Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert

chris1987 · 08.12.2011, 09:47

Hallo ich habe ein problem was manche auch haben.

Ich bekomme computer sperren wo steht:
Achtung!
Aus Sicherheitsgründen wurde ihr windows system blockiert!

Und drunter ein button bezahlen& Herrunterladen

oder was noch kommt ist:
Gleiche überschrift und button

aber als text inhahltlich durch besuch von infizierten oder pornografische inhalten ist das system an eine kritische grenze gekommen wodruch ein zusammen brechen oder ganzen Dateien verloren gehen können.
Um das system wiederherzustellen muss ein zusätzliches sicherheitsupdate herruntergeladen werden.

Das update ist kostenpflichtig und ist speziell für infizierte Windowssystem. Es schützt vollständig von virus und schadprogrammen und stabiliesiert das computersystem und verhindert datenverlust.

Ich bin immer auf den gleichen seiten und schon gar nicht auf pornografischen seiten.
Ich kann ohne netzwerk Ohne probleme am pc arbeiten sobald ich online bin ist irgendwann der zeit punkt da wo die nachricht kommt und nix geht mehr bis auf ein neu start. Habe Internet explorer und moziller Firefox drauf habe firefox runter geschmissen geht immer noch so weiter.

Was kann ich tun um wieder ins internet zu können. Dadrum entschuldigt das ich es so machen musste musste es vorschreiben und dann reim kopieren. Für die schnelligkeit.

Danke im vorraus um lösungen

Die OTL Dateien sind:

OTL logfile created on: 04.12.2011 21:09:55 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,39% Memory free
6,20 Gb Paging File | 5,09 Gb Available in Paging File | 82,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,10 Gb Free Space | 4,78% Space Free | Partition Type: NTFS
Drive D: | 189,08 Gb Total Space | 109,63 Gb Free Space | 57,98% Space Free | Partition Type: NTFS
Drive G: | 195,31 Gb Total Space | 129,90 Gb Free Space | 66,51% Space Free | Partition Type: NTFS

Computer Name: BART | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.04 20:56:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.07 16:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- G:\itune\iTunesHelper.exe
PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.01.18 12:37:12 | 003,168,216 | ---- | M] (PC Tools) -- D:\Programme\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- D:\Programme\PC Tools Firewall Plus\FWService.exe
PRC - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NlsSrv32.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:36 | 000,107,008 | ---- | M] (Mozilla Foundation) -- C:\Users\Chris\AppData\Roaming\Microsoft\svhcost.exe
PRC - [2008.11.12 03:02:14 | 000,708,608 | ---- | M] (Mirco-Star International CO., LTD.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2008.11.05 18:21:04 | 000,159,744 | ---- | M] (Micro-Star Int'l Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2008.08.28 08:49:36 | 000,131,072 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
PRC - [2008.08.28 08:49:30 | 000,237,568 | ---- | M] (Saitek) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
PRC - [2008.08.20 11:35:20 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.05.24 01:07:00 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.05.23 07:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2008.05.14 03:45:04 | 000,357,704 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2008.04.15 08:05:40 | 002,979,144 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.04.01 04:08:50 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008.03.17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.11.19 03:19:35 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007.09.29 01:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

========== Modules (No Company Name) ==========

MOD - [2011.05.26 12:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008.07.18 22:39:04 | 000,053,248 | ---- | M] () -- C:\Program Files\System Control Manager\MGKBHook.dll
MOD - [2005.07.23 06:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.24 08:48:46 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- D:\Programme\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NlsSrv32.exe -- (nlsX86cc)
SRV - [2008.11.05 18:21:04 | 000,159,744 | ---- | M] (Micro-Star Int'l Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2008.05.23 07:54:42 | 000,120,168 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.05.10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010.10.16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.10.10 10:04:38 | 000,244,224 | ---- | M] (10Moons Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TridVid6010.sys -- (TridVid)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.01.18 12:37:22 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010.01.18 12:37:22 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2010.01.18 12:37:21 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010.01.18 12:37:21 | 000,032,680 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctNdis-DNS.sys -- (PCTFW-DNS)
DRV - [2010.01.18 12:37:20 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2009.11.23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008.11.11 13:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.11 13:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.11 13:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.09.12 09:32:55 | 000,035,584 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2008.09.12 09:32:55 | 000,014,080 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2008.09.12 09:32:40 | 000,107,008 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SaiK0836.sys -- (SaiK0836)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.23 02:28:32 | 000,333,824 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV - [2008.08.07 10:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.08.06 09:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.06.30 14:56:12 | 000,917,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.27 21:06:28 | 000,041,728 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2008.06.10 01:45:08 | 001,748,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.06.07 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008.05.14 01:16:06 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2008.04.24 02:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.04.01 14:42:36 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.03.25 22:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 20:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.02.29 23:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.23 05:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.11.29 18:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2005.01.07 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch FF Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2206084&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.youtube.com/?gl=DE&hl=de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: G:\itune\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.07.20 15:18:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Programme\Firefox\components [2011.06.30 10:16:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Programme\Firefox\plugins [2011.06.30 10:16:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: D:\Programme\Firefox\components [2011.06.30 10:16:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: D:\Programme\Firefox\plugins [2011.06.30 10:16:58 | 000,000,000 | ---D | M]

[2009.12.30 09:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2011.12.03 12:26:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions
[2010.12.23 07:07:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.02 04:55:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.02 04:55:42 | 000,000,000 | ---D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2011.11.20 16:21:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.04.02 04:55:40 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\engine@conduit.com
[2011.11.20 16:21:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\i56jhv2f.default\extensions\staged-xpis
[2009.12.30 12:05:18 | 000,002,235 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\askcom.xml
[2009.10.06 17:11:40 | 000,000,900 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\conduit.xml
[2011.12.03 12:26:04 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-1.xml
[2010.10.29 06:15:52 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-10.xml
[2010.11.29 08:14:58 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-11.xml
[2011.03.07 12:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-12.xml
[2011.03.09 09:36:29 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-13.xml
[2011.03.27 12:13:24 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-14.xml
[2011.04.30 20:18:58 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-15.xml
[2011.06.30 10:17:12 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-16.xml
[2010.04.03 21:04:37 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-2.xml
[2010.05.03 06:48:26 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-3.xml
[2010.06.29 08:09:25 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-4.xml
[2010.07.01 05:55:27 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-5.xml
[2010.08.11 10:57:13 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-6.xml
[2010.08.13 16:49:55 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-7.xml
[2010.09.25 07:59:36 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-8.xml
[2010.10.24 08:34:59 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin-9.xml
[2011.02.20 10:21:20 | 000,000,168 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin.gif
[2011.02.20 10:21:20 | 000,000,618 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin.src
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\i56jhv2f.default\searchplugins\icqplugin.xml
[2010.04.29 16:25:02 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.04.14 13:40:14 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.04.15 19:47:43 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.16 20:35:45 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 09:42:53 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.07.20 15:18:38 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- D:\PROGRAMME\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00PCTFW] D:\Programme\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [iTunesHelper] G:\itune\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Mirco-Star International CO., LTD.)
O4 - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{A38970FD-F528-11DE-A927-806E6F6E6963}] C:\Users\Chris\AppData\Roaming\Microsoft\svhcost.exe (Mozilla Foundation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: LaerdalUpdateAgent = C:\Program Files\Laerdal Sophus\UpdateAgent\LaerdalUpdateAgent.exe "lang:C:\Program Files\Laerdal Sophus\UpdateAgent\de"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20101018064504 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D9B48CE-4180-4F96-BAFF-92A65E76350F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83A83B94-15A8-43DF-B1A8-A0065E0310E5}: DhcpNameServer = 10.129.32.1 10.111.81.129
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3a610978-1b00-11df-8b42-002185e6a021}\Shell\AutoRun\command - "" = E:\srgo.exe
O33 - MountPoints2\{3a610978-1b00-11df-8b42-002185e6a021}\Shell\open\Command - "" = E:\srgo.exe
O33 - MountPoints2\{a3897103-f528-11de-a927-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a3897103-f528-11de-a927-806e6f6e6963}\Shell\AutoRun\command - "" = F:\HG2Setup.exe
O33 - MountPoints2\{b0f653f9-34ad-11df-93fd-002185e6a021}\Shell - "" = AutoRun
O33 - MountPoints2\{b0f653f9-34ad-11df-93fd-002185e6a021}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Documents\*.tmp files -> C:\Users\Chris\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.12.04 21:05:31 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.04 21:05:20 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 21:05:19 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 21:05:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.04 20:54:55 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.04 20:54:55 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.04 20:54:55 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.04 20:54:55 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.04 19:48:14 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.03 16:20:25 | 000,117,248 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.03 12:12:12 | 000,000,000 | ---- | M] () -- C:\Users\Chris\AppData\Local\{C4B05650-D095-4A65-949D-329D381E4E7E}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Chris\Documents\*.tmp files -> C:\Users\Chris\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.03 12:12:12 | 000,000,000 | ---- | C] () -- C:\Users\Chris\AppData\Local\{C4B05650-D095-4A65-949D-329D381E4E7E}
[2011.10.15 14:05:06 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.09.23 14:13:25 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011.09.22 18:16:42 | 000,000,000 | ---- | C] () -- C:\Windows\ins.INI
[2011.09.20 19:39:12 | 001,273,856 | ---- | C] () -- C:\Windows\System32\SaiC0836.Dll
[2011.09.20 19:39:12 | 000,008,704 | ---- | C] () -- C:\Windows\System32\SaiC0836_0C.dll
[2011.09.20 19:39:12 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_10.dll
[2011.09.20 19:39:12 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_0A.dll
[2011.09.20 19:39:12 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_07.dll
[2011.09.20 19:39:12 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_09.dll
[2011.09.20 19:39:12 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_0402.dll
[2011.09.20 19:39:12 | 000,005,632 | ---- | C] () -- C:\Windows\System32\SaiC0836_11.dll
[2011.08.09 08:57:02 | 000,163,328 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\jashla.exe
[2011.04.20 09:49:11 | 000,086,016 | ---- | C] () -- C:\Windows\System32\ZCompress.EXE
[2011.04.20 09:49:11 | 000,073,728 | ---- | C] () -- C:\Windows\System32\WinSFX.bin
[2011.04.20 09:49:11 | 000,062,716 | ---- | C] () -- C:\Windows\System32\Uninstall985F.DAT
[2011.04.20 09:49:10 | 000,212,992 | ---- | C] () -- C:\Windows\System32\Setup.EXE
[2011.04.20 09:49:10 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE
[2011.04.20 09:49:09 | 000,516,096 | ---- | C] () -- C:\Windows\System32\BldSetup.EXE
[2011.04.20 09:49:09 | 000,114,688 | ---- | C] () -- C:\Windows\System32\BldDat.EXE
[2011.04.20 09:49:09 | 000,098,304 | ---- | C] () -- C:\Windows\System32\BldOpt.EXE
[2011.04.20 09:49:09 | 000,069,632 | ---- | C] () -- C:\Windows\System32\Dspan.bin
[2011.02.16 18:49:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.02.05 10:35:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.11 18:05:29 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.01.11 18:05:29 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.12.29 08:26:06 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.10.13 14:50:28 | 000,017,408 | ---- | C] () -- C:\Users\Chris\AppData\Local\WebpageIcons.db
[2010.09.16 20:35:49 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2010.02.21 12:09:39 | 000,000,324 | ---- | C] () -- C:\Windows\game.ini
[2010.02.06 14:35:22 | 000,000,635 | ---- | C] () -- C:\Windows\Sof.INI
[2010.01.04 09:44:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.01.04 09:44:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.12.30 08:45:05 | 000,117,248 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.01.26 00:52:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.25 22:56:47 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2009.01.25 22:34:48 | 001,748,352 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.01.25 22:34:48 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.01.25 22:13:48 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2009.01.25 22:11:56 | 000,042,559 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.25 22:08:20 | 000,042,559 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.01.25 21:20:18 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.01.25 21:20:18 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.01.25 21:20:18 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.01.25 21:20:18 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.22 00:46:28 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.04.22 00:44:54 | 000,831,488 | ---- | C] () -- C:\Windows\System32\divx_xx0a.dll
[2008.04.22 00:43:44 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007.12.22 01:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.01.31 06:29:10 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VendorCmdRW.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,294,064 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.07.23 06:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.09.05 08:59:50 | 000,155,648 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2004.09.05 08:58:04 | 000,679,936 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

========== LOP Check ==========

[2010.05.07 05:31:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Blue Cat Audio
[2011.07.28 07:47:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Canon
[2010.02.21 15:08:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\CasualForge
[2011.05.21 19:48:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.04.21 11:36:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Der Planer 4
[2010.03.26 06:15:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Feuerwache
[2010.02.04 16:17:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\flightgear.org
[2010.05.07 07:05:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\HighAndes
[2011.07.06 09:15:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ICQ
[2011.01.10 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LG Electronics
[2010.07.20 15:45:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Nokia
[2010.04.29 16:27:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2010.07.20 15:45:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PC Suite
[2010.01.14 12:29:22 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PCToolsFirewallPlus
[2010.03.03 20:45:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Power Sound Editor Free
[2011.05.19 21:02:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ProtectDISC
[2011.01.12 10:12:47 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Samsung
[2011.05.01 11:22:55 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Toshiba
[2009.12.30 06:52:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Ulead Systems
[2011.12.04 21:04:17 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C31F31E6
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:331B76C7

< End of report >

und Extra::
OTL Extras logfile created on: 04.12.2011 21:09:55 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,39% Memory free
6,20 Gb Paging File | 5,09 Gb Available in Paging File | 82,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,10 Gb Free Space | 4,78% Space Free | Partition Type: NTFS
Drive D: | 189,08 Gb Total Space | 109,63 Gb Free Space | 57,98% Space Free | Partition Type: NTFS
Drive G: | 195,31 Gb Total Space | 129,90 Gb Free Space | 66,51% Space Free | Partition Type: NTFS

Computer Name: BART | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D3D27A-887B-4796-80AD-301BC6C352D1}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{12713BB9-A2EC-491C-9EFE-A3F88ABD3123}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{24636F09-39E8-4BDC-8BF3-824CCD6B3689}" = protocol=17 | dir=in | app=g:\icq7.0\aolload.exe |
"{294AB7A8-E4AD-41B8-A094-B23919E3084C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{2B1274E2-6C5B-4327-BFDE-028949E83FAF}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{2D61D66B-5886-496B-847A-5B5E7AFC34E5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{2D91EB2C-B03E-4250-9612-BC7E85A533F0}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{2EFEFEEC-806A-4FB8-AA1A-92C6C9B75229}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{405484BA-1E76-414E-B2A8-8C87C3947F6B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{438539DD-E280-4DF3-941E-20A8309936F3}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\neoringer\counter-strike\hl.exe |
"{455C8045-856A-4BE9-8491-417190089ABB}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{465D8289-CA94-40B1-BADA-4933E351EA17}" = protocol=17 | dir=in | app=g:\icq7.0\icq.exe |
"{4D6339BC-3A87-456A-95A6-1F3644F4FD30}" = dir=in | app=g:\itune\itunes.exe |
"{53944859-4E06-49FB-B65D-24C9C2BCE2C4}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\neoringer\opposing force\hl.exe |
"{547507FD-475A-46D7-A757-54CB8F08C403}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{57BE86CD-DE70-439D-9ADA-398B97C64F5D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{57EB0307-C003-472B-A59A-D03628B30F6E}" = protocol=6 | dir=in | app=g:\icq7.0\icq.exe |
"{5F0ADA21-0FE6-4CF6-B69B-C1183B2AB301}" = protocol=17 | dir=in | app=g:\icq7.0\icq.exe |
"{65BDB890-4D0D-4A3E-9EA3-6865D7307B41}" = protocol=17 | dir=in | app=g:\icq7.0\aolload.exe |
"{67D42EAB-9556-4648-8193-A4A9E5893BC9}" = protocol=6 | dir=in | app=g:\icq7.0\aolload.exe |
"{6D3A44FD-956C-42C0-8BB3-07D10037F8C7}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\neoringer\counter-strike\hl.exe |
"{7018D4DB-356F-4E18-AE9C-B7D48EEE2435}" = protocol=17 | dir=in | app=g:\icq7.0\aolload.exe |
"{73F49627-C4DC-4D59-BCBA-B6D8E0126832}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{81218C9B-25DA-43D1-844E-F88445387E82}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8899D73F-49CB-4741-A196-0BB16DA50FE4}" = protocol=6 | dir=in | app=g:\icq7.0\icq.exe |
"{899A1069-BCCE-471B-B4F4-260EBAAAAEA7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{8C433588-6CA8-479A-B54E-05C67D737347}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\neoringer\opposing force\hl.exe |
"{925A1B5E-8E3C-470B-8931-E7B212429A31}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{992ECBC0-7706-4DB2-8334-1341DD05636B}" = protocol=17 | dir=in | app=g:\icq7.0\icq.exe |
"{9CB226D8-9EDE-4286-A72C-2E6B761893B1}" = protocol=6 | dir=in | app=g:\icq7.0\icq.exe |
"{A9737A6C-5ECD-4398-9FC0-3AA3E91F3D6B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9ECABE0-85A5-4A81-9D73-5EC2FC03F3E7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB488761-A7D0-4046-93CA-2712FE5E15FB}" = protocol=6 | dir=in | app=g:\icq7.0\aolload.exe |
"{CC3C5F78-B769-42F0-8BC7-D56278A45E53}" = protocol=6 | dir=in | app=g:\icq7.0\aolload.exe |
"{CC4B7026-69E7-4D73-B19E-D5AA9AB9A706}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CEB8C53C-33DB-4C0D-A5DF-494A270793E5}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{D670ACF0-2F23-498D-89BA-9DCC6A0F47E0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D85EA7F1-10DF-423F-AB54-0847E0D886A9}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{DC7ACB2E-DE9E-4B0B-92E8-2C57902BCF34}" = dir=in | app=g:\video-dvd\powerdirector\pdr8.exe |
"{ECB21E02-C949-455D-855C-BA51AF6A327C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0DE058B2-65BF-450E-9755-06D59F1B72BA}" = Saitek SD6 Programming Software 6.5.2.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}" = Radiotracker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 22
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB 2.0 Camera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53480870-02D8-48FB-BC27-72C956885168}" = O&O MediaRecovery
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{83DD8CC8-522E-4B75-836F-8775FDA4B5AB}" = Hotel Gigant 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A8DE8C34-7F51-4cc8-B326-C425793EE741}" = THE CHRONICLES OF RIDDICK: ESCAPE FROM BUTCHER BAY
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1" = Der Planer 4 Version 1.3
"{BDBA9828-200B-43A0-AB4F-82DABEE64F94}_is1" = LPS 2009v 3.0 USB
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{CAB81583-0310-43E1-8E33-0864985EDD67}" = trakAxPC
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D98C9637-93DA-44DB-B73A-B11A1192AB26}" = GameShadow
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E08DE897-B6AF-4DFF-9E90-131E80C876B4}" = DIE SIEDLER - Das Erbe der Könige - Gold Edition
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EF5B1E83-1403-4F0E-A8E6-C169DF0CCE8C}" = LG PC Suite II
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFGC" = Big Fish Games Client
"Canon MP620 series Benutzerregistrierung" = Canon MP620 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Comanche 4" = Comanche 4
"Debut" = Debut Video Capture Software
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)
"Emergency 2012 Demo" = Emergency 2012 Demo
"FFsim" = Feuerwehr-Simulator 2010
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"FormatFactory" = FormatFactory 2.20
"Gabelstapler Simulator 2009" = Gabelstapler Simulator 2009 (entfernen)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"KKND Krossfire" = KKND Krossfire
"Loksim3D" = Loksim3D
"MicroSim Prehospital" = MicroSim Prehospital
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Nokia PC Suite" = Nokia PC Suite
"Nuclear Strike" = Nuclear Strike
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pacific Hawk" = Pacific Hawk 1.0
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"Power Sound Editor Free" = Power Sound Editor Free
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SimCity 3000" = SimCity 3000
"Softonic_Deutsch_FF Toolbar" = Softonic_Deutsch_FF Toolbar
"SpaceShuttleMission2007 DEMO_is1" = SpaceShuttleMission2007 DEMO v1.31
"Steam App 10" = Counter-Strike
"Steam App 130" = Half-Life: Blue Shift
"Steam App 150" = Counter-Strike Steamworks Beta
"Steam App 20" = Team Fortress Classic
"Steam App 30" = Day of Defeat
"Steam App 40" = Deathmatch Classic
"Steam App 50" = Half-Life: Opposing Force
"Steam App 60" = Ricochet
"Steam App 70" = Half-Life
"TmNationsForever_is1" = TmNationsForever
"Trucks & Trailers" = Trucks & Trailers 1.00
"UT2003" = Unreal Tournament 2003
"WinRAR archiver" = WinRAR archiver
"XviD_is1" = XviD MPEG-4 Video Codec
"Zattoo4" = Zattoo4 4.0.5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04.10.2011 15:17:13 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 05.10.2011 15:45:22 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 14.10.2011 14:24:57 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 15.10.2011 06:43:19 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2011 02:47:13 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2011 13:30:10 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2011 12:08:00 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 20.10.2011 17:22:38 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 28.10.2011 01:52:09 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

Error - 29.10.2011 03:22:58 | Computer Name = Bart | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 04.12.2011 15:39:27 | Computer Name = Bart | Source = Service Control Manager | ID = 7001
Description =

Error - 04.12.2011 15:39:27 | Computer Name = Bart | Source = Service Control Manager | ID = 7001
Description =

Error - 04.12.2011 15:39:27 | Computer Name = Bart | Source = Service Control Manager | ID = 7001
Description =

Error - 04.12.2011 15:48:07 | Computer Name = Bart | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 04.12.2011 15:49:27 | Computer Name = Bart | Source = Service Control Manager | ID = 7009
Description =

Error - 04.12.2011 15:50:50 | Computer Name = Bart | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 04.12.2011 16:05:19 | Computer Name = Bart | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 04.12.2011 16:06:25 | Computer Name = Bart | Source = Service Control Manager | ID = 7009
Description =

Error - 04.12.2011 16:07:43 | Computer Name = Bart | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 04.12.2011 16:08:44 | Computer Name = Bart | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

< End of report >

markusg · 08.12.2011, 13:39

hi

achtung!

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL
O4 - HKCU..\Run: [{A38970FD-F528-11DE-A927-806E6F6E6963}] C:\Users\Chris\AppData\Roaming\Microsoft\svhcost.exe (Mozilla Foundation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: LaerdalUpdateAgent = C:\Program Files\Laerdal Sophus\UpdateAgent\LaerdalUpdateAgent.exe
"lang:C:\Program Files\Laerdal Sophus\UpdateAgent\de"
:Files
C:\Users\Chris\AppData\Roaming\Microsoft\svhcost.exe
C:\Program Files\Laerdal Sophus
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html

Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert

Log-Analyse und Auswertung: Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert

Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert

Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert

Ähnliche Themen: Achtung aus sicherheitsgründen wurde ihr windowssystem blockiert