schädliche Software auf dem Laptop: Price Gong
 

Hallo,

ich habe folgendes Problem: Mein Laptop läuft seit Tagen nicht mehr richtig und ich bekomme immer wieder vom windows Defender die Nachricht, dass ich eine schädliche Software auf dem Laptop habe: Price Gong.
Im Internet lass ich dann von OTL by Oldtimer, also habe ich es heruntergeladen und auf dem Desktop gespeichert und eingestellt und laufen gelassen.
Leider kann ich jetzt mit dem Ergebnis nichts anfangen.
Ich kenne mich ja etwas mit dem Computer aber das ist mir zu kompliziert.
Ich wäre super nett wenn mir jemand helfen könnte.
Hier das Ergebnis.


3,68 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,41% Memory free
7,36 Gb Paging File | 4,95 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 375,63 Gb Free Space | 83,17% Space Free | Partition Type: NTFS

Computer Name: GERNOTH | User Name: Gregor und Silke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05EED5B3-E594-414B-B618-483EA55323A2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0681DC1E-F1BE-405C-9B44-8CA429E4C5C6}" = lport=137 | protocol=17 | dir=in | app=system |
"{1E577221-9134-42E5-B51E-63CB998D8910}" = lport=2869 | protocol=6 | dir=in | app=system |
"{226DB2F8-EE71-49F9-9FC7-647AC64743BD}" = lport=138 | protocol=17 | dir=in | app=system |
"{2DFFB78F-DD3F-4496-B944-A934F629CD2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{343EF911-DF4D-4592-A6F4-71F8B17E53D3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{43DDF133-E5EC-4A67-9B6A-86774581BB0F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48B3F002-7619-479B-B9B6-F1229F93354A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{53ACECC9-6C8A-4986-9A53-D4BAA5EDDCDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5BCB17E7-321A-4DB0-8AFF-2D7861380070}" = rport=139 | protocol=6 | dir=out | app=system |
"{62DEBD65-913D-40C0-8B08-50A181259A03}" = lport=445 | protocol=6 | dir=in | app=system |
"{69C8A1F4-151F-41B6-ADBF-2C21C8ECA878}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6BD87C97-1F6E-40B2-B526-02896E6D0D5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84812C03-2499-47B0-A3B8-5F28E4ED04B3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89AAEFA7-8EA0-41E5-A0B6-37E634992D35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8B8AABA7-7CC2-4F94-AB6B-44B99915422A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B8C43DE-A6EF-4E97-91D5-B8E39A94BA0F}" = rport=138 | protocol=17 | dir=out | app=system |
"{91CCE659-1F83-4F91-8309-E75FE2BEFF30}" = lport=2869 | protocol=6 | dir=in | app=system |
"{94D49C24-3FA0-472C-A67E-E2813A182636}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe |
"{9C28452B-89F0-400B-8EB8-70A6B5080FE8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A8A05876-FC1E-4AFE-92DE-D056385BC9FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{ABA3374B-A2B6-45A2-A7B9-BA815A3C7AC9}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF0CFA2D-6C34-4D4F-9647-3CC4CE3C97EF}" = lport=139 | protocol=6 | dir=in | app=system |
"{B4F1662F-4804-42AD-82A1-BBE1653AC7D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{C95BA621-7944-46D6-96A0-17A17DC32BA6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D284ECF9-6A3B-459B-9353-E127AFA4D913}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9F3A4C4-C68D-4754-908B-655A1F31C3D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F32C8E08-AFC2-4135-AB37-7FDA709B6359}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F88BFC07-DF52-4002-9DDD-D10085DA5C32}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F95D465F-4E5F-4657-842E-24A3BC3B78EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10AF8BBC-D4F5-4DD6-A907-150FE884E927}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{11888A8C-18E7-4B24-8A24-F31338752E09}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{245C58C2-6A9C-4AA5-B4EB-333411D6058C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{28365563-60FB-4B72-A5FD-AC97C288415B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{315A9C90-BD67-4274-A41B-DE680AD3E3F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66B914BA-574B-4AE4-9C65-B8FFEAEF72C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6754B299-AC7C-4EF2-AAD9-B647C6F1BFF5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{73BDE9EB-A068-49F3-975D-5FB6C74AF0FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{7B30B450-EE68-4BE6-9C5C-82D016261034}" = protocol=6 | dir=out | app=system |
"{7F8FAF63-FDAE-4C7E-8F60-ADABDCE40DB3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8EE7A63C-DFCE-40FF-81E7-8B83BF1CBF6C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{90328F96-CDA8-4C12-82EB-759248F1EE5D}" = protocol=6 | dir=out | app=system |
"{9B5E2C2B-6DDA-47B5-9FB1-95E2279E9A65}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A0E634F8-4473-49B3-9F0C-0F4617343D95}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A9E68CA3-AE45-471D-89B5-B0CCBC9502F3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BBB61847-639C-4798-A50F-7BE75DE5ADB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE6FF84E-3C26-4CCC-BF59-3CB12E05F03A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C0876DCA-2E39-478D-901E-D4CBCA1ABF36}" = protocol=6 | dir=out | app=system |
"{CBFAB833-CE29-4BF1-A514-41368167A967}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D2635890-F411-4E16-85AA-EABEB6B7D737}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D84DAE47-8A0B-4B5A-993B-3963B985D26C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DA22B915-0D59-4A51-B73D-546820CC6282}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2532166-BC84-4C3F-AB6C-E347B21BE158}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E90CF593-C6C6-4FE7-8030-74406D4569AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F13E4266-3EAD-4DE1-80E6-56023B65ED71}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{FB255EB6-1AE9-4FCB-AB7A-55A711E760C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FDAD55D6-D80B-48F7-8A49-CAA9DA9CE4BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{4CEF7988-405D-4756-8E91-4F40DC2A8A3A}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe |
"UDP Query User{0B4B3A67-BA13-4899-89EB-C80AFA5AA183}C:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D2A189-A45B-45E8-801F-6D7858EA1933}" = Brickshooter
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7be494e3-e911-4bce-9323-a37bacf445a6}" = Nero 9 Essentials
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{83299633-1261-47A3-84F3-6F02B4B8CDB1}" = Video Web Camera
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Art of Murder 2/DE-German_is1" = Die Kunst des Mordens: Der Marionettenspieler
"AVG Secure Search" = AVG Security Toolbar
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"DungeonSiege 1.0" = Dungeon Siege
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ElsterFormular 13.0.0.8086k" = ElsterFormular
"ElsterFormular für Privatanwender 12.2.0.6412p" = ElsterFormular-Upgrade
"EPSON Scanner" = EPSON Scan
"Filzip 3.0.6.93_is1" = Filzip 3.06
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.908
"Identity Card" = Identity Card
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"LManager" = Launch Manager
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088216" = Agatha Christie - Death on the Nile
"WT088226" = Bejeweled 2 Deluxe
"WT088228" = Build-a-lot 2
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088292" = Zuma Deluxe
"WT088416" = FATE
"WT088420" = Final Drive Nitro
"WT088448" = John Deere Drive Green
"WT088452" = Penguins!
"WT088456" = Polar Bowler
"WT088460" = Polar Golfer
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03.12.2012 14:32:02 | Computer Name = Gernoth | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
Zeitstempel: 0x507284ba Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
Zeitstempel: 0x4e390a54 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000034fd ID des fehlerhaften
Prozesses: 0x1510 Startzeit der fehlerhaften Anwendung: 0x01cdd17d3d3147fd Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll Berichtskennung: badac750-3d77-11e2-9485-1c7508a90faf

Error - 03.12.2012 14:32:19 | Computer Name = Gernoth | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
Zeitstempel: 0x507284ba Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
Zeitstempel: 0x4e390a54 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000034fd ID des fehlerhaften
Prozesses: 0xc04 Startzeit der fehlerhaften Anwendung: 0x01cdd1847f651217 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll Berichtskennung: c4738233-3d77-11e2-9485-1c7508a90faf

Error - 10.12.2012 14:30:59 | Computer Name = Gernoth | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 11.12.2012 08:22:03 | Computer Name = Gernoth | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455,
Zeitstempel: 0x507284ba Name des fehlerhaften Moduls: nvumdshim.dll, Version: 8.17.12.8026,
Zeitstempel: 0x4e390a54 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000350a ID des fehlerhaften
Prozesses: 0x1304 Startzeit der fehlerhaften Anwendung: 0x01cdd797f1b9cf4c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\nvumdshim.dll Berichtskennung: 5e4dffca-438d-11e2-8a0f-1c7508a90faf

Error - 11.12.2012 10:06:00 | Computer Name = Gernoth | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 12.12.2012 10:31:02 | Computer Name = Gernoth | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 13.12.2012 09:09:04 | Computer Name = Gernoth | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 14.12.2012 02:20:02 | Computer Name = Gernoth | Source = CVHSVC | ID = 100
Description = Nur zur Information. Failed to Start the CVH service 1063

Error - 17.12.2012 07:58:24 | Computer Name = Gernoth | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a2f9e3 Name des fehlerhaften Moduls: AcroPDF.dll, Version: 9.5.2.295,
Zeitstempel: 0x50170017 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000188b9 ID des fehlerhaften
Prozesses: 0x1068 Startzeit der fehlerhaften Anwendung: 0x01cddc4a3f3800d9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
Berichtskennung:
0f36c538-4841-11e2-9074-1c7508a90faf

Error - 17.12.2012 07:58:28 | Computer Name = Gernoth | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a2f9e3 Name des fehlerhaften Moduls: AcroPDF.dll, Version: 9.5.2.295,
Zeitstempel: 0x50170017 Ausnahmecode: 0xc000041d Fehleroffset: 0x000188b9 ID des fehlerhaften
Prozesses: 0x1068 Startzeit der fehlerhaften Anwendung: 0x01cddc4a3f3800d9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
Berichtskennung:
114bf975-4841-11e2-9074-1c7508a90faf

[ System Events ]
Error - 01.05.2013 12:17:46 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde nicht
richtig gestartet.

Error - 01.05.2013 12:29:53 | Computer Name = Gernoth | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?05.?2013 um 18:28:12 unerwartet heruntergefahren.

Error - 01.05.2013 12:36:32 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error - 02.05.2013 03:18:22 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst WPDBusEnum erreicht.

Error - 02.05.2013 03:18:52 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SysMain erreicht.

Error - 02.05.2013 13:43:25 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error - 02.05.2013 13:44:04 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error - 02.05.2013 13:45:30 | Computer Name = Gernoth | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?05.?2013 um 19:44:18 unerwartet heruntergefahren.

Error - 04.05.2013 09:20:33 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SysMain erreicht.

Error - 04.05.2013 09:21:06 | Computer Name = Gernoth | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 120000 Millisekunden durchgeführt: Neustart des Diensts.


< End of report >

:hallo:

Logs ist unvollständig, außerdem fehlt die OTL.txt Logdatei

Im falsche Unterforum.

Jetzt nicht mehr :D

Hier gehts weiter:
Adware: Win32/PriceGong

Hab dieses Thema leider nicht gesehen Arne, sorry. :headbang:

macht ja nüscht :D
Dann schmeiß ich diesen eben in die http://cosgan.de/images/smilie/haushalt/c045.gif

:zunge: