| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Reporting funktioniert nicht mehr, Firewall startet nicht, Windows Explorer stürzt abWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.12.2011, 21:39
| #1 |
 |  Windows Reporting funktioniert nicht mehr, Firewall startet nicht, Windows Explorer stürzt ab Hallo, ich habe ein Problem mit meinem Laptop. Dieses ist seit heute aufgetreten, dabei kommt ständig die Fehlermeldung Reporting funktioniert nicht mehr. Danach habe ich im Windowssicherheitscenter geschaut und gesehen das die Firewall aus ist, diese lässt sich auch nicht starten. Als Antiviren Programm benutze ich Antivir, dieses zeigt mir aber keine Fehler oder Viren an. Deshalb versuchte ich anschließend ein anderes Virenprogramm zu installieren, dies schlug aber egal bei welchen Programm fehl, indem der Windows explorer abstürzte. Da ich keine Ahnung davon habe was es sein könnte bitte ich euch um Hilfe. Das einzige was ich hinbekommen habe ist der Scan mit OTL, hab ich hier im Forum gelesen. Ich habe euch mal die beiden Logfiles angefügt die er mir angezeigt hat. 1. OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Samsung\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,44% Memory free 6,21 Gb Paging File | 4,90 Gb Available in Paging File | 78,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 143,00 Gb Total Space | 105,49 Gb Free Space | 73,77% Space Free | Partition Type: NTFS Drive D: | 143,09 Gb Total Space | 79,02 Gb Free Space | 55,22% Space Free | Partition Type: NTFS Computer Name: **** | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Fotoschau] -- "C:\Program Files\Pixum\Pixum Fotobuch\Fotoschau.exe" -d "%1" () Directory [Pixum Fotobuch] -- "C:\Program Files\Pixum\Pixum Fotobuch\Pixum Fotobuch.exe" "%1" () Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-461473404-4059694512-430261135-1003] "EnableNotificationsRef" = 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{13F24517-A679-480A-8281-4B94C8CFCC92}" = rport=139 | protocol=6 | dir=out | app=system | "{14315AEE-9EDC-4179-AE23-992AEE7822A6}" = lport=139 | protocol=6 | dir=in | app=system | "{306F8DD5-045C-4967-8594-A703435FA82E}" = rport=138 | protocol=17 | dir=out | app=system | "{44A5D88A-21D7-4363-8AD4-FBDAE64E6ED0}" = lport=445 | protocol=6 | dir=in | app=system | "{45472588-FAC0-47CB-AFD9-63D6BB69FAFD}" = lport=137 | protocol=17 | dir=in | app=system | "{4BF367EB-4124-465C-8DB0-7DE190A817D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{68EDB7CD-9198-4827-82CC-43C13D1607AB}" = lport=138 | protocol=17 | dir=in | app=system | "{6A8B7A2D-E86A-42D0-BC03-38480890C14F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{CD97FB65-BE4A-4E4F-8670-A5511B9A207D}" = rport=137 | protocol=17 | dir=out | app=system | "{DF35A2C2-F78B-4BD9-B318-DD07F89D9ADB}" = rport=445 | protocol=6 | dir=out | app=system | "{EAA3D75C-C09B-4919-B619-49A17907D068}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{105FFEB6-74D9-4253-A6E8-EC096D00EE03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E163527-D76A-4529-BC27-9474CF23F98D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B9429754-A15D-48AE-911D-254711D91221}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D9B572E9-452B-4917-B48D-8652376E6B01}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F04FB8FC-F1BD-4B04-8917-99E54A2B47BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "TCP Query User{6A3C0721-9315-4DF8-80A0-CF5915FA60D2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{01B394F8-135E-40B3-945F-E2FB2F9474EE}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung "{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer "{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0 "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client "{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.60 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera "{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Intel(R) PROSet/Wireless WiFi-Software "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avira AntiVir Desktop" = Avira Free Antivirus "Business Contact Manager für Outlook 2007" = Business Contact Manager für Outlook 2007 "InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0 "InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de) "Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1) "NVIDIA Drivers" = NVIDIA Drivers "Pixum Fotobuch" = Pixum Fotobuch "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.1.11 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 29.11.2011 16:18:24 | Computer Name = Samsung-PC | Source = System Restore | ID = 8193 Description = Error - 30.11.2011 04:51:15 | Computer Name = Samsung-PC | Source = WinMgmt | ID = 10 Description = Error - 30.11.2011 11:00:26 | Computer Name = Samsung-PC | Source = WinMgmt | ID = 10 Description = Error - 30.11.2011 13:27:55 | Computer Name = Samsung-PC | Source = System Restore | ID = 8193 Description = Error - 01.12.2011 05:05:02 | Computer Name = Samsung-PC | Source = WinMgmt | ID = 10 Description = Error - 01.12.2011 12:10:30 | Computer Name = Samsung-PC | Source = WinMgmt | ID = 10 Description = Error - 01.12.2011 15:14:11 | Computer Name = Samsung-PC | Source = System Restore | ID = 8193 Description = Error - 02.12.2011 15:43:10 | Computer Name = Samsung-PC | Source = WinMgmt | ID = 10 Description = Error - 02.12.2011 15:52:03 | Computer Name = Samsung-PC | Source = System Restore | ID = 8193 Description = Error - 02.12.2011 16:25:25 | Computer Name = Samsung-PC | Source = System Restore | ID = 8193 Description = [ System Events ] Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 17.08.2011 22:00:14 | Computer Name = Samsung-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 17.08.2011 22:00:20 | Computer Name = Samsung-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = < End of report > 2. OTL logfile created on: 14.12.2011 21:20:22 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Samsung\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,44% Memory free 6,21 Gb Paging File | 4,90 Gb Available in Paging File | 78,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 143,00 Gb Total Space | 105,49 Gb Free Space | 73,77% Space Free | Partition Type: NTFS Drive D: | 143,09 Gb Total Space | 79,02 Gb Free Space | 55,22% Space Free | Partition Type: NTFS Computer Name: ***** | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Processes (SafeList) ========== PRC - [2011.12.14 21:19:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Samsung\Downloads\OTL.exe PRC - [2011.11.23 20:03:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.19 16:55:49 | 000,490,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avscan.exe PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.10.19 16:55:47 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avcenter.exe PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.05.23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe PRC - [2008.05.23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008.05.22 09:33:54 | 000,688,128 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008.04.25 13:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008.04.17 07:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 03:23:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Programme\Windows Defender\MpCmdRun.exe PRC - [2007.07.04 23:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2006.04.14 02:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe ========== Modules (No Company Name) ========== MOD - [2011.11.23 20:03:40 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.11.22 16:16:53 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2006.08.12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll MOD - [2006.08.12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll MOD - [2006.08.12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ========== Win32 Services (SafeList) ========== SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2008.05.23 06:11:56 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008.05.23 05:43:52 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008.05.13 00:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011.12.09 13:47:05 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.09.12 05:01:15 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2008.08.05 19:29:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.07.26 20:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.06.05 08:30:28 | 000,242,048 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008.05.20 20:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.05.08 10:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R) DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007.09.13 07:17:58 | 000,755,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006.11.28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http:\\www.samsungcomputer.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.23 20:03:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.11.03 20:48:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.08.12 15:45:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Extensions [2011.12.14 21:07:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung\AppData\Roaming\mozilla\Firefox\Profiles\vnv6h7an.default\extensions [2011.11.23 20:03:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.11.23 20:03:41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.10 12:04:56 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.10 12:04:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.10 12:04:56 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.10 12:04:56 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.10 12:04:56 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.10 12:04:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA6C1258-C5CE-4F48-AB68-6B7B7EDFCCE1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F009BE4F-4C71-4BA8-8067-35C4DB559888}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img34.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img34.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 60 Days ========== [2011.12.07 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\Skype [2011.12.07 20:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.12.07 20:39:52 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2011.12.07 20:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.11.22 00:24:32 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\QuickScan [2011.11.22 00:09:10 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\Avira [2011.11.22 00:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.11.22 00:04:38 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011.11.22 00:04:37 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.11.22 00:04:37 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.11.22 00:04:37 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2011.11.22 00:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.11.22 00:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011.11.21 23:41:21 | 000,000,000 | -HSD | C] -- C:\found.000 [2011.11.21 22:22:55 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Windows Live [2011.11.21 22:22:52 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\{E326ACD9-A411-434E-95A7-3647F2508508} [2011.11.20 17:58:07 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Microsoft Games [2011.11.20 11:59:43 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Thunderbird [2011.11.20 11:16:57 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Mozilla [2011.11.20 11:16:42 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Adobe [2011.11.20 11:16:20 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Temp [2011.11.20 11:16:20 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\Microsoft [2011.11.18 01:21:12 | 000,000,000 | ---D | C] -- C:\Users\Samsung\dwhelper [2011.11.12 16:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software [2011.11.12 16:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011.11.03 20:48:17 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Roaming\Thunderbird [2011.11.03 20:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2011.11.03 20:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2011.11.03 20:45:44 | 000,000,000 | ---D | C] -- C:\Users\Samsung\AppData\Local\{1E5E10D4-DBD2-4B78-BD11-20635E615094} [2011.11.03 11:52:40 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.10.20 23:41:34 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\Neuer Ordner (2) [2011.10.20 23:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2011.10.19 15:39:22 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\EbayPics [2011.10.16 12:38:58 | 000,000,000 | ---D | C] -- C:\Users\Samsung\Desktop\Studium ========== Files - Modified Within 60 Days ========== [2011.12.14 20:55:44 | 000,689,222 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.12.14 20:55:44 | 000,645,608 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.12.14 20:55:44 | 000,150,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.12.14 20:55:44 | 000,122,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.12.14 20:50:47 | 000,028,029 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011.12.14 20:50:47 | 000,028,029 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011.12.14 20:50:39 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.14 20:50:39 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.14 20:50:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.14 20:50:23 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys [2011.12.09 13:56:49 | 001,688,949 | ---- | M] () -- C:\Users\Samsung\Desktop\HPLC-Seminar.pdf [2011.12.09 13:47:05 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.12.09 12:54:55 | 000,001,356 | ---- | M] () -- C:\Users\Samsung\AppData\Local\d3d9caps.dat [2011.12.04 23:09:35 | 000,000,097 | ---- | M] () -- C:\Windows\System32\dmlg.dat [2011.11.30 22:57:15 | 000,101,461 | ---- | M] () -- C:\Users\Samsung\Desktop\mt_11_2.pdf [2011.11.30 22:57:01 | 000,114,310 | ---- | M] () -- C:\Users\Samsung\Desktop\mt_11_1.pdf [2011.11.22 16:16:53 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.11.19 14:28:14 | 000,266,895 | ---- | M] () -- C:\Users\Samsung\Desktop\Prot.-2.jpg [2011.11.19 10:21:36 | 000,270,639 | ---- | M] () -- C:\Users\Samsung\Desktop\Prot.-1.jpg [2011.11.12 16:10:32 | 000,391,811 | ---- | M] () -- C:\Users\Samsung\Desktop\Geomet.pdf [2011.11.12 16:10:27 | 000,128,777 | ---- | M] () -- C:\Users\Samsung\Desktop\kfgeo.pdf [2011.11.12 16:07:42 | 000,107,851 | ---- | M] () -- C:\Users\Samsung\Desktop\uebvec.pdf [2011.11.12 16:01:01 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.10.24 13:54:26 | 000,000,055 | ---- | M] () -- C:\Windows\KMSTMVM.ini [2011.10.24 13:45:59 | 000,402,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.10.24 13:44:38 | 000,008,605 | ---- | M] () -- C:\Users\Samsung\Documents\Unbenannt 1.ods [2011.10.22 14:54:21 | 000,002,625 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Update Plus.lnk [2011.10.19 17:41:00 | 000,529,343 | ---- | M] () -- C:\Users\Samsung\Desktop\Scannen0001.pdf [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys ========== Files Created - No Company Name ========== [2011.12.09 13:56:49 | 001,688,949 | ---- | C] () -- C:\Users\Samsung\Desktop\HPLC-Seminar.pdf [2011.12.04 23:09:35 | 000,000,097 | ---- | C] () -- C:\Windows\System32\dmlg.dat [2011.11.30 22:57:15 | 000,101,461 | ---- | C] () -- C:\Users\Samsung\Desktop\mt_11_2.pdf [2011.11.30 22:57:01 | 000,114,310 | ---- | C] () -- C:\Users\Samsung\Desktop\mt_11_1.pdf [2011.11.19 10:21:36 | 000,270,639 | ---- | C] () -- C:\Users\Samsung\Desktop\Prot.-1.jpg [2011.11.19 10:21:36 | 000,266,895 | ---- | C] () -- C:\Users\Samsung\Desktop\Prot.-2.jpg [2011.11.12 16:10:32 | 000,391,811 | ---- | C] () -- C:\Users\Samsung\Desktop\Geomet.pdf [2011.11.12 16:10:27 | 000,128,777 | ---- | C] () -- C:\Users\Samsung\Desktop\kfgeo.pdf [2011.11.12 16:07:41 | 000,107,851 | ---- | C] () -- C:\Users\Samsung\Desktop\uebvec.pdf [2011.11.12 16:01:01 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.11.12 16:01:01 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.10.24 13:44:36 | 000,008,605 | ---- | C] () -- C:\Users\Samsung\Documents\Unbenannt 1.ods [2011.10.19 17:41:00 | 000,529,343 | ---- | C] () -- C:\Users\Samsung\Desktop\Scannen0001.pdf [2011.09.22 17:57:01 | 000,000,055 | ---- | C] () -- C:\Windows\KMSTMVM.ini [2011.08.18 02:35:16 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.08.18 02:35:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.08.12 16:48:53 | 000,028,029 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011.08.12 16:45:55 | 000,028,029 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011.08.12 15:33:44 | 000,027,648 | ---- | C] () -- C:\Users\Samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.08.03 08:50:23 | 000,001,356 | ---- | C] () -- C:\Users\Samsung\AppData\Local\d3d9caps.dat [2008.09.12 20:41:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.09.12 05:03:48 | 000,001,670 | ---- | C] () -- C:\Windows\HotFixList.ini [2008.09.12 05:03:25 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2008.09.12 05:03:06 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008.09.12 05:03:06 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008.09.12 04:56:00 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe [2008.09.12 04:56:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe [2008.09.12 04:54:39 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll [2008.09.11 16:12:00 | 000,689,222 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.09.11 16:12:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.09.11 16:12:00 | 000,150,990 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.09.11 16:12:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.09.11 16:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.02.09 17:03:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2008.01.21 03:24:53 | 000,112,128 | ---- | C] () -- C:\Windows\System32\netdiagfx.dll [2008.01.21 03:24:04 | 000,009,216 | ---- | C] () -- C:\Windows\System32\wship6.dll [2007.02.26 08:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,402,112 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,645,608 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,122,436 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.11.14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll < End of report > Viele Grüße Seppel89 |
| Themen zu Windows Reporting funktioniert nicht mehr, Firewall startet nicht, Windows Explorer stürzt ab |
| autorun, avg, avira, desktop, error, excel, excel.exe, explorer stürzt ab, fehlermeldung, flash player, format, funktioniert nicht mehr, home, install.exe, microsoft office 2003, microsoft office word, mozilla, mozilla thunderbird, nvlddmkm.sys, office 2007, plug-in, problem, programm, realtek, registry, rundll, scan, security, server, software, tcp, udp, vista, windows, wlan |
Baum-Darstellung