globe.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\imgfolder.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\join.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\joinbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\line.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\minus.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\minusbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\musicfolder.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\nolines_minus.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\nolines_plus.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\page.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\plus.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\plusbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\question.gif C:\Programme\WHITESMOKE\html\english\templates\img\img\trash.gif C:\Programme\WHITESMOKE\html\english\templates\img\img C:\Programme\WHITESMOKE\html\english\templates\img\imgfolder.gif C:\Programme\WHITESMOKE\html\english\templates\img\join.gif C:\Programme\WHITESMOKE\html\english\templates\img\joinbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\jspDrag.gif C:\Programme\WHITESMOKE\html\english\templates\img\jspVerticalBar.gif C:\Programme\WHITESMOKE\html\english\templates\img\line.gif C:\Programme\WHITESMOKE\html\english\templates\img\minus.gif C:\Programme\WHITESMOKE\html\english\templates\img\minusbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\musicfolder.gif C:\Programme\WHITESMOKE\html\english\templates\img\myEmpty.png C:\Programme\WHITESMOKE\html\english\templates\img\neg_bullet.png C:\Programme\WHITESMOKE\html\english\templates\img\nolines_minus.gif C:\Programme\WHITESMOKE\html\english\templates\img\nolines_plus.gif C:\Programme\WHITESMOKE\html\english\templates\img\open.png C:\Programme\WHITESMOKE\html\english\templates\img\open2 - Copy.png C:\Programme\WHITESMOKE\html\english\templates\img\open2.png C:\Programme\WHITESMOKE\html\english\templates\img\p7t_minus.gif C:\Programme\WHITESMOKE\html\english\templates\img\p7t_plus.gif C:\Programme\WHITESMOKE\html\english\templates\img\page.gif C:\Programme\WHITESMOKE\html\english\templates\img\plus.gif C:\Programme\WHITESMOKE\html\english\templates\img\plusbottom.gif C:\Programme\WHITESMOKE\html\english\templates\img\plus_bullet.png C:\Programme\WHITESMOKE\html\english\templates\img\question.gif C:\Programme\WHITESMOKE\html\english\templates\img\top_close.png C:\Programme\WHITESMOKE\html\english\templates\img\top_open.png C:\Programme\WHITESMOKE\html\english\templates\img\trash.gif C:\Programme\WHITESMOKE\html\english\templates\img C:\Programme\WHITESMOKE\html\english\templates\index.html C:\Programme\WHITESMOKE\html\english\templates\js\jquery-1.4.2.min.js C:\Programme\WHITESMOKE\html\english\templates\js\jquery.jscrollpane.min.js C:\Programme\WHITESMOKE\html\english\templates\js\jquery.mousewheel.js C:\Programme\WHITESMOKE\html\english\templates\js\switchcontent.js C:\Programme\WHITESMOKE\html\english\templates\js\templatesInterface.js C:\Programme\WHITESMOKE\html\english\templates\js C:\Programme\WHITESMOKE\html\english\templates\menu.htm C:\Programme\WHITESMOKE\html\english\templates\objects\ebook_js.js C:\Programme\WHITESMOKE\html\english\templates\objects\flashobject.js C:\Programme\WHITESMOKE\html\english\templates\objects\mcl.css C:\Programme\WHITESMOKE\html\english\templates\objects\navigation.js C:\Programme\WHITESMOKE\html\english\templates\objects\p7tm\p7tmbasic.css C:\Programme\WHITESMOKE\html\english\templates\objects\p7tm\p7tmscripts.js C:\Programme\WHITESMOKE\html\english\templates\objects\p7tm\p7t_minus.gif C:\Programme\WHITESMOKE\html\english\templates\objects\p7tm\p7t_plus.gif C:\Programme\WHITESMOKE\html\english\templates\objects\p7tm C:\Programme\WHITESMOKE\html\english\templates\objects\parseURL.js C:\Programme\WHITESMOKE\html\english\templates\objects\utils.js C:\Programme\WHITESMOKE\html\english\templates\objects\wm_cookies.js C:\Programme\WHITESMOKE\html\english\templates\objects C:\Programme\WHITESMOKE\html\english\templates\start.html C:\Programme\WHITESMOKE\html\english\templates\style\jquery.jscrollpane.css C:\Programme\WHITESMOKE\html\english\templates\style\style.css C:\Programme\WHITESMOKE\html\english\templates\style\templates.css C:\Programme\WHITESMOKE\html\english\templates\style C:\Programme\WHITESMOKE\html\english\templates C:\Programme\WHITESMOKE\html\english\userGuide\css\jquery.jscrollpane.css C:\Programme\WHITESMOKE\html\english\userGuide\css\style - Copy.css C:\Programme\WHITESMOKE\html\english\userGuide\css\style.css C:\Programme\WHITESMOKE\html\english\userGuide\css C:\Programme\WHITESMOKE\html\english\userGuide\faq.html C:\Programme\WHITESMOKE\html\english\userGuide\images\arr.png C:\Programme\WHITESMOKE\html\english\userGuide\images\arr2.gif C:\Programme\WHITESMOKE\html\english\userGuide\images\bg - Copy.png C:\Programme\WHITESMOKE\html\english\userGuide\images\bg-good.png C:\Programme\WHITESMOKE\html\english\userGuide\images\bg.png C:\Programme\WHITESMOKE\html\english\userGuide\images\boxBlackFix.png C:\Programme\WHITESMOKE\html\english\userGuide\images\buttons.png C:\Programme\WHITESMOKE\html\english\userGuide\images\ConfiguringWhiteSmoke.png C:\Programme\WHITESMOKE\html\english\userGuide\images\correctionssuggestions.png C:\Programme\WHITESMOKE\html\english\userGuide\images\dictionaryTab.png C:\Programme\WHITESMOKE\html\english\userGuide\images\faq.png C:\Programme\WHITESMOKE\html\english\userGuide\images\i.gif C:\Programme\WHITESMOKE\html\english\userGuide\images\I.png C:\Programme\WHITESMOKE\html\english\userGuide\images\jspDrag.gif C:\Programme\WHITESMOKE\html\english\userGuide\images\jspVerticalBar.gif C:\Programme\WHITESMOKE\html\english\userGuide\images\nav.jpg C:\Programme\WHITESMOKE\html\english\userGuide\images\otk.png C:\Programme\WHITESMOKE\html\english\userGuide\images\t.gif C:\Programme\WHITESMOKE\html\english\userGuide\images\TheRight-clickMenu.png C:\Programme\WHITESMOKE\html\english\userGuide\images\TheTemplatesTab.png C:\Programme\WHITESMOKE\html\english\userGuide\images\translatorTab.png C:\Programme\WHITESMOKE\html\english\userGuide\images\WhiteSmokeEmailCheck.png C:\Programme\WHITESMOKE\html\english\userGuide\images\WhiteSmokeOverview.png C:\Programme\WHITESMOKE\html\english\userGuide\images\WriterTab.png C:\Programme\WHITESMOKE\html\english\userGuide\images C:\Programme\WHITESMOKE\html\english\userGuide\js\jquery-1.4.2.min.js C:\Programme\WHITESMOKE\html\english\userGuide\js\jquery.jscrollpane.min.js C:\Programme\WHITESMOKE\html\english\userGuide\js\jquery.min.js C:\Programme\WHITESMOKE\html\english\userGuide\js\jquery.mousewheel.js C:\Programme\WHITESMOKE\html\english\userGuide\js\userGuide.js C:\Programme\WHITESMOKE\html\english\userGuide\js C:\Programme\WHITESMOKE\html\english\userGuide\troubleshooting.html C:\Programme\WHITESMOKE\html\english\userGuide\userGuide.html C:\Programme\WHITESMOKE\html\english\userGuide C:\Programme\WHITESMOKE\html\english C:\Programme\WHITESMOKE\html C:\Programme\WHITESMOKE\NotifierWhiteApps.txt C:\Programme\WHITESMOKE Adware.Tracking Cookie stc.datamediacenter.com [ C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\F5XFEVRG ] Viele Grüße, Rainer |
|
03.06.2011, 18:27
| #22 |
| | Firefox startet immer bestimmte Seite Hier folgt OTL: All processes killed ========== OTL ========== C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully. C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\BabylonToolbar folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 310358325 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Rainer ->Temp folder emptied: 5620328 bytes ->Temporary Internet Files folder emptied: 8726666 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 269542409 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 1777 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16867 bytes RecycleBin emptied: 39625 bytes Total Files Cleaned = 567,00 mb OTL by OldTimer - Version 3.2.23.0 log created on 06032011_180118 Files\Folders moved on Reboot... File move failed. C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temp\nvcbin.def.70304377.tmp scheduled to be moved on reboot. File\Folder C:\WINDOWS\temp\Perflib_Perfdata_118.dat not found! Registry entries deleted on Reboot... Viele Grüße, Rainer |
|
03.06.2011, 21:04
| #23 |
| | Firefox startet immer bestimmte Seite ESET wäre jetzt auch erledigt. Der Scan lief beinahe vier Stunden. ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6427 # api_version=3.0.2 # EOSSerial=e00da21678a1de4aabde77e0a4c541b8 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-06-03 07:56:19 # local_time=2011-06-03 09:56:19 (+0100, Westeuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 10801499 10801499 0 0 # compatibility_mode=5378 16777173 100 97 723 142404512 0 0 # compatibility_mode=8192 67108863 100 0 104 104 0 0 # scanned=354018 # found=7 # cleaned=0 # scan_time=13061 C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\OpenCandy\OpenCandy_8D0CA52918244B5CAFB81DEB2F973C7F\registrybooster21.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\OpenCandy\OpenCandy_8D0CA52918244B5CAFB81DEB2F973C7F\registrybooster21Wrapped.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\OpenCandy\OpenCandy_FC2CFF1256584F109F98F3AE65387779\registrybooster(9).exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\slow-pcfighter_Web.exe a variant of Win32/SlowPCfighter application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\speedupmypc(2).exe Win32/SpeedUpMyPC application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\speedupmypc.exe Win32/SpeedUpMyPC application (unable to clean) 00000000000000000000000000000000 I C:\System Volume Information\_restore{99C074C2-6546-4139-8949-12826338AF62}\RP275\A0061793.dll probably a variant of Win32/Adware.Bandoo.AA application (unable to clean) 00000000000000000000000000000000 I Viele Grüße, Rainer |
|
03.06.2011, 21:20
| #24 |
| | Firefox startet immer bestimmte Seite Und hier die OTLs:OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.06.2011 22:05:58 - Run 5
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,84% Memory free
3,84 Gb Paging File | 3,19 Gb Available in Paging File | 83,21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 349,31 Gb Total Space | 118,51 Gb Free Space | 33,93% Space Free | Partition Type: NTFS
Drive F: | 349,32 Gb Total Space | 349,25 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: RAINER-BF5EC4B3 | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.01 18:52:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\OTL(1).exe
PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.05.25 23:30:14 | 000,063,912 | ---- | M] (Raptr, Inc) -- C:\Programme\Raptr\raptr.exe
PRC - [2011.05.25 23:30:14 | 000,043,944 | ---- | M] (Raptr, Inc) -- C:\Programme\Raptr\raptr_im.exe
PRC - [2011.05.01 07:31:17 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.22 16:15:27 | 000,189,824 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\Zlh.exe
PRC - [2010.12.17 15:22:48 | 000,288,072 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nse\Bin\Nsesvc.exe
PRC - [2010.12.02 11:13:55 | 000,308,408 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\Zanda.exe
PRC - [2010.11.11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\elogsvc.exe
PRC - [2010.11.10 14:59:37 | 000,090,656 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Ngs\Bin\nprosec.exe
PRC - [2010.11.10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Ngs\Bin\nnf.exe
PRC - [2010.11.08 18:02:27 | 000,111,912 | ---- | M] () -- C:\Programme\Norman\Npm\Bin\Njeeves.exe
PRC - [2010.11.08 18:02:27 | 000,099,312 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\scheduler.exe
PRC - [2010.11.08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Npm\Bin\nvoy.exe
PRC - [2010.11.08 16:56:34 | 000,198,168 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Nvcoas.exe
PRC - [2010.11.08 16:56:34 | 000,182,712 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Nip.exe
PRC - [2010.11.08 16:56:34 | 000,074,592 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\CClaw.exe
PRC - [2010.10.08 21:50:37 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.09.08 18:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.08.17 11:50:00 | 000,483,144 | ---- | M] (Corel, Inc.) -- C:\Programme\Corel\Corel MediaOne\Corel Photo Downloader.exe
PRC - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005.11.22 18:03:44 | 000,114,688 | ---- | M] (Arcsoft, Inc.) -- C:\Programme\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe
========== Modules (SafeList) ==========
MOD - [2011.06.01 18:52:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads\OTL(1).exe
MOD - [2011.05.18 03:53:06 | 000,074,664 | ---- | M] (Raptr Inc.) -- C:\Programme\Raptr\ltc_help32-51289.dll
MOD - [2010.11.08 16:56:34 | 000,251,240 | ---- | M] (Norman ASA) -- C:\Programme\Norman\Nvc\Bin\Niphk.dll
MOD - [2010.08.23 18:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 14:00:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.05.18 04:04:06 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2010.12.17 15:22:48 | 000,288,072 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Nse\Bin\NSESVC.EXE -- (nsesvc)
SRV - [2010.12.02 11:13:55 | 000,308,408 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Npm\Bin\Zanda.exe -- (Norman ZANDA)
SRV - [2010.11.11 13:43:28 | 000,075,104 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Npm\Bin\elogsvc.exe -- (eLoggerSvc6)
SRV - [2010.11.10 14:59:37 | 000,090,656 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Ngs\Bin\Nprosec.exe -- (NPROSECSVC)
SRV - [2010.11.10 14:48:32 | 000,223,000 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\Ngs\Bin\Nnf.exe -- (NNFSVC)
SRV - [2010.11.08 18:02:27 | 000,111,912 | ---- | M] () [On_Demand | Running] -- C:\Programme\Norman\Npm\Bin\Njeeves.exe -- (Norman NJeeves)
SRV - [2010.11.08 18:02:27 | 000,099,312 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Npm\Bin\scheduler.exe -- (Scheduler)
SRV - [2010.11.08 17:56:34 | 000,100,336 | ---- | M] (Norman ASA) [Auto | Running] -- C:\Programme\Norman\npm\bin\nvoy.exe -- (NVOY)
SRV - [2010.11.08 16:56:34 | 000,198,168 | ---- | M] (Norman ASA) [On_Demand | Running] -- C:\Programme\Norman\Nvc\Bin\nvcoas.exe -- (nvcoas)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.09.08 18:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.06.05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006.12.21 10:42:00 | 000,323,584 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\WPE\wpeserv.exe -- (WPEServ)
========== Driver Services (SafeList) ==========
DRV - [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.01.09 13:44:34 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2010.11.11 13:01:54 | 000,024,176 | ---- | M] (Norman ASA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvcw32mf.sys -- (NvcMFlt)
DRV - [2010.11.10 15:48:11 | 000,040,384 | ---- | M] (Norman ASA) [Kernel | Auto | Running] -- C:\Programme\Norman\Ngs\Bin\nregsec.sys -- (nregsec)
DRV - [2010.11.10 15:48:00 | 000,074,144 | ---- | M] (Norman ASA) [Kernel | System | Running] -- C:\Programme\Norman\Ngs\Bin\nprosec.sys -- (NPROSEC)
DRV - [2010.10.08 21:50:36 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.07.28 12:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.09 13:18:56 | 000,020,328 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2010\pcwiz_x32.sys -- (cpuz134)
DRV - [2010.07.06 11:13:00 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.04.27 23:41:57 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010.01.04 14:44:43 | 000,026,744 | ---- | M] (Norman ASA) [Kernel | System | Running] -- c:\Programme\Norman\Ngs\Bin\ngs.sys -- (NGS)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.09 13:24:40 | 000,022,880 | ---- | M] (Norman ASA) [Kernel | Auto | Running] -- C:\Programme\Norman\Nse\Bin\Ndiskio.sys -- (Ndiskio)
DRV - [2005.12.01 11:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\drhard.sys -- (drhard)
DRV - [2003.09.20 09:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Benutzer:Rainer_Lippert"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {90eee664-34b1-422a-a782-779af65cdf6d}:3.2.5.2
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.01 07:31:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.04.05 22:16:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.04.29 23:40:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2011.06.01 22:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 16:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.01 22:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions
[2011.04.07 05:58:50 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.10.13 22:31:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\6uuyt9we.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.01 22:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\d4e3j7nv.default\extensions
[2011.06.01 22:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\Mozilla\Firefox\Profiles\Profiles\extensions
[2011.06.03 18:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.03 18:13:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.03 18:13:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.01 07:31:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.06.03 18:13:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.05.01 07:31:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.05.01 07:31:19 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.05.01 07:31:19 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.05.01 07:31:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.05.01 07:31:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.05.01 07:31:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.06.01 23:27:01 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel MediaOne\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Norman ZANDA] C:\Programme\Norman\Npm\Bin\ZLH.EXE (Norman ASA)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [CAHeadless] C:\Programme\Adobe\Elements 9 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Raptr] C:\Programme\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Dokumente und Einstellungen\Rainer\Desktop\Alte HDD Komplett\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Monitor.lnk = C:\Programme\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe (Arcsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O9 - Extra 'Tools' menuitem : Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1286800746168 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.161 83.169.184.225
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.11 14:08:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.03 18:16:56 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.06.03 18:14:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2011.06.03 18:13:57 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.03 18:13:56 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.03 18:13:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.03 18:13:56 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.03 18:12:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011.06.03 17:52:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.06.01 23:12:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.06.01 23:09:02 | 000,024,176 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\nvcw32mf.sys
[2011.06.01 23:08:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.06.01 23:08:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.06.01 23:08:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.06.01 23:08:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.06.01 23:08:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.06.01 23:06:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.06.01 23:06:12 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Rainer\Startmenü\Programme\Verwaltung
[2011.06.01 22:49:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.01 18:40:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Rainer\Recent
[2011.05.30 22:40:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\Ilivid Player
[2011.05.30 22:29:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iLivid
[2011.05.30 22:29:13 | 000,000,000 | ---D | C] -- C:\Programme\iLivid
[2011.05.30 22:28:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\PackageAware
[4 C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.03 22:11:01 | 000,001,214 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1177238915-1801674531-1003UA.job
[2011.06.03 22:11:01 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1177238915-1801674531-1003Core.job
[2011.06.03 21:18:08 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.03 21:18:05 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.03 18:13:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.03 18:13:47 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.03 18:13:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.03 18:13:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.03 18:13:47 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.03 18:05:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.03 18:05:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.03 16:54:54 | 000,354,103 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\dvd_thumbs.jpg
[2011.06.02 18:14:19 | 000,002,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Microsoft Word.lnk
[2011.06.02 10:32:55 | 002,286,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Maintor_Karlstadt.jpg
[2011.06.02 09:44:42 | 000,183,753 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4a.jpg
[2011.06.02 09:42:47 | 026,706,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.02 09:41:57 | 000,093,154 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\473px-Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.02 08:52:39 | 000,002,513 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Microsoft Excel.lnk
[2011.06.01 23:27:01 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.06.01 23:12:07 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.06.01 18:50:08 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Defogger.exe
[2011.06.01 18:46:56 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\defogger_reenable
[2011.06.01 16:10:40 | 002,246,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\scan__2011-06-01_15-02-05.zip
[2011.05.30 22:41:03 | 000,062,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.30 22:29:26 | 000,000,674 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iLivid Download Manager.lnk
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.05.28 18:32:19 | 000,674,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Buche, 2.jpg
[2011.05.26 23:05:59 | 000,002,373 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Desktop\Google Chrome.lnk
[2011.05.26 19:48:11 | 000,003,685 | -H-- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\.picasa.ini
[2011.05.26 19:34:53 | 000,654,248 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hochzeit.jpg
[2011.05.25 08:14:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.05.22 11:20:04 | 001,029,365 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Image00000.jpg
[2011.05.22 11:05:18 | 000,034,542 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\L5FKJ6BE.htm.part
[2011.05.22 10:31:32 | 000,308,439 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1830_1.jpg
[2011.05.21 20:02:44 | 000,582,646 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1838_1.jpg
[2011.05.15 18:08:11 | 004,043,542 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011_bearbeitet-1.jpg
[2011.05.15 18:05:51 | 003,994,385 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011.jpg
[2011.05.14 12:00:40 | 001,262,848 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hutbuche_bei_Frauenroth.jpg
[2011.05.12 17:37:37 | 000,035,040 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\bericht_okto_09.pdf
[2011.05.08 10:58:57 | 000,423,429 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-1s.jpg
[2011.05.08 10:55:57 | 002,171,085 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-14.jpg
[2011.05.08 10:50:52 | 007,271,058 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa.jpg
[2011.05.08 10:48:32 | 006,407,016 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausen.jpg
[2011.05.07 09:13:04 | 000,005,191 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\file.php
[2011.05.06 19:22:19 | 001,684,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Große_Linde_bei_Teuchatz,_9.jpg
[2011.05.06 16:48:25 | 007,501,285 | ---- | M] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Schloss_Steinau,_3.jpg
[4 C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.02 10:32:54 | 002,286,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Maintor_Karlstadt.jpg
[2011.06.02 09:44:36 | 000,183,753 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4a.jpg
[2011.06.02 09:41:57 | 000,093,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\473px-Bildeiche_bei_Albertshausen,_4.jpg
[2011.06.01 23:12:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.06.01 23:12:05 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2011.06.01 23:08:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.06.01 23:08:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.06.01 23:08:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.06.01 23:08:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.06.01 23:08:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.06.01 18:50:08 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Defogger.exe
[2011.06.01 18:46:56 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\defogger_reenable
[2011.06.01 16:10:37 | 002,246,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\scan__2011-06-01_15-02-05.zip
[2011.05.30 22:29:26 | 000,000,674 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iLivid Download Manager.lnk
[2011.05.28 18:32:18 | 000,674,545 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Buche, 2.jpg
[2011.05.26 21:22:18 | 026,706,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_bei_Albertshausen,_4.jpg
[2011.05.26 19:34:32 | 000,654,248 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hochzeit.jpg
[2011.05.22 11:20:04 | 001,029,365 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Image00000.jpg
[2011.05.22 11:05:18 | 000,034,542 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\L5FKJ6BE.htm.part
[2011.05.22 10:31:31 | 000,308,439 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1830_1.jpg
[2011.05.21 20:02:43 | 000,582,646 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Dagobertshausen_1838_1.jpg
[2011.05.15 18:08:06 | 004,043,542 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011_bearbeitet-1.jpg
[2011.05.15 18:03:04 | 003,994,385 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Rathaus_Klosterreichenbach_2011.jpg
[2011.05.14 12:00:39 | 001,262,848 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Hutbuche_bei_Frauenroth.jpg
[2011.05.12 17:37:36 | 000,035,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\bericht_okto_09.pdf
[2011.05.08 10:58:51 | 000,423,429 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-1s.jpg
[2011.05.08 10:55:52 | 002,171,085 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa_bearbeitet-14.jpg
[2011.05.08 10:50:38 | 007,271,058 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausenaaa.jpg
[2011.05.08 10:48:21 | 006,407,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Bildeiche_Albertshausen.jpg
[2011.05.07 09:13:03 | 000,005,191 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\file.php
[2011.05.06 19:22:19 | 001,684,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Große_Linde_bei_Teuchatz,_9.jpg
[2011.05.06 16:48:18 | 007,501,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Schloss_Steinau,_3.jpg
[2011.04.08 18:38:07 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011.02.02 00:05:28 | 000,028,256 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.01.07 18:06:57 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.11.22 15:44:14 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\gnuplot_history
[2010.11.06 15:46:39 | 000,575,472 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.10.29 17:37:44 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.10.25 13:52:28 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit_.INI
[2010.10.20 19:29:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.18 22:17:46 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini
[2010.10.15 20:11:39 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.10.14 22:50:01 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2010.10.14 13:51:38 | 000,001,099 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Anwendungsdaten\ShiftN.ini
[2010.10.14 13:46:19 | 000,002,181 | ---- | C] () -- C:\WINDOWS\Helicon Debug Window.ini
[2010.10.13 23:09:57 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2010.10.13 23:09:57 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2010.10.13 21:59:30 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.10.13 21:44:19 | 000,080,117 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2010.10.13 21:44:19 | 000,001,547 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2010.10.13 21:42:52 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2010.10.13 21:42:52 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010.10.11 16:41:07 | 000,000,717 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.10.11 16:31:33 | 000,062,976 | ---- | C] () -- C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.11 16:23:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.10.11 14:58:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.10.11 14:58:06 | 000,171,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.11 14:37:09 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.10.11 14:25:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\igxpun.exe
[2010.10.11 14:09:29 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.10.11 14:05:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,516,516 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 14:00:00 | 000,493,190 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,100,670 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 14:00:00 | 000,083,734 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 400 bytes -> C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Anwendungsdaten\desktop.ini:bf5af20ce7a419b1178ece347eddc338
< End of report >
OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.06.2011 22:05:58 - Run 5
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Dokumente und Einstellungen\Rainer\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,84% Memory free
3,84 Gb Paging File | 3,19 Gb Available in Paging File | 83,21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 349,31 Gb Total Space | 118,51 Gb Free Space | 33,93% Space Free | Partition Type: NTFS
Drive F: | 349,32 Gb Total Space | 349,25 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Computer Name: RAINER-BF5EC4B3 | User Name: Rainer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Raptr\raptr.exe" = C:\Programme\Raptr\raptr.exe:*:Enabled:Raptr Client -- (Raptr, Inc)
"C:\Programme\Raptr\raptr_im.exe" = C:\Programme\Raptr\raptr_im.exe:*:Enabled:Raptr IM -- (Raptr, Inc)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}" = Corel Painter Essentials 3
"{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C569633-C8DE-46E2-BB8F-F65198681C2F}" = Corel MediaOne
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{548D4E14-F59D-4FA3-A357-CE5BA0D41D34}" = Opera 11.01
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{641FE800-650B-4E99-A304-9D50E7235BAF}" = Topo Deutschland v2
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AEC15C1-6D21-468F-A29D-B3339C31CCCA}" = Garmin BaseCamp
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{79214B92-A439-4841-B160-0896E977A383}" = Norman Security Suite
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3896A21-47E5-4B40-9E90-529C1D6EDDF5}" = PDF Genie 3.0
"{C7C82ED1-E5AD-48CF-8B92-38DD9B49610C}" = Garmin TOPO Deutschland 2010
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3898C20-7186-499F-8CCC-A57C3F13B13C}" = Hama Digital Software Suite
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Akamai" = Akamai NetSession Interface
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Dr. Hardware 2009_is1" = Dr. Hardware 2009 9.9.5d
"Dr. Hardware 2010_is1" = Dr. Hardware 2010 10.5d
"ESET Online Scanner" = ESET Online Scanner v3
"Exif-Viewer" = Exif-Viewer 2.50
"FormatFactory" = FormatFactory 2.50
"FoxTab PDF Converter" = FoxTab PDF Converter
"Free Disc Burner_is1" = Free Disc Burner version 2.5
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"ie8" = Windows Internet Explorer 8
"ImageConverter Plus_is1" = ImageConverter Plus 8.0
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" = Nero Digital
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"PhotoME Beta-Release_is1" = PhotoME Beta-Release
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"PremElem90" = Adobe Premiere Elements 9
"Raptr" = Raptr
"ShiftN_is1" = ShiftN 3.5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.1
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.05.2011 16:16:08 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:39:20 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:40:22 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 05.05.2011 10:40:39 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung excel.exe, Version 9.0.0.2719, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:03:17 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:03:30 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 02.06.2011 16:04:21 | Computer Name = RAINER-BF5EC4B3 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mbrcheck.exe, Version 0.0.0.0, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 03.06.2011 10:36:41 | Computer Name = RAINER-BF5EC4B3 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung SUPERANTISPYWARE.EXE, Version 4.44.0.1000,
Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 03.06.2011 10:36:48 | Computer Name = RAINER-BF5EC4B3 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung SUPERANTISPYWARE.EXE, Version 4.44.0.1000,
Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 03.06.2011 10:36:53 | Computer Name = RAINER-BF5EC4B3 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung SUPERANTISPYWARE.EXE, Version 4.44.0.1000,
Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 03.06.2011 12:01:20 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Adobe Active File Monitor V9" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "NMSAccess" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "ProtexisLicensing" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 03.06.2011 12:01:21 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 03.06.2011 12:01:24 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Norman NJeeves" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 03.06.2011 12:01:24 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Norman Scheduler Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 03.06.2011 12:01:25 | Computer Name = RAINER-BF5EC4B3 | Source = Service Control Manager | ID = 7034
Description = Dienst "Norman Virus Control on-access component" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
< End of report >
Viele Grüße, Rainer |
|
03.06.2011, 21:31
| #25 |
| | Firefox startet immer bestimmte Seite So, geschafft. Hier das letzte Logfile: Results of screen317's Security Check version 0.99.12 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: ESET Online Scanner v3 Norman Security Suite McAfee Security Scan Plus Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java(TM) 6 Update 25 Flash Player Out of Date! Adobe Flash Player 10.2.159.1 Adobe Reader X (10.0.1) - Deutsch Korean Fonts Support For Adobe Reader 9 Mozilla Thunderbird (3.1.10) Thunderbird Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe ``````````End of Log```````````` Du hast jetzt aber auch alles von mir abverlangt. Browser schließen, dann anschließend ohne Browser Dateien aus dem Internet runterladen.  Aber was macht man nicht alles für ein sauberes System.  An dieser Stelle jetzt schon mal vorab ein ganz dickes  Viele Grüße, Rainer |
|
04.06.2011, 09:31
| #26 | |||
| /// TB-Ausbilder | Firefox startet immer bestimmte Seite Hallo Rainer, Zitat:
 Wo befanden sich denn diese Logfiles?Ich hab ja gewusst, dass uns MBRCheck nicht im Stich lässt. Zitat:
  Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Dein Rechner ist sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Schritt # 1: ComboFix deinstallieren Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren. Windows-Taste + R drücken. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK. Code:
ATTFilter Combofix /Uninstall
 Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden. Nun die eben deaktivierten Programme wieder aktivieren. Schritt # 2: Systembereinigung mit OTL Als Nächstes müssen wir alle Programme, die zur Malwarebeseitigung notwendig waren, entfernen:
Schritt # 3: Manuelles Löschen von Dateien
Schritt # 4: ESET Online Scanner
Schritt # 5: Windows Update aktivieren Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.
Schritt # 6: Schutz vor weiteren Infektionen Damit du in Zukunft vor ähnlichen Infektionen geschützt bist, empfehle ich dir noch ein paar nützliche Programme inklusive ein paar Tipps.
Schritt # 7: Deine Rückmeldung Bitte gib mir kurz Bescheid, wenn alles erledigt ist und du keine Fragen mehr hast, damit ich das Thema aus meinen Abos löschen kann. |
|
04.06.2011, 10:04
| #27 |
| | Firefox startet immer bestimmte Seite Hallo M-K-D-B, die Logfile habe ich auf meinem Desktop gefunden. Genau so, wie du es gesagt hast. Ich dachte bei Desktop an die Datei. Und in deren habe ich nichts gefunden. Habe dich da also falsch verstanden gehabt.  Da ich beinahe immer irgendwelche Fenster offen habe, habe ich die Logfile nicht auf meinem Bildschirm gesehen.Java Update meinte ich, ja. Wenn ich das gewusst hätte, dass ich für den Download einen Browser verwenden darf.  Die anderen Schritte habe ich eben durchgeführt. Mir auch das Emsisoft-Programm runtergeladen. Vielen Dank für alles und die gute Zusammenarbeit.  Ich hätte da noch ein Problem. Hat nichts mit diesem hier zu tun. Ich weiß aber nicht, ob es Überhaupt mit einem Befall zu tun hat, oder ob ich vor ein paar Wochen etwas bei mir verstellt habe. Soll ich da einen neuen Thread aufmachen, oder kannst/möchtest du mir da auch helfen? Viele Grüße, Rainer |
|
04.06.2011, 10:13
| #28 | ||
| /// TB-Ausbilder | Firefox startet immer bestimmte Seite Hallo Rainer, Zitat:
 Zitat:
Sollte es etwas mit dem Malwarebefall zu tun haben, können wir es uns gerne anschauen. Anderenfalls gibt es noch weitere Unterforen, in die du es posten kannst. Aber das sage ich dir dann, sobald ich dein Problem kenne. |
|
04.06.2011, 10:54
| #29 |
| | Firefox startet immer bestimmte Seite Hallo M-K-D-B, seit ein paar Wochen kann ich keine Excel- und Worddateien durch anklicken der Datei, wie im Datei-Manager, oder welche, die ich per Mail erhalten habe, öffnen. Wenn ich die Datei anklicke, also doppelklick, oder rechtsklick plus öffnen, wird nur das Programm, jeweils eine 2000er Version, gestartet. Dabei scheint dann etwas nicht zu funktionieren. Das Programm wird irgendwie nicht komplett geladen. Es erscheint weder die gewünschte Datei, noch eine leere Seite. Wenn ich dann ein weiteres mal die Datei anklicke, wird die Datei dann im zuvor geladenen Programm angezeigt. Schließe ich jedoch nach dem ersten mal das Programm wieder, wird beim zweiten mal wieder nur das Programm gestartet, ohne Datei. Egal wie, beim ersten mal kann ich nie die Datei direkt öffnen. Vom jeweiligen Programm aus geht alles wie immer. Nur das starten des Programmes mittels der gewünschten Datei geht nicht. Ich weiß nicht, ob das etwas mit einem Befall zu tun hat, oder ob einfach irgendwo etwas an den Einstellungen verstellt ist. Ist auf jeden Fall etwas Nervig. Viele Grüße, Rainer  |
|
04.06.2011, 15:15
| #30 | |
| /// TB-Ausbilder | Firefox startet immer bestimmte Seite Hallo Rainer, Bitte beantworte mir folgende Fragen:
Gehe bitte wie folgt vor: Suche dir eine beliebige Word-Datei. Rechtsklicke auf die Datei und wähle "Öffnen mit" und dann die Option "Standardprogramm auswählen" bzw. "Programm auswählen". Als nächtes sollte sich ein Fenster mit Vorschlägen öffnen. Vergewissere dich, dass ein Haken bei "Dateityp immer mit dem ausgewählten Programm öffnen" gesetzt ist. Wähle Microsoft Word aus. Klicke auf Ok. Öffne die Word-Datei ganz normal mit einem Doppelklick. Bitte berichte. |
|
| Themen zu Firefox startet immer bestimmte Seite |
| anti-malware, bestimmte, dateien, dokumente, downloads, durchgeführt, einstellungen, ergebnis, explorer, files, firefox, griff, icreinstall, logfile, lokale, minute, problem, scan, seite, service, startet, temp, temporary, version, versucht, öffnet |
Textbox.
Button.
Linear-Darstellung
