Trojaner-Board - Weißer Bildschirm mit Text "Es besteht noch keine Internetverbindung, bi**e warten.

Hallo ich melde mich zurück.
Habe alles soweit befolgt wie es mir beschrieben worden ist.
Vorweg:
In ReatogoPE fand ich nirgends bei Rechtsklick irgendwas mit "als Administrator ausführen", habe dann einfach ganz normal weiter gemacht.
Zu 1.
Hier ist die erste Logdatei:

Code:

========== OTL ==========

HKU\David_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_USERS\David_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.

Registry value HKEY_USERS\David_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.

Prefs.js: "ICQ Search" removed from browser.search.defaultenginename

Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=" removed from browser.search.defaulturl

Prefs.js: "ICQ Search" removed from browser.search.selectedEngine

Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems

Prefs.js: DTToolbar@toolbarnet.com:1.1.4.0024 removed from extensions.enabledItems

Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q=" removed from keyword.URL

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar\modules folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar\locale\en-US folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar\locale folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar\components folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar\chrome folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\vshare@toolbar folder moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\daemon-search.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-1.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-2.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-3.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-4.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-5.xml moved successfully.

C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-6.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.

C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.

64bit-Registry value HKEY_USERS\David_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

Registry value HKEY_USERS\David_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\WinDriver deleted successfully.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

C:\Users\David\AppData\Roaming\5u4hw45eu.exe moved successfully.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

C:\Users\David\AppData\Roaming\system32\svchost.exe moved successfully.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe moved successfully.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\David_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.

Registry key HKEY_USERS\LocalService_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.

Registry key HKEY_USERS\NetworkService_ON_C\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce not found.

Registry value HKEY_USERS\David_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\David\AppData\Roaming\5u4hw45eu.exe deleted successfully.

File C:\Users\David\AppData\Roaming\5u4hw45eu.exe not found.

C:\Users\David\AppData\Roaming\dwlGina3.dll moved successfully.

File C:\Users\David\AppData\Roaming\5u4hw45eu.exe not found.

C:\Users\David\Desktop\Adolf Hitler - Mein Kampf\Band 2 folder moved successfully.

C:\Users\David\Desktop\Adolf Hitler - Mein Kampf\Band 1 folder moved successfully.

C:\Users\David\Desktop\Adolf Hitler - Mein Kampf folder moved successfully.

File C:\Users\David\AppData\Roaming\dwlGina3.dll not found.

File C:\Users\David\AppData\Roaming\5u4hw45eu.exe not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: David

->Temp folder emptied: 8074537436 bytes

->Temporary Internet Files folder emptied: 558893776 bytes

->Java cache emptied: 3304575 bytes

->FireFox cache emptied: 309752974 bytes

->Flash cache emptied: 5961 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 3238240 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 530893350 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes

 

Total Files Cleaned = 9,042.00 mb

 

 

OTLPE by OldTimer - Version 3.1.48.0 log created on 01232012_223721

Darauf hin soltle die Meldung auftreten, bzgl. des Neustartes, bei mir kam diese nicht. Habe dann nicht nur das Programm sondern komplett das "Programm" neugestartet.

Zu 2:
Habe die OTL.exe gestartet alle Einstellungen festgelegt, die du mir geschrieben hast und den Scan gestartet.

Hat mir dann die zwei Dateien erstellt:
Extras.txt:

Code:

OTL Extras logfile created on: 1/23/2012 11:32:09 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

64bit-Windows 7 Professional  (Version = 6.1.7600) - Type = System

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 125.46 Gb Total Space | 26.61 Gb Free Space | 21.21% Space Free | Partition Type: NTFS

Drive D: | 97.65 Gb Total Space | 61.10 Gb Free Space | 62.57% Space Free | Partition Type: NTFS

Drive E: | 9.76 Gb Total Space | 5.30 Gb Free Space | 54.28% Space Free | Partition Type: FAT32

Drive F: | 14.83 Gb Total Space | 4.26 Gb Free Space | 28.73% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Users\David\AppData\Local\Temp\2.exe" = C:\Users\David\AppData\Local\Temp\2.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Roaming\WinDriver.exe" = C:\Users\David\AppData\Roaming\WinDriver.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Local\Temp\2.exe" = C:\Users\David\AppData\Local\Temp\2.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Roaming\WinDriver.exe" = C:\Users\David\AppData\Roaming\WinDriver.exe:*:Enabled:Windows Messanger

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour

"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes

"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor

"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour

"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes

"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor

"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU

"WinRAR archiver" = WinRAR

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\David_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"JDownloader" = JDownloader

 

< End of report >

OTL.txt:

Code:

OTL logfile created on: 1/23/2012 11:32:09 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

64bit-Windows 7 Professional  (Version = 6.1.7600) - Type = System

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 125.46 Gb Total Space | 26.61 Gb Free Space | 21.21% Space Free | Partition Type: NTFS

Drive D: | 97.65 Gb Total Space | 61.10 Gb Free Space | 62.57% Space Free | Partition Type: NTFS

Drive E: | 9.76 Gb Total Space | 5.30 Gb Free Space | 54.28% Space Free | Partition Type: FAT32

Drive F: | 14.83 Gb Total Space | 4.26 Gb Free Space | 28.73% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)

SRV - [2011/11/01 11:00:52 | 000,075,064 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2011/06/28 13:22:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/06/06 05:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/04/28 10:32:39 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011/06/28 13:22:58 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011/06/28 13:22:58 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011/05/10 01:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/03/05 12:33:02 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2009/08/13 16:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvm62x64.sys -- (NVENETFD)

DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\David_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]

IE - HKU\David_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKU\David_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\David_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 

 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: ""

FF - prefs.js..extensions.enabledItems: ""

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_1_102.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/29 15:30:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/11 15:02:05 | 000,000,000 | ---D | M]

 

[2010/09/24 16:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions

[2012/01/14 09:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions

[2011/12/23 15:50:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/05/29 09:04:00 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-7.xml

[2012/01/04 08:54:58 | 000,000,168 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin.gif

[2012/01/04 08:54:58 | 000,000,618 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin.src

[2010/05/12 10:40:48 | 000,001,042 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin.xml

[2011/06/13 13:50:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/09/24 17:15:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2011/06/13 13:50:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

File not found (No name found) -- 

File not found (No name found) -- C:\USERS\DAVID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4PJOY526.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR

[2011/05/29 09:03:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010/09/14 21:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

 

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKU\David_ON_C..\Run: [C6rNrw6a0iIDqYKGvz]  File not found

O4 - HKU\David_ON_C..\Run: [Cl3XeOQ7Sj1b8lr]  File not found

O4 - HKU\David_ON_C..\Run: [DAEMON Tools Lite]  File not found

O4 - HKU\David_ON_C..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)

O4 - HKU\David_ON_C..\Run: [flash update]  File not found

O4 - HKU\David_ON_C..\Run: [fsm]  File not found

O4 - HKU\David_ON_C..\Run: [GoogleTBUpdater]  File not found

O4 - HKU\David_ON_C..\Run: [HKCU]  File not found

O4 - HKU\David_ON_C..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O4 - HKU\David_ON_C..\Run: [scvhost]  File not found

O4 - HKU\David_ON_C..\Run: [sys]  File not found

O4 - HKU\David_ON_C..\Run: [System33]  File not found

O4 - HKU\David_ON_C..\Run: [System34]  File not found

O4 - HKU\David_ON_C..\Run: [Windows Defender]  File not found

O4 - HKU\David_ON_C..\Run: [Windows Live Guards]  File not found

O4 - HKU\David_ON_C..\Run: [Windows Update System]  File not found

O4 - HKU\David_ON_C..\Run: [Winlogon]  File not found

O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)

O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found

O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found

O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: WinDriver = C:\Users\David\AppData\Roaming\WinDriver.exe

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] -  File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] -  File not found

O13:64bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012/01/23 23:04:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012/01/23 22:37:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2012/01/17 17:32:09 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll

[2012/01/17 17:32:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll

[2012/01/17 17:32:08 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012/01/17 17:32:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

[2012/01/17 17:32:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll

[2012/01/17 17:32:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll

[2012/01/11 12:17:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2012/01/11 12:17:49 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012/01/11 12:17:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012/01/11 12:17:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll

[2012/01/11 12:14:07 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2012/01/11 12:14:07 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/01/11 12:14:04 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll

[2012/01/11 12:13:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll

[2012/01/11 12:13:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012/01/06 13:51:17 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\VA_-_Sido_Blutzbruedaz_(Die_Mukke_Zum_Film)-DE-2011-YSP

[2012/01/06 12:12:38 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\KevinHoffmann

[1 C:\Users\David\AppData\Roaming\*.tmp files -> C:\Users\David\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012/01/22 09:01:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/01/22 08:57:29 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys

[2012/01/21 14:30:06 | 000,013,424 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/01/21 14:30:06 | 000,013,424 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/01/21 14:26:43 | 000,696,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012/01/21 14:26:43 | 000,652,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/01/21 14:26:43 | 000,148,128 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012/01/21 14:26:43 | 000,121,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/01/19 16:33:27 | 000,001,120 | ---- | M] () -- C:\Windows\SysWow64\index.xml

[2012/01/11 12:51:56 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/12/25 12:43:13 | 000,145,833 | ---- | M] () -- C:\Users\David\Desktop\flo me.jpg

[1 C:\Users\David\AppData\Roaming\*.tmp files -> C:\Users\David\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011/12/25 12:42:58 | 000,145,833 | ---- | C] () -- C:\Users\David\Desktop\flo me.jpg

[2011/08/17 13:01:45 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011/08/17 13:01:42 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2011/08/17 13:01:42 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/03/05 17:45:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2011/03/05 12:41:35 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/02/20 11:47:01 | 000,000,074 | ---- | C] () -- C:\ProgramData\Facebook Video Downloader set

[2010/12/23 16:53:33 | 000,913,765 | ---- | C] () -- C:\Users\David\AppData\Roaming\data.dat

[2010/11/03 16:55:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes150.dll

[2010/11/03 16:55:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes.dll

[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 19:02:54 | 000,245,248 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll

[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll

[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 
 ========== LOP Check ==========

 

[2011/12/26 17:45:19 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.minecraft

[2011/03/10 16:39:34 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\AutomatedQA

[2011/03/05 12:34:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite

[2011/08/17 14:39:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Day 1 Studios

[2011/05/07 03:52:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DVDVideoSoft

[2010/11/19 18:53:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers

[2011/03/10 16:39:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Embarcadero

[2011/03/16 15:28:16 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FinalBuilder7

[2011/08/17 10:09:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameRanger

[2011/06/30 13:58:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Garmin

[2010/12/29 10:18:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\gmGOEj

[2012/01/21 11:36:38 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ

[2010/10/05 13:40:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Leadertech

[2011/12/26 17:45:19 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MineCraftG

[2011/03/05 13:06:53 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\MonoDevelop

[2010/11/11 15:00:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org

[2010/12/30 18:30:35 | 000,000,000 | RHSD | M] -- C:\Users\David\AppData\Roaming\recyclerr

[2011/09/01 12:47:50 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Secure-Soft Stealer

[2010/11/03 18:04:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Software Informer

[2011/03/10 16:40:50 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Subversion

[2012/01/23 22:37:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\system32

[2011/03/05 18:46:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Tunngle

[2010/12/30 18:30:47 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\whitepixel

[2011/03/05 13:06:40 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\xbuild

[2010/09/22 17:09:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data

[2011/03/10 16:39:34 | 000,000,000 | ---D | M] -- C:\ProgramData\AutomatedQA

[2011/08/17 10:09:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Codemasters

[2011/03/05 12:31:18 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents

[2010/09/22 17:09:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente

[2010/10/06 03:53:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts

[2011/03/10 16:26:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Embarcadero

[2010/09/22 17:09:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites

[2011/04/02 05:24:34 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ

[2011/03/20 16:54:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Native Instruments

[2011/03/05 12:50:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Raize

[2011/10/30 16:40:09 | 000,000,000 | ---D | M] -- C:\ProgramData\RELOADED

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu

[2010/09/22 17:09:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü

[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates

[2011/03/05 18:46:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Tunngle

[2011/08/17 13:02:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft

[2010/09/22 17:09:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen

[2011/03/10 16:32:57 | 000,000,000 | ---D | M] -- C:\ProgramData\VSoft

[2011/03/10 16:37:19 | 000,000,000 | -H-D | M] -- C:\ProgramData\{6D2F145C-EDED-493E-8DF8-9F0A1C14671C}

[2010/11/19 19:20:32 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2011/03/05 12:49:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\{991B3D47-E496-4C3F-9322-FEF4B4C406C3}

[2011/03/20 16:54:57 | 000,000,000 | -H-D | M] -- C:\ProgramData\{A0DFE2A5-DE68-41F3-8861-73E954C1D41D}

[2011/03/10 16:49:26 | 000,000,000 | -H-D | M] -- C:\ProgramData\{A61EFC3F-D4AB-4744-85FD-E9663BA16167}

[2010/12/16 16:47:51 | 000,000,000 | ---D | M] -- C:\ProgramData\{BC13C66E-D01E-4443-A1D1-35EEDF3A964A}

[2011/12/23 10:24:08 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >

Im Anschluss daran habe ich den Computer ausgeschaltet und ganz normal meinen bisher defekten PC gestartet.
Habe mich angemeldet, dann erst der Schock, der Bildschirm war immer noch grau.
Kurz danach habe ich meinen Desktop und die Taskleiste wieder gesehen.
Leider ist mein Desktop leer und ich kann auch nichts mit der linken maustaste auswählen (z.B. einfach nur Rahmen ziehen).
Die rechte Maustaste funktioniert.
ICQ und AntiVir sind richtig gestartet worden.

Ein was fällt mir noch auf, wenn er ein Fenster läd, dauert es extrem lange. (z.b. antivir werbung)

Ich werde jetzt erstmal einen Virenscan durchführen.

Bedanke mich bis hierhin für die Hilfe, er läuft ja shcon wieder so halb :)
Jetzte wäre noch zu wissen, wieso meine ganzen Verknüpfungen vom Desktop verschwunden sind.

Zu 1:
Hab die Unhide.exe als Administrator ausgeführt, hat wie angegeben eine ganze Weile gedauert, aber meine Icons
werden immer noch nicht auf dem Desktop angezeigt, hab dann mal PC neugestartet, Icons wurden aber weiterhin
nicht angezeigt. Meine Dateien waren auch nicht versteckt.
Also das funktioniert noch nicht.

Zu 2:
Hab mir Malwarebytes runtergeladen installiert, geupdatet. Und einen vollständigen Scan durchgeführt.
Hat einige infizierte Dateien gefunden.
Hab mir dann alle infizierte Dateien anzeigen lassen, dann erst den Log gespeichert und dann gesagt
alle entfernen.. dann kam die Meldung dass der PC neu gestartet werden muss, das hab ich getan.
Hab dann Quarantäne geschaut und dort befinden sich noch die Dateien, soll ich die Objekte in Quarantäne
dann auch noch löschen, momentan sind sie ja nur in Quarantäne und immer noch auf meinem PC
Logdatei:

Code:

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org
 

Datenbank Version: v2012.01.24.05
 

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

David :: DAVID-PC [Administrator]
 

24.01.2012 22:36:45

mbam-log-2012-01-24 (23-30-21).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 377103

Laufzeit: 47 Minute(n), 47 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 2

HKCU\Software\DC3_FEXEC (Malware.Trace) -> Keine Aktion durchgeführt.

HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Keine Aktion durchgeführt.
 

Infizierte Registrierungswerte: 7

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|scvhost (Trojan.Agent) -> Daten: C:\Users\David\AppData\Roaming\bot.exe -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Defender (Trojan.Agent.Gen) -> Daten: C:\Users\David\AppData\Roaming\bot.exe -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update System (Backdoor.IRCBot) -> Daten: C:\Users\David\AppData\Roaming\reader.exe -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|System34 (Trojan.Agent) -> Daten: "C:\Windows\system32\iogon.exe" -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKCU (Trojan.Agent) -> Daten: C:\Users\David\AppData\Roaming\system32\svchost.exe -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Winlogon (Trojan.Agent) -> Daten: C:\Users\David\AppData\Roaming\svchost.exe -> Keine Aktion durchgeführt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|sys (Trojan.Agent) -> Daten: C:\Users\David\AppData\Roaming\csrss.exe -> Keine Aktion durchgeführt.
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 3

C:\_OTL\MovedFiles\01232012_223721\C_Users\David\AppData\Roaming\5u4hw45eu.exe (Trojan.Cryptpin.Gen) -> Keine Aktion durchgeführt.

C:\Users\David\AppData\Roaming\Secure-Soft Stealer\Update.exe (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.

C:\Users\David\AppData\Roaming\data.dat (Stolen.Data) -> Keine Aktion durchgeführt.
 

(Ende)

Zu 3:
Hab alles so eignestellt wie angegeben und den Scan ausgeführt:
OTL.txt:

Code:

OTL logfile created on: 24.01.2012 23:43:44 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\David\Desktop

64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,63% Memory free

4,00 Gb Paging File | 2,69 Gb Available in Paging File | 67,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 125,46 Gb Total Space | 25,41 Gb Free Space | 20,25% Space Free | Partition Type: NTFS

Drive D: | 97,65 Gb Total Space | 61,10 Gb Free Space | 62,57% Space Free | Partition Type: NTFS

Drive E: | 9,76 Gb Total Space | 5,30 Gb Free Space | 54,28% Space Free | Partition Type: FAT32

Drive F: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\David\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files (x86)\ICQ7.2\MDb.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.29 21:30:55 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.11 21:02:05 | 000,000,000 | ---D | M]

 

[2010.09.24 22:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions

[2012.01.14 15:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\4pjoy526.default\extensions

[2011.12.23 21:50:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\4pjoy526.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2012.01.24 22:04:58 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-1.xml

[2011.05.29 15:04:00 | 000,000,950 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin-7.xml

[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\4pjoy526.default\searchplugins\icqplugin.xml

[2011.06.13 19:50:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2010.09.24 23:15:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2011.06.13 19:50:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.05.29 15:03:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKCU..\Run: [C6rNrw6a0iIDqYKGvz] C:\Users\David\AppData\Local\Temp\WbEec.exe File not found

O4 - HKCU..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\David\AppData\Roaming\5u4hw45eu.exe File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found

O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)

O4 - HKCU..\Run: [flash update] C:\Users\David\AppData\Roaming\flashupdate.exe File not found

O4 - HKCU..\Run: [fsm]  File not found

O4 - HKCU..\Run: [GoogleTBUpdater] C:\Users\David\AppData\Roaming\GTBUpdate.exe File not found

O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O4 - HKCU..\Run: [System33] C:\Program Files (x86)\logon.exe File not found

O4 - HKCU..\Run: [Windows Live Guards] C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe File not found

O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: WinDriver = C:\Users\David\AppData\Roaming\WinDriver.exe

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\David\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FAF62938-EB55-46B7-8CA8-CB399A9688DD}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.03.24 12:06:41 | 000,000,053 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.01.24 23:42:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe

[2012.01.24 22:31:23 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes

[2012.01.24 22:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.01.24 22:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.01.24 22:31:15 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.01.24 22:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.01.24 05:04:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012.01.24 04:37:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.01.17 23:32:09 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2012.01.17 23:32:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2012.01.17 23:32:08 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012.01.17 23:32:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2012.01.17 23:32:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2012.01.17 23:32:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2012.01.11 18:17:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2012.01.11 18:17:49 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012.01.11 18:17:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012.01.11 18:17:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2012.01.11 18:14:07 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.01.11 18:14:07 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.01.11 18:14:04 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2012.01.11 18:13:47 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2012.01.11 18:13:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012.01.06 19:51:17 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\VA_-_Sido_Blutzbruedaz_(Die_Mukke_Zum_Film)-DE-2011-YSP

[2012.01.06 18:12:38 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\KevinHoffmann

[1 C:\Users\David\AppData\Roaming\*.tmp files -> C:\Users\David\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.01.24 23:42:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe

[2012.01.24 23:40:52 | 000,013,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.01.24 23:40:52 | 000,013,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.01.24 23:40:10 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.01.24 23:40:10 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.01.24 23:40:10 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.01.24 23:40:10 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.01.24 23:40:10 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.01.24 23:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.01.24 23:33:01 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys

[2012.01.24 22:31:16 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.01.24 22:10:27 | 000,684,297 | ---- | M] () -- C:\Users\David\Desktop\unhide.exe

[2012.01.19 22:33:27 | 000,001,120 | ---- | M] () -- C:\Windows\SysWow64\index.xml

[2012.01.11 18:51:56 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[1 C:\Users\David\AppData\Roaming\*.tmp files -> C:\Users\David\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.01.24 22:31:16 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.01.24 22:10:53 | 000,684,297 | ---- | C] () -- C:\Users\David\Desktop\unhide.exe

[2011.08.17 19:01:45 | 000,234,536 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.08.17 19:01:42 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2011.08.17 19:01:42 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011.03.05 23:45:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2011.03.05 18:41:35 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.02.20 17:47:01 | 000,000,074 | ---- | C] () -- C:\ProgramData\Facebook Video Downloader set

[2010.11.03 22:55:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes150.dll

[2010.11.03 22:55:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes.dll

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 

< End of report >

Extras.txt:

Code:

OTL Extras logfile created on: 24.01.2012 23:43:44 - Run 1

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\David\Desktop

64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 51,63% Memory free

4,00 Gb Paging File | 2,69 Gb Available in Paging File | 67,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 125,46 Gb Total Space | 25,41 Gb Free Space | 20,25% Space Free | Partition Type: NTFS

Drive D: | 97,65 Gb Total Space | 61,10 Gb Free Space | 62,57% Space Free | Partition Type: NTFS

Drive E: | 9,76 Gb Total Space | 5,30 Gb Free Space | 54,28% Space Free | Partition Type: FAT32

Drive F: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Users\David\AppData\Local\Temp\2.exe" = C:\Users\David\AppData\Local\Temp\2.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Roaming\WinDriver.exe" = C:\Users\David\AppData\Roaming\WinDriver.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Local\Temp\2.exe" = C:\Users\David\AppData\Local\Temp\2.exe:*:Enabled:Windows Messanger

"C:\Users\David\AppData\Roaming\WinDriver.exe" = C:\Users\David\AppData\Roaming\WinDriver.exe:*:Enabled:Windows Messanger

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour

"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes

"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor

"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU

"WinRAR archiver" = WinRAR

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{044D82FC-996E-462B-B694-C567C984B027}" = Delphi Prism Feature Pack

"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)

"{1DA9BC4F-6149-4AC0-A533-49092A33AC9C}_is1" = Delphi Prism 4.0.25.791

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22

"{35e6256f-a352-4bf7-b6f1-998640a4cd53}_is1" = Mono for Windows 2.6.1

"{3CB70B01-4BC8-4C0F-B28F-7C6E33F913CC}" = Gtk# for .Net 2.12.9

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010

"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010

"{4594DEE8-EFDC-4F16-A6DC-AAEAD022DCFF}_is1" = FinalBuilder 7.0.0.761 Embarcadero Edition

"{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4ACDC413-AF13-3934-8D8A-1F8CEF70D1A5}" = Microsoft Document Explorer 2008 Language Pack - DEU

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers

"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types

"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008

"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09

"{83012AA4-027F-3721-A0C5-0D31FD58C5DF}" = NVIDIA PhysX SDK 2.8.1

"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch

"{B28DC16A-5394-3761-B143-450AE92516BB}" = Microsoft Visual Studio 2010 Shell (Integrated) - DEU

"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support

"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update

"{CA206913-EE9F-495F-AD43-032E5833EE13}" = AnkhSVN 2.1.8420.8

"{CB3EBE4F-5007-4AF8-9507-A0318863F433}" = Embarcadero Delphi and C++Builder XE Help System

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game

"{DC700081-9FD8-4445-A578-C52209A90522}" = AQtime 7 Standard for Embarcadero RAD Studio XE

"{E394CC6D-9F54-41CC-9415-6FFF07885881}" = Garmin WebUpdater

"{E966F0CC-76B3-11D3-945B-00C04FB1760A}" = BDE_ENT

"{EFCDD6E3-3869-4AB9-8073-CED0EC7C2E75}" = Embarcadero RAD Studio XE

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F54D7643-4D8D-47CD-9CDB-806897BC5142}" = MonoDevelop 2.4

"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX

"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2

"1.Bundesliga Minifacepatch" = 1.Bundesliga Minifacepatch

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"ASIO4ALL" = ASIO4ALL

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CodeSite Express 4.6.2" = CodeSite Express 4.6.2

"CollabNet Automatic Update" = CollabNet Automatic Update 1.2

"CollabNet Subversion Client" = CollabNet Subversion Client 1.6.12

"Creation Master 11_is1" = Creation Master 11 Release 11.0

"DAEMON Tools Lite" = DAEMON Tools Lite

"DAEMON Tools Toolbar" = DAEMON Tools Toolbar

"Delphi Prism Feature Pack" = Delphi Prism Feature Pack

"EADM" = EA Download Manager

"Embarcadero Delphi and C++Builder XE Help System" = Embarcadero Delphi and C++Builder XE Help System

"Embarcadero RAD Studio XE" = Embarcadero RAD Studio XE

"F.E.A.R. 3_is1" = F.E.A.R. 3

"Fifa 12 (c) Electronic Arts_is1" = Fifa 12 (c) Electronic Arts version 1

"Free Studio_is1" = Free Studio version 4.9.13

"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010

"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™

"ICQToolbar" = ICQ Toolbar

"InstallShield_{DC700081-9FD8-4445-A578-C52209A90522}" = AutomatedQA AQtime 7 Standard for Embarcadero RAD Studio

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008

"Microsoft Document Explorer 2008 Language Pack - DEU" = Microsoft Document Explorer 2008 Language Pack - DEU

"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package

"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)

"Native Instruments Traktor" = Native Instruments Traktor

"OpenAL" = OpenAL

"PunkBusterSvc" = PunkBuster Services

"Rave Reports 9.0.0 BE_is1" = Rave Reports 9.0.0 BE

"Software Informer_is1" = Software Informer 1.0 BETA

"Stronghold 3 (c) THQ_is1" = Stronghold 3 (c) THQ version 1

"Uninstall_is1" = Uninstall 1.0.0.1

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"JDownloader" = JDownloader

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 23.10.2011 16:52:29 | Computer Name = David-PC | Source = Application Hang | ID = 1002

Description = Programm ICQ.exe, Version 7.2.0.3525 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: aa0    Startzeit: 

01cc91a06bcfc2f1    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\ICQ7.2\ICQ.exe    Berichts-ID:

   

 

Error - 30.10.2011 05:29:30 | Computer Name = David-PC | Source = Application Hang | ID = 1002

Description = Programm firefox.exe, Version 2.0.1.4120 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 88c    Startzeit: 

01cc96e61fb75318    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

Berichts-ID:

 a76fefa3-02d9-11e1-9518-001d7dd783e7  

 

Error - 30.10.2011 08:40:20 | Computer Name = David-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: R6Vegas2_Game.exe, Version: 0.0.0.0,

 Zeitstempel: 0x484e0000  Name des fehlerhaften Moduls: PhysXCore.dll, Version: 0.0.0.0,

 Zeitstempel: 0x454a24d1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00267720  ID des fehlerhaften

 Prozesses: 0xd88  Startzeit der fehlerhaften Anwendung: 0x01cc96fef92606cb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Games\Six Vegas 2\Binaries\R6Vegas2_Game.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Games\Six Vegas 2\Binaries\PhysXCore.dll

Berichtskennung:

 533a97ad-02f4-11e1-9518-001d7dd783e7

 

Error - 30.10.2011 17:40:50 | Computer Name = David-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Stronghold3.exe, Version: 0.0.0.0,

 Zeitstempel: 0x4ea00eea  Name des fehlerhaften Moduls: vBase100.dll, Version: 8.1.8.0,

 Zeitstempel: 0x4e9ff795  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0009d037  ID des fehlerhaften

 Prozesses: 0xaec  Startzeit der fehlerhaften Anwendung: 0x01cc974c7f1c48a5  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Stronghold 3\bin\win32_release\Stronghold3.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Stronghold 3\bin\win32_release\vBase100.dll

Berichtskennung:

 d58ddec5-033f-11e1-9518-001d7dd783e7

 

Error - 30.10.2011 17:41:34 | Computer Name = David-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Stronghold3.exe, Version: 0.0.0.0,

 Zeitstempel: 0x4ea00eea  Name des fehlerhaften Moduls: vBase100.dll, Version: 8.1.8.0,

 Zeitstempel: 0x4e9ff795  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0009d037  ID des fehlerhaften

 Prozesses: 0x6dc  Startzeit der fehlerhaften Anwendung: 0x01cc974ca1f9ee29  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Stronghold 3\bin\win32_release\Stronghold3.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Stronghold 3\bin\win32_release\vBase100.dll

Berichtskennung:

 ef9b54f9-033f-11e1-9518-001d7dd783e7

 

Error - 31.10.2011 09:20:42 | Computer Name = David-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: Stronghold3.exe, Version: 0.0.0.0,

 Zeitstempel: 0x4ea00eea  Name des fehlerhaften Moduls: vBase100.dll, Version: 8.1.8.0,

 Zeitstempel: 0x4e9ff795  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0009d037  ID des fehlerhaften

 Prozesses: 0xd64  Startzeit der fehlerhaften Anwendung: 0x01cc97cfd5fbd3b9  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Stronghold 3\bin\win32_release\Stronghold3.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Stronghold 3\bin\win32_release\vBase100.dll

Berichtskennung:

 21ae1025-03c3-11e1-906d-001d7dd783e7

 

Error - 27.12.2011 15:19:49 | Computer Name = David-PC | Source = Application Hang | ID = 1002

Description = Programm ICQ.exe, Version 7.2.0.3525 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 8a0    Startzeit: 

01ccc4c782d2be45    Endzeit: 31    Anwendungspfad: C:\Program Files (x86)\ICQ7.2\ICQ.exe
 

Berichts-ID:

   

 

Error - 27.12.2011 15:37:13 | Computer Name = David-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16912,

 Zeitstempel: 0x4eb4a5ea  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x04be4d88  ID des fehlerhaften

 Prozesses: 0xd24  Startzeit der fehlerhaften Anwendung: 0x01ccc4ceb0c176e6  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad

 des fehlerhaften Moduls: unknown  Berichtskennung: 2c91bed1-30c2-11e1-8bca-001d7dd783e7

 

Error - 06.01.2012 19:26:10 | Computer Name = David-PC | Source = Application Hang | ID = 1002

Description = Programm iexplore.exe, Version 8.0.7600.16912 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 288    Startzeit: 01ccccca591b76e0    Endzeit: 8    Anwendungspfad: C:\Program

 Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID: cc195347-38bd-11e1-9e45-001d7dd783e7
 

 

Error - 06.01.2012 19:29:10 | Computer Name = David-PC | Source = SideBySide | ID = 16842811

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\David\AppData\Local\Temp\EAD78D4.exe".

 Fehler in Manifest- oder Richtliniendatei "C:\Users\David\AppData\Local\Temp\EAD78D4.exe"

 in Zeile 0.  Ungültige XML-Syntax.

 

[ System Events ]

Error - 23.01.2012 18:40:47 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 23.01.2012 18:41:03 | Computer Name = David-PC | Source = Server | ID = 2505

Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht

 \Device\NetBT_Tcpip_{FAF62938-EB55-46B7-8CA8-CB399A9688DD} vom Serverdienst nicht

 gebunden werden. Der Serverdienst konnte nicht gestartet werden.

 

Error - 23.01.2012 18:41:01 | Computer Name = David-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Dienst "Bonjour"" wurde aufgrund folgenden Fehlers nicht

 gestartet:   %%2

 

Error - 23.01.2012 18:41:03 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :20" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 23.01.2012 18:43:10 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 24.01.2012 17:03:38 | Computer Name = David-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Dienst "Bonjour"" wurde aufgrund folgenden Fehlers nicht

 gestartet:   %%2

 

Error - 24.01.2012 17:03:39 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 24.01.2012 18:30:23 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 24.01.2012 18:33:12 | Computer Name = David-PC | Source = NetBT | ID = 4321

Description = Der Name "DAVID-PC       :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.21  registriert werden. Der Computer mit IP-Adresse 192.168.2.26

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 24.01.2012 18:33:13 | Computer Name = David-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Dienst "Bonjour"" wurde aufgrund folgenden Fehlers nicht

 gestartet:   %%2

 

 

< End of report >

Zu 4:
Install.txt:

Code:

1.Bundesliga Minifacepatch                30.07.2011                

Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        22.09.2010        6,00MB        10.1.85.3

Adobe Flash Player 11 Plugin 64-bit        Adobe Systems Incorporated        29.11.2011        6,00MB        11.1.102.55

Adobe Reader X (10.1.0) - Deutsch        Adobe Systems Incorporated        10.09.2011        118,5MB        10.1.0

AnkhSVN 2.1.8420.8        AnkhSVN Team        04.03.2011        7,61MB        2.1.8420.8

Apple Application Support        Apple Inc.        28.06.2011        51,0MB        1.5.2

Apple Mobile Device Support        Apple Inc.        28.06.2011        22,7MB        3.4.1.2

Apple Software Update        Apple Inc.        28.06.2011        2,25MB        2.1.3.127

ASIO4ALL        Michael Tippach        13.01.2011                2.10

AutomatedQA AQtime 7 Standard for Embarcadero RAD Studio        AutomatedQA Corp.        09.03.2011        212MB        7.0.307.86

Avira AntiVir Personal - Free Antivirus        Avira GmbH        16.10.2011        76,9MB        10.2.0.704

Battlefield 2(TM)                30.10.2011                

Bonjour        Apple Inc.        28.06.2011        1,75MB        2.0.5.0

CCleaner        Piriform        23.01.2012                3.14

CodeSite Express 4.6.2        Raize Software, Inc.        09.03.2011                4.0

CollabNet Automatic Update 1.2        CollabNet Software Private Limited        09.03.2011                1.2

CollabNet Subversion Client 1.6.12        CollabNet        09.03.2011                1.6.12

Creation Master 11 Release 11.0        FIFA MASTER        24.07.2011                

DAEMON Tools Lite        DT Soft Ltd        04.03.2011                4.40.2.0131

DAEMON Tools Toolbar        DT Soft Ltd        04.03.2011                1.1.4.0024

Delphi Prism 4.0.25.791        Embarcadero Technologies        04.03.2011        98,0MB        

Delphi Prism Feature Pack        Embarcadero        04.03.2011                

EA Download Manager        Electronic Arts, Inc.        04.10.2010                5.1.0.4

Embarcadero Delphi and C++Builder XE Help System        Embarcadero        09.03.2011                

Embarcadero RAD Studio XE        Embarcadero Technologies        09.03.2011                

F.E.A.R. 3                16.08.2011                

F1 2010        Codemasters        22.09.2010                1.0.0000.132

FIFA 11        Electronic Arts        04.10.2010        2.166MB        1.0.0.0

Fifa 12 (c) Electronic Arts version 1                30.09.2011                1

FinalBuilder 7.0.0.761 Embarcadero Edition                09.03.2011        97,7MB        7.0.0.761

Free Studio version 4.9.13        DVDVideoSoft Limited.        19.11.2010        155,4MB        

Garmin USB Drivers        Garmin Ltd or its subsidiaries        28.06.2011        0,12MB        2.3.0.0

Garmin WebUpdater        Garmin Ltd or its subsidiaries        28.06.2011        15,6MB        2.5.1

Gtk# for .Net 2.12.9        Novell, Inc.        04.03.2011        19,9MB        2.12.9

ICQ Toolbar        ICQ        01.04.2011                3.0.0

ICQ7.4        ICQ        01.04.2011                7.4

iTunes        Apple Inc.        28.06.2011        145,0MB        10.3.1.55

Java(TM) 6 Update 22        Sun Microsystems, Inc.        24.09.2010        94,5MB        6.0.220

JDownloader        AppWork UG (haftungsbeschränkt)        07.10.2011                

Malwarebytes Anti-Malware Version 1.60.0.1800        Malwarebytes Corporation        23.01.2012        18,6MB        1.60.0.1800

McAfee Security Scan Plus        McAfee, Inc.        22.12.2010        8,30MB        2.0.181.2

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        28.10.2010        38,8MB        4.0.30319

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        04.03.2011        2,94MB        4.0.30319

Microsoft .NET Framework 4 Extended        Microsoft Corporation        04.03.2011        52,0MB        4.0.30319

Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        04.03.2011        10,7MB        4.0.30319

Microsoft .NET Framework 4 Multi-Targeting Pack        Microsoft Corporation        04.03.2011        83,5MB        4.0.30319

Microsoft Document Explorer 2008        Microsoft Corporation        09.03.2011                

Microsoft Document Explorer 2008 Language Pack - DEU        Microsoft Corporation        09.03.2011                

Microsoft Games for Windows - LIVE Redistributable        Microsoft Corporation        17.08.2011        31,3MB        3.5.88.0

Microsoft Games for Windows Marketplace        Microsoft Corporation        17.08.2011        6,04MB        3.5.50.0

Microsoft Help Viewer 1.0        Microsoft Corporation        04.03.2011        3,97MB        1.0.30319

Microsoft Help Viewer 1.0 Language Pack - DEU        Microsoft Corporation        04.03.2011        1,95MB        1.0.30319

Microsoft SQL Server 2008 R2 Management Objects        Microsoft Corporation        04.03.2011        17,2MB        10.50.1447.4

Microsoft SQL Server System CLR Types        Microsoft Corporation        04.03.2011        2,55MB        10.50.1447.4

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        23.01.2012        0,24MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        17.08.2011        0,29MB        8.0.61001

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        Microsoft Corporation        10.11.2010        2,52MB        9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        17.08.2011        0,77MB        9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        04.10.2010        0,59MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        04.03.2011        0,22MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        29.12.2010        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974        Microsoft Corporation        04.03.2011        0,58MB        9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        17.08.2011        0,59MB        9.0.30729.6161

Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319        Microsoft Corporation        04.03.2011        26,0MB        10.0.30319

Microsoft Visual J# 2.0 Redistributable Package        Microsoft Corporation        09.03.2011                

Microsoft Visual Studio 2010 Shell (Integrated) - DEU        Microsoft Corporation        17.08.2011        538MB        10.0.30319

Microsoft Xbox 360 Accessories 1.1        Microsoft        13.12.2010        7,37MB        1.10.123.0

Mono for Windows 2.6.1        Mono        04.03.2011                2.6.1

MonoDevelop 2.4        Novell        04.03.2011        40,1MB        2.4.0.58990

Mozilla Firefox 4.0.1 (x86 de)        Mozilla        28.05.2011        31,9MB        4.0.1

Native Instruments Traktor                19.03.2011                

Native Instruments Traktor        Native Instruments        20.03.2011                

NHL™ 09        Electronic Arts        16.08.2011        3.087MB        2.0.1.0

NVIDIA PhysX        NVIDIA Corporation        17.08.2011        78,8MB        9.10.0512

NVIDIA PhysX SDK 2.8.1        NVIDIA        16.08.2011        184,3MB        2.8.1

OpenAL                22.09.2010                

OpenOffice.org 3.2        OpenOffice.org        10.11.2010        365MB        3.2.9502

PunkBuster Services        Even Balance, Inc.        16.08.2011                0.986

QuickTime        Apple Inc.        28.06.2011        73,7MB        7.69.80.9

Rapture3D 2.3.22 Game        Blue Ripple Sound        04.03.2011                

Rave Reports 9.0.0 BE        Nevrona Designs        09.03.2011        31,1MB        

Software Informer 1.0 BETA        Informer Technologies, Inc.        03.11.2010                

Stronghold 3 (c) THQ version 1                29.10.2011        3.869MB        1

Tom Clancy's Rainbow Six Vegas 2        Ubisoft        16.08.2011                1.00

Uninstall 1.0.0.1                19.11.2010        10,6MB        

Virtua Tennis 4™        SEGA        16.08.2011                1.0.0000.130

VirtualDJ PRO Full        Atomix Productions        31.08.2011        49,2MB        7.0.5

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)        Garmin        28.06.2011                06/03/2009 2.3.0.0

Windows Live ID Sign-in Assistant        Microsoft Corporation        17.08.2011        10,0MB        6.500.3165.0

Windows Media Player Firefox Plugin        Microsoft Corp        29.12.2010        0,29MB        1.0.0.8

WinRAR                14.01.2011

Ich bedanke mich wieder bis hierhin und freue mich über Rückmeldung.
MfG