Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.11.2010, 01:01   #1
[D] wie Dima
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Beitrag

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



Hallo alle zusamen ich wollt euch fragen ob ihr mir bei meinem problem helfen könnt? Wenn ich [ALT][Strg]und [Entf]klicke steht dort nichts vom Task-Manager,bei meiner Taskleiste kann ich mein Task-Manager nicht zugreifen
und dieses Regedit.exe will sich nicht öffnen dort steht nur "Die Bearbeitung der Regrestrierung wurde durch den Administrator Deaktiviert."Was soll ich tun ich BITTE um hilfe.Ich habe mein Laptop mit Avira AntiVir untersucht doch der fand nichts ich denke das es sich um eine spyware oder ein Keylogger handelt.


Hier ist die Log File von HiJackThis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:43:25, on 07.11.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\PC Tools Security\pctsGui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\ASPIRE 7740G\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{80A4CC7D-A1A2-4587-A953-E9E3B2C237BF}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [HKLM] c:\dir\install\install\iexplorer.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ASPIRE 7740G\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Driver Updater] "C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe" /minimized
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [HKCU] C:\dir\install\install\iexplorer.exe
O4 - HKCU\..\Run: [Windows Update] C:\Windows\system32\Gh0sts~l!f3.exe
O4 - HKCU\..\Run: [Firefox] C:\Program Files (x86)\GamersFirst\War Rock\Gh0sts~l!f3.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [SpybotDeletingB3023] command.com /c del "C:\Windows\System32\28463\BGKF.001"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2887] cmd.exe /c del "C:\Windows\System32\28463\BGKF.001"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7474] command.com /c del "C:\Windows\System32\28463\BGKF.002"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1240] cmd.exe /c del "C:\Windows\System32\28463\BGKF.002"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5732] command.com /c del "C:\Windows\System32\28463\BGKF.008"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5979] cmd.exe /c del "C:\Windows\System32\28463\BGKF.008"
O4 - HKCU\..\RunOnce: [SpybotDeletingB374] command.com /c del "C:\Windows\System32\28463\DWKH.001"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2479] cmd.exe /c del "C:\Windows\System32\28463\DWKH.001"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2727] command.com /c del "C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8018] cmd.exe /c del "C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1281] command.com /c del "C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD436] cmd.exe /c del "C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL"
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\ASPIRE 7740G\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16890 bytes


Naja ich glaube das ihr mit dieser Sache etwas anfangen könnt.

Alt 07.11.2010, 02:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Standard

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



Hallo und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.



Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 07.11.2010, 12:04   #3
[D] wie Dima
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Pfeil

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



So hier ist die Log datei der Malwarebytes:



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5065

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.11.2010 12:00:23
mbam-log-2010-11-07 (12-00-23).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 432416
Laufzeit: 1 Stunde(n), 48 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 10
Infizierte Dateien: 49

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{576dbu78-oo30-qgf2-06np-0b3nnm054o5l} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\victim (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Backdoor.Bot) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\DisableCMD (Hijack.CMDPrompt) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\5.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\6.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Users\ASPIRE 7740G\AppData\Local\Temp\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\AppData\Local\Temp\Svchost.bat (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\AppData\Local\Temp\$inst\17.tmp (Trojan.Genome) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\Documents\ICQ\630230577\ReceivedFiles\326752315 _LIL`_\rzr-cod4-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP1099.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP188A.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP22F9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP2E76.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP2ECC.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP2FEB.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP3118.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP334C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP340E.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP38C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP3934.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP3B89.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP41BA.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP4EEB.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP577A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP5C3F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP5F39.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP692.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP6AAE.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP7F2B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP8852.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP89C9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP8F3C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP904C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP91B7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP9E3F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPA5AD.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPAA60.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPABF.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPC31.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPC71B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPC827.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPD8CE.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPE3C2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPEAEE.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPECFD.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPEF2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPFC39.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMPFFF2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\ASPIRE 7740G\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\install\svchost.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.


so mehr ist nicht drin aber hilft mir bitte

GEZ. [D] wie Dima
__________________

Alt 07.11.2010, 12:34   #4
[D] wie Dima
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Pfeil

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



bei den Malwarebytes konnte ich meinen Taskmanager wieder aufrufen doch meine Administratoren rechte hab ich nicht.Die OTL.exe lief ich laufen und hier sind dann die log files der OTL.exe.Einmal der OTL text:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.11.2010 12:16:36 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\ASPIRE 7740G\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,35 Gb Total Space | 462,52 Gb Free Space | 79,15% Space Free | Partition Type: NTFS
 
Computer Name: ASPIRE7740G-PC | User Name: ASPIRE 7740G | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.11.07 12:05:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ASPIRE 7740G\Downloads\OTL.exe
PRC - [2010.10.30 22:05:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.30 22:05:02 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.10.01 11:27:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010.09.16 10:26:00 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010.09.11 19:23:33 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.08.30 07:03:22 | 001,145,816 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
PRC - [2010.06.03 01:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.05.21 21:19:26 | 002,937,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2010.04.01 12:33:16 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.15 12:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
PRC - [2010.03.02 10:28:24 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 09:28:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.02.11 08:50:54 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.11.12 19:29:08 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.11.02 00:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.10.29 03:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.10.01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.25 00:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.09.25 00:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.09.11 06:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009.09.11 06:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.04 22:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.07.10 15:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2009.07.10 02:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2009.06.18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.11.07 12:05:38 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ASPIRE 7740G\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2009.12.10 10:15:06 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.11.05 20:30:46 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.10.01 11:27:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.09.23 06:57:57 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010.09.11 19:23:33 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.08.30 07:03:22 | 001,145,816 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010.06.06 17:32:00 | 003,819,912 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010.04.01 12:33:16 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.15 12:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010.02.24 09:28:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.10.20 18:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009.10.01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.30 14:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.09.25 00:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.09.11 06:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.07.10 02:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009.06.18 02:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009.04.30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009.03.28 03:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2010.08.18 12:51:18 | 000,254,624 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010.07.16 13:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010.06.29 09:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010.05.11 19:45:27 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010.03.02 12:35:02 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.02.16 13:24:02 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.02.03 14:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.12.10 12:40:30 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.11.06 21:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.03 15:33:44 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.11.02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.10.26 21:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.14 19:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009.10.02 17:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.01 13:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.08.13 20:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.08.06 13:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.07.22 23:06:26 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.25 03:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.25 04:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008.05.16 11:33:06 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdm.sys -- (s0016mdm)
DRV:64bit: - [2008.05.16 11:33:06 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV:64bit: - [2008.05.16 11:33:06 | 000,137,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008.05.16 11:33:06 | 000,136,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016obex.sys -- (s0016obex)
DRV:64bit: - [2008.05.16 11:33:06 | 000,034,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV:64bit: - [2008.05.16 11:33:04 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV:64bit: - [2008.05.16 11:32:56 | 000,115,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV:64bit: - [2008.01.09 10:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV - [2009.11.12 19:29:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/11 08:58:10] [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2005.01.04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{80A4CC7D-A1A2-4587-A953-E9E3B2C237BF}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7740&r=27360310d326l0438z175t7401c086
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.135
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.30 22:05:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.30 22:05:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010.05.11 19:46:22 | 000,000,000 | ---D | M]
 
[2010.07.17 19:38:30 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Extensions
[2010.11.06 15:28:24 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions
[2010.10.16 14:03:10 | 000,000,000 | ---D | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010.08.14 17:30:14 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.11.06 11:54:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.09.24 16:33:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.12 14:01:00 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\ASPIRE 7740G\AppData\Roaming\mozilla\Firefox\Profiles\y6fa6mnj.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.11.05 07:39:32 | 000,000,950 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\Mozilla\FireFox\Profiles\y6fa6mnj.default\searchplugins\icqplugin-1.xml
[2010.08.15 17:09:55 | 000,001,056 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\Mozilla\FireFox\Profiles\y6fa6mnj.default\searchplugins\icqplugin.xml
[2010.10.23 22:27:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.08.14 12:48:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.23 22:27:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.07.18 09:11:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.06.26 09:03:55 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 09:03:55 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.26 09:03:55 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.26 09:03:55 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.26 09:03:55 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [WindowsUpdater] C:\Users\ASPIRE~1\AppData\Local\Temp\Svchost.bat File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Driver Updater] C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe (Media Fog Ltd.)
O4 - HKCU..\Run: [Firefox] C:\Program Files (x86)\GamersFirst\War Rock\Gh0sts~l!f3.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe File not found
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 1
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\ASPIRE 7740G\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\ASPIRE 7740G\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.07 09:59:36 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Malwarebytes
[2010.11.07 09:59:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.07 09:59:24 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.07 09:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.07 09:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.06 23:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.11.06 23:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.01 13:14:13 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\uTorrent
[2010.10.31 13:23:25 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.10.31 13:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011
[2010.10.30 22:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eDgMt2
[2010.10.27 12:46:14 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.10.27 12:46:14 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.10.27 12:46:11 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.10.27 12:46:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.10.27 12:46:11 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.10.27 12:46:11 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.10.27 12:46:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.10.27 12:45:47 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.10.23 22:27:35 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.10.23 22:27:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.10.23 22:27:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.10.21 20:32:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.10.21 20:28:40 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\TeamViewer
[2010.10.15 07:12:13 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2010.10.15 07:12:13 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2010.10.15 07:12:12 | 000,329,320 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2010.10.15 07:12:12 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2010.10.15 07:12:11 | 000,254,624 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2010.10.15 07:11:58 | 000,177,904 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplfw64.sys
[2010.10.15 07:11:58 | 000,116,616 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys
[2010.10.15 07:11:58 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2010.10.15 07:11:58 | 000,042,968 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-DNS64.sys
[2010.10.15 07:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2010.10.15 07:11:38 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\PC Tools
[2010.10.14 19:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.10.14 15:12:48 | 000,000,000 | ---D | C] -- C:\dir
[2010.10.14 13:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HijackThis
[2010.10.14 12:51:44 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Registry Mechanic
[2010.10.14 12:49:13 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2010.10.14 12:49:13 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2010.10.14 12:49:13 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2010.10.14 12:49:13 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2010.10.14 12:49:12 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2010.10.14 12:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2010.10.14 12:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Mechanic
[2010.10.14 09:18:28 | 000,000,000 | ---D | C] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Template
[2010.10.14 09:07:22 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.10.13 21:02:01 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.10.13 21:02:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.10.13 21:02:00 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.10.13 21:01:59 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.10.13 21:01:37 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.10.13 21:01:33 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.10.13 21:01:33 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.10.13 21:01:32 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.10.13 21:01:32 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.10.13 21:01:28 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.10.13 21:01:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.10.13 21:01:28 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.10.13 21:01:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.10.13 21:01:27 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.10.13 21:01:27 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.10.13 21:01:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.10.13 21:01:27 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.10.13 21:01:27 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.10.13 21:01:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.10.13 21:01:27 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.10.13 21:01:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.10.13 21:01:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.10.13 21:01:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.10.13 21:01:21 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.10.13 21:01:20 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.10.13 21:01:20 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.10.13 21:01:19 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.10.13 21:01:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.10.09 11:03:42 | 000,000,000 | ---D | C] -- C:\Windows\install
[2010.09.30 19:18:25 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe4CDE.dll
[2010.09.30 19:14:38 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeD6F4.dll
[2009.11.05 04:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.07 12:20:34 | 000,032,768 | ---- | M] (FunWebProducts.com) -- C:\Windows\SysWow64\f3PSSavr.scr
[2010.11.07 12:18:19 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.07 12:18:19 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.07 12:10:08 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.07 12:09:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.07 12:09:42 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.07 12:06:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.07 12:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\Acer Registration Reminder.job
[2010.11.07 11:55:01 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1563100229-3789700659-829175354-1000UA.job
[2010.11.07 09:59:29 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.07 00:20:35 | 000,000,432 | ---- | M] () -- C:\Windows\wininit.ini
[2010.11.06 23:59:59 | 000,001,262 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Spybot - Search & Destroy.lnk
[2010.11.06 20:55:41 | 000,002,442 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Google Chrome.lnk
[2010.11.06 20:17:31 | 000,007,168 | -H-- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\upx.exe
[2010.11.06 19:24:28 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2010.11.06 18:28:00 | 000,000,512 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ASPIRE 7740G.job
[2010.11.06 12:55:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1563100229-3789700659-829175354-1000Core.job
[2010.11.06 11:50:29 | 003,731,584 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische house musik 2010.mp3
[2010.11.06 11:47:46 | 003,737,728 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Ich Liebe Dich (russisch).mp3
[2010.11.06 11:43:55 | 005,013,632 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Dimon Mc - Ich bin Russe.mp3
[2010.10.31 13:22:11 | 000,001,287 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.10.31 11:27:23 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.31 11:27:23 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.31 11:27:23 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.31 11:27:23 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.31 11:27:23 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.30 22:13:11 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\eDgMt2 Client v1.lnk
[2010.10.30 11:18:17 | 502,894,078 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.10.27 12:45:14 | 001,246,134 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010.10.26 18:02:42 | 000,003,072 | ---- | M] () -- C:\Windows\SysWow64\Cache.db
[2010.10.22 11:18:03 | 000,833,415 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Lebensmittel-Liste.pdf
[2010.10.21 17:25:21 | 000,301,005 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Fun Hack nur für DICH.exe
[2010.10.21 11:13:56 | 000,000,219 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Half-Life 2 Lost Coast.url
[2010.10.21 11:13:56 | 000,000,219 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\Half-Life 2 Deathmatch.url
[2010.10.14 15:12:53 | 000,065,085 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\SQLite3.dll
[2010.10.14 14:11:10 | 000,072,549 | ---- | M] () -- C:\Windows\regedit.rar
[2010.10.14 12:59:01 | 002,531,328 | ---- | M] () -- C:\Users\ASPIRE 7740G\s-1-5-21-1563100229-3789700659-829175354-1000.rrr
[2010.10.14 10:40:36 | 000,000,760 | ---- | M] () -- C:\Windows\[WR]Config.ini
[2010.10.14 09:18:13 | 000,000,000 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\wklnhst.dat
[2010.10.14 08:53:42 | 000,000,062 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Local\TempCMD2.reg
[2010.10.14 06:56:54 | 000,343,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.12 14:25:08 | 000,001,140 | ---- | M] () -- C:\Users\ASPIRE 7740G\Desktop\CrossFire.lnk
[2010.10.12 12:38:57 | 000,036,864 | ---- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\werfault.exe
[2010.10.09 13:58:51 | 000,011,693 | -H-- | M] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\ASPIRE 7740Glog.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.07 09:59:29 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.07 00:20:34 | 000,000,432 | ---- | C] () -- C:\Windows\wininit.ini
[2010.11.06 23:59:59 | 000,001,262 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Spybot - Search & Destroy.lnk
[2010.11.06 20:17:31 | 000,007,168 | -H-- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\upx.exe
[2010.11.06 11:50:07 | 003,731,584 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische house musik 2010.mp3
[2010.11.06 11:47:26 | 003,737,728 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Ich Liebe Dich (russisch).mp3
[2010.11.06 11:43:33 | 005,013,632 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Dimon Mc - Ich bin Russe.mp3
[2010.10.31 13:22:11 | 000,001,287 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.10.30 22:13:11 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\eDgMt2 Client v1.lnk
[2010.10.26 18:02:36 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\Cache.db
[2010.10.22 11:18:03 | 000,833,415 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Lebensmittel-Liste.pdf
[2010.10.21 20:53:54 | 000,301,005 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Fun Hack nur für DICH.exe
[2010.10.21 11:13:56 | 000,000,219 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Half-Life 2 Lost Coast.url
[2010.10.21 11:13:56 | 000,000,219 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\Half-Life 2 Deathmatch.url
[2010.10.15 07:12:13 | 001,246,134 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010.10.14 15:12:53 | 000,065,085 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\SQLite3.dll
[2010.10.14 14:11:05 | 000,072,549 | ---- | C] () -- C:\Windows\regedit.rar
[2010.10.14 12:59:01 | 002,531,328 | ---- | C] () -- C:\Users\ASPIRE 7740G\s-1-5-21-1563100229-3789700659-829175354-1000.rrr
[2010.10.14 12:49:45 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2010.10.14 12:49:13 | 000,040,408 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2010.10.14 09:18:13 | 000,000,000 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\wklnhst.dat
[2010.10.14 09:18:01 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\Acer Registration Reminder.job
[2010.10.14 08:53:42 | 000,000,062 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Local\TempCMD2.reg
[2010.10.12 14:25:08 | 000,001,140 | ---- | C] () -- C:\Users\ASPIRE 7740G\Desktop\CrossFire.lnk
[2010.10.12 12:38:57 | 000,036,864 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\werfault.exe
[2010.10.11 17:20:14 | 000,000,760 | ---- | C] () -- C:\Windows\[WR]Config.ini
[2010.10.04 17:25:24 | 000,007,597 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Local\Resmon.ResmonCfg
[2010.09.26 14:00:59 | 000,053,248 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\chrtmp
[2010.07.26 17:13:14 | 000,000,102 | ---- | C] () -- C:\Windows\SMM_HCEditor.INI
[2010.05.01 21:23:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.25 13:57:27 | 000,007,168 | ---- | C] () -- C:\Users\ASPIRE 7740G\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.11 17:21:45 | 000,001,744 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2010.02.11 09:15:47 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010.02.11 08:52:30 | 000,008,754 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log
[2010.02.11 08:51:01 | 000,000,188 | ---- | C] () -- C:\Windows\PidList.ini
[2009.11.05 04:32:42 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico
[2009.11.05 01:21:23 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.11.05 01:21:23 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.11.05 01:21:23 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2005.04.08 03:16:43 | 000,011,693 | -H-- | C] () -- C:\Users\ASPIRE 7740G\AppData\Roaming\ASPIRE 7740Glog.dat
 
========== LOP Check ==========
 
[2010.06.27 18:48:24 | 000,000,000 | -HSD | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\.#
[2010.10.07 15:21:34 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Azureus
[2010.09.24 16:33:21 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.04.17 20:29:26 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\GameConsole
[2010.11.05 16:53:42 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\ICQ
[2010.10.15 18:39:19 | 000,000,000 | RHSD | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\install
[2010.06.19 00:23:44 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\LolClient
[2010.05.26 15:54:34 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Opera
[2010.10.07 15:21:12 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Raptr
[2010.10.14 13:08:48 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Registry Mechanic
[2010.10.21 21:09:40 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\TeamViewer
[2010.10.14 09:18:28 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Template
[2010.05.10 15:17:00 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\Tific
[2010.11.01 20:28:06 | 000,000,000 | ---D | M] -- C:\Users\ASPIRE 7740G\AppData\Roaming\uTorrent
[2010.11.07 12:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\Acer Registration Reminder.job
[2010.11.06 19:24:28 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2010.10.23 10:27:04 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2010.11.06 11:53:48 | 005,361,664 | ---- | M] ()(C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische Musik ??.mp3) -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische Musik ♥♥.mp3
[2010.11.06 11:53:21 | 005,361,664 | ---- | C] ()(C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische Musik ??.mp3) -- C:\Users\ASPIRE 7740G\Desktop\YouTube        - Russische Musik ♥♥.mp3
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:9F683177
 
< End of report >
         
--- --- ---



Und der Extras Text aber wofür man das brauch hab ich keine Ahnung,naja
Hier der Extras Text:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.11.2010 12:16:36 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\ASPIRE 7740G\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,35 Gb Total Space | 462,52 Gb Free Space | 79,15% Space Free | Partition Type: NTFS
 
Computer Name: ASPIRE7740G-PC | User Name: ASPIRE 7740G | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" File not found
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" File not found
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62909D5D-EE4D-4994-9AA8-ACCB078E40DD}" = S4 League_EU
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.0 MUI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Counter-Strike: Source" = Counter-Strike: Source
"Counter-Strike: Source Texture Pack 1.00" = Counter-Strike: Source Texture Pack 1.00
"Cross Fire_is1" = Cross Fire En
"DivX Setup.divx.com" = DivX-Setup
"eDgMt2 Client v1" = eDgMt2 Client v1
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"HijackThis" = HijackThis 2.0.2
"HyperCam 3" = HyperCam 3
"League of Legends_is1" = League of Legends
"lgx4.lgx.server" = G DATA Logox4 Speechengine
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metin2_is1" = Metin2
"Mijagi-MT2" = Mijagi-MT2
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MyWebSearch bar Uninstall" = My Web Search (Cursor Mania)
"NosTale(DE)_is1" = Nostale(DE)
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Spyware Doctor" = Spyware Doctor 8.0
"Steam App 17505" = Zombie Panic Source Dedicated Server
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"TeamViewer 5" = TeamViewer 5
"Uninstall_is1" = Uninstall 1.0.0.1
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SOE-Clone Wars" = Clone Wars
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 30.10.2010 08:28:48 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Vc.exe, Version: 4.5.3000.9285, Zeitstempel:
 0x4a56bd88  Name des fehlerhaften Moduls: Channel.dll, Version: 4.5.3000.9285, Zeitstempel:
 0x4a563caa  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001d9c6  ID des fehlerhaften Prozesses:
 0x1834  Startzeit der fehlerhaften Anwendung: 0x01cb782927ceeaf8  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Acer\Acer VCM\Vc.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\Acer\Acer VCM\Channel.dll  Berichtskennung: 3e5093f2-e421-11df-9570-00262d8c08b0
 
Error - 30.10.2010 10:46:37 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74737953  ID des fehlerhaften Prozesses:
 0x1abc  Startzeit der fehlerhaften Anwendung: 0x01cb78402bbf76e4  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: 7f0a91e1-e434-11df-9570-00262d8c08b0
 
Error - 31.10.2010 06:54:26 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DivXUpdate.exe, Version: 1.0.1.10,
 Zeitstempel: 0x4c06fc6d  Name des fehlerhaften Moduls: MSVCP80.dll, Version: 8.0.50727.4927,
 Zeitstempel: 0x4a275370  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000100b5  ID des fehlerhaften
 Prozesses: 0x1744  Startzeit der fehlerhaften Anwendung: 0x01cb78e5c96d875e  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCP80.dll
Berichtskennung:
 39d34bef-e4dd-11df-890c-00262d8c08b0
 
Error - 01.11.2010 12:09:14 | Computer Name = ASPIRE7740G-PC | Source = Application Hang | ID = 1002
Description = Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1604    Startzeit: 01cb79df1a4a63fc    Endzeit: 3    Anwendungspfad: 
C:\Windows\system32\NOTEPAD.EXE    Berichts-ID: 5cf2dac5-e5d2-11df-984e-00262d8c08b0
 
 
Error - 01.11.2010 15:26:11 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Name des fehlerhaften Moduls: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00108685  ID des fehlerhaften Prozesses:
 0x14c0  Startzeit der fehlerhaften Anwendung: 0x01cb79f8e3c20ca8  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe
Berichtskennung:
 e23a536b-e5ed-11df-984e-00262d8c08b0
 
Error - 01.11.2010 16:19:37 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Name des fehlerhaften Moduls: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00108685  ID des fehlerhaften Prozesses:
 0xfbc  Startzeit der fehlerhaften Anwendung: 0x01cb7a01e4812e3f  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe
Berichtskennung:
 590807c5-e5f5-11df-984e-00262d8c08b0
 
Error - 03.11.2010 09:26:09 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarRock.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cc19ec8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x3f800000  ID des fehlerhaften Prozesses:
 0x146c  Startzeit der fehlerhaften Anwendung: 0x01cb7b59c5c32c31  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\GamersFirst\War Rock\System\WarRock.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: eb090e5d-e74d-11df-b9dc-00262d8c08b0
 
Error - 03.11.2010 11:04:11 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crossfire.exe, Version: 1.0.75.9,
 Zeitstempel: 0x4cc66aca  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdbdf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x1468  Startzeit der fehlerhaften Anwendung: 0x01cb7b66cc078dc2  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Z8Games\CrossFire\crossfire.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 9d0a81bf-e75b-11df-b9dc-00262d8c08b0
 
Error - 05.11.2010 12:18:40 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cb4a756  Name des fehlerhaften Moduls: client.dll, Version: 0.0.0.0, Zeitstempel:
 0x4caa9350  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0017b106  ID des fehlerhaften Prozesses:
 0x15a8  Startzeit der fehlerhaften Anwendung: 0x01cb7cf06df51636  Pfad der fehlerhaften
 Anwendung: c:\program files (x86)\steam\steamapps\rubenxxl1173\half-life 2 deathmatch\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\steam\steamapps\rubenxxl1173\half-life
 2 deathmatch\hl2mp\bin\client.dll  Berichtskennung: 59ba551c-e8f8-11df-b400-00262d8c08b0
 
Error - 05.11.2010 13:23:25 | Computer Name = ASPIRE7740G-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4445c334  Name des fehlerhaften Moduls: scenefilecache.dll, Version: 0.0.0.0, Zeitstempel:
 0x4474ce19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e2c  ID des fehlerhaften Prozesses:
 0x1a20  Startzeit der fehlerhaften Anwendung: 0x01cb7d0da0c8d40c  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counter-Strike Source\hl2.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Counter-Strike Source\bin\scenefilecache.dll  Berichtskennung:
 6512c8be-e901-11df-b400-00262d8c08b0
 
[ Media Center Events ]
Error - 09.05.2010 07:41:11 | Computer Name = ASPIRE7740G-PC | Source = MCUpdate | ID = 0
Description = 13:41:10 - Fehler beim Herstellen der Internetverbindung.  13:41:11 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.05.2010 07:41:33 | Computer Name = ASPIRE7740G-PC | Source = MCUpdate | ID = 0
Description = 13:41:16 - Fehler beim Herstellen der Internetverbindung.  13:41:16 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.05.2010 08:41:38 | Computer Name = ASPIRE7740G-PC | Source = MCUpdate | ID = 0
Description = 14:41:38 - Fehler beim Herstellen der Internetverbindung.  14:41:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.05.2010 08:41:44 | Computer Name = ASPIRE7740G-PC | Source = MCUpdate | ID = 0
Description = 14:41:43 - Fehler beim Herstellen der Internetverbindung.  14:41:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 07.11.2010 07:12:18 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 07.11.2010 07:12:27 | Computer Name = ASPIRE7740G-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
 
< End of report >
         
--- --- ---

Alt 07.11.2010, 20:17   #5
[D] wie Dima
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Standard

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



lol hilft mir über haupt noch einer ???BITTE


Alt 07.11.2010, 23:30   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Daumen runter

Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit



Zitat:
:\Users\ASPIRE 7740G\Documents\ICQ\630230577\ReceivedFiles\326752315 _LIL`_\rzr-cod4-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

lol hilft mir über haupt noch einer ???BITTE
Soso, illegale Software nutzen und dann auch noch rumdrängeln, sowas "liebe" ich!
Dass keygens und cracks in fast allen Fällen verseucht sind, sollte mittlerweile in jedes verschlafene Nest angekommen sein und dass sowas nicht erlaubt ist, sollte jedem mit gesunden Verstand auch klar sein

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
--> Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit

Antwort

Themen zu Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit
antivir, antivir guard, avira, avp, bearbeitung, bho, components, converter, desktop, excel, firefox, frage, hijack, hijackthis, internet, internet explorer, kaspersky, locker, log file, mozilla, mp3, mywinlocker, nicht öffnen, notification, pando media booster, problem, safer networking, security, skype.exe, software, spyware, symantec, syswow64, tastatur, windows



Ähnliche Themen: Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit


  1. Task-Manager/Regedit schließen sich schnell von allein.
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (16)
  2. Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (6)
  3. .exe-Dateien + Task-Manager öffnen nicht, Sys-Wiederherstellung klappt nicht
    Log-Analyse und Auswertung - 11.05.2011 (3)
  4. Windows 7 Task-Manager startet nicht / Regedit nicht möglich.
    Log-Analyse und Auswertung - 06.11.2010 (1)
  5. Task-Manager und regedit lassen sich nicht öffnen
    Log-Analyse und Auswertung - 22.10.2010 (5)
  6. Windows 7 Task Manager startet nicht mehr - Regedit nicht möglich!
    Log-Analyse und Auswertung - 18.09.2010 (4)
  7. Task-Manager öffnet nicht / PC langsam
    Log-Analyse und Auswertung - 06.10.2009 (3)
  8. Mein Windows-Task Manager stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 04.09.2009 (1)
  9. msconfig, regedit, task manager etc. lassen sich nicht starten
    Log-Analyse und Auswertung - 17.03.2009 (3)
  10. Task-Manager funktioniert nicht mehr!
    Log-Analyse und Auswertung - 30.12.2008 (27)
  11. IE funktioniert nicht mehr, Task-Manager lässt sich nicht starten
    Mülltonne - 27.09.2008 (0)
  12. Problem mit Task Manager, Regedit...
    Mülltonne - 12.08.2007 (3)
  13. explorer.exe NICHT im task Manager !VIRUS!
    Plagegeister aller Art und deren Bekämpfung - 24.07.2006 (6)
  14. Task-Manager und RegEdit blockiert
    Log-Analyse und Auswertung - 13.06.2006 (3)
  15. wsock32.sys keine rechte mehr, kann nicht regedit aufrufen,kein task......
    Log-Analyse und Auswertung - 19.03.2006 (8)
  16. Zu hülfe, mein Task Manager ist nicht mehr vollständig!
    Alles rund um Windows - 28.11.2005 (3)
  17. Task Manager,Geräte Manager,regedit öffnen sich nicht!
    Log-Analyse und Auswertung - 11.04.2005 (1)

Zum Thema Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit - Hallo alle zusamen ich wollt euch fragen ob ihr mir bei meinem problem helfen könnt? Wenn ich [ALT][Strg]und [Entf]klicke steht dort nichts vom Task-Manager,bei meiner Taskleiste kann ich mein Task-Manager - Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit...
Archiv
Du betrachtest: Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.