Windows gesperrt Zahlungsaufforderung von 100 Euro

Templeton19 · 01.04.2012, 17:24

Hallo! Habe auch das Problem, dass mein Windows gesperrt wurde und ich nun 100 Euro zahlen soll.
Habe jetz die Scans mit OTL.exe durchgeführt. Bitte um Hilfe

OTL logfile created on: 01.04.2012 18:06:14 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Marcel\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,98 Gb Total Physical Memory | 6,94 Gb Available Physical Memory | 86,99% Memory free
15,97 Gb Paging File | 14,98 Gb Available in Paging File | 93,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 25,81 Gb Free Space | 2,77% Space Free | Partition Type: NTFS
Drive D: | 7,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 2,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 8,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 6,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 4,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 4,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MARCEL-PC | User Name: Marcel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.01 18:04:53 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Marcel\Downloads\OTL.exe
PRC - [2012.03.18 03:34:52 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.10.10 19:00:51 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe

========== Modules (No Company Name) ==========

MOD - [2012.03.18 03:34:51 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.01.07 13:19:36 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.12.06 05:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.24 19:00:30 | 000,343,480 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012.03.22 00:42:00 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.12.12 22:35:08 | 000,751,464 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.09.23 18:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011.08.02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.24 06:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF)
SRV - [2011.03.22 10:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.11.15 13:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.10.05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.12.08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.12.08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.12.08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011.12.08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.12.08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011.12.06 05:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.06 04:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.10.09 13:29:08 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.10.07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011.10.03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.09.25 18:03:48 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.09.25 18:03:47 | 000,042,696 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.09.13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.08.08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.07.13 13:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011.07.13 13:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011.07.11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.07.11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.07.11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.07.11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.01.26 08:06:02 | 000,039,808 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.26 08:06:00 | 000,064,256 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.12.24 09:32:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2009.12.31 12:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.27 14:25:10 | 000,027,160 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.02.12 03:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2008.02.05 01:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2012.04.01 17:53:44 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.02.04 14:50:10 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2011.10.09 02:42:24 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 9E 49 34 49 72 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{48626741-5115-4cb4-80C9-6F25D3F304AF}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKCU\..\SearchScopes\{50FE1714-F060-4ce8-B5BC-02D9CE583EFB}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q="
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2011.09.13 21:07:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2011.09.13 21:07:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2011.09.13 21:07:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.03.04 16:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.24 19:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.18 03:34:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.24 19:00:03 | 000,000,000 | ---D | M]

[2011.09.13 21:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcel\AppData\Roaming\mozilla\Extensions
[2012.03.29 19:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcel\AppData\Roaming\mozilla\Firefox\Profiles\8c8oy5ht.default\extensions
[2012.03.29 19:21:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Marcel\AppData\Roaming\mozilla\Firefox\Profiles\8c8oy5ht.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.07 23:04:13 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Marcel\AppData\Roaming\mozilla\Firefox\Profiles\8c8oy5ht.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.21 11:25:13 | 000,000,933 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\11-suche.xml
[2011.12.21 11:25:13 | 000,002,419 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\englische-ergebnisse.xml
[2011.12.21 11:25:13 | 000,010,525 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\gmx-suche.xml
[2012.03.29 19:23:18 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-1.xml
[2011.10.08 16:37:41 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-2.xml
[2011.11.14 20:10:38 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-3.xml
[2011.11.21 18:36:48 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-4.xml
[2012.02.26 01:07:18 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-5.xml
[2012.03.18 03:35:14 | 000,000,950 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin-6.xml
[2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin.gif
[2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin.src
[2011.09.28 18:19:46 | 000,001,056 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\icqplugin.xml
[2011.12.21 11:25:13 | 000,002,457 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\lastminute.xml
[2011.12.21 11:25:13 | 000,005,508 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\8c8oy5ht.default\searchplugins\webde-suche.xml
[2012.02.26 01:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.09 18:19:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\MARCEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8C8OY5HT.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.03.18 03:34:52 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.26 01:07:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.26 01:07:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.26 01:07:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.26 01:07:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.26 01:07:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.26 01:07:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Skype Click to Call = C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [KTSInit] 0 File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [] C:\Users\Marcel\AppData\Roaming\Upisu\ikets.exe File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [vasja] C:\Users\Marcel\AppData\Local\Temp\mor.exe ()
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Marcel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Marcel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Marcel\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Marcel\Desktop\PartyPoker.lnk ()
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Users\Marcel\Desktop\PartyPoker.net.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Users\Marcel\Desktop\PartyPoker.net.lnk ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{130D726B-197F-44B9-AA2D-9C04E568245C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.06 18:33:09 | 000,000,043 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011.07.26 18:29:22 | 001,702,728 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.07.21 22:35:08 | 000,000,065 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012.02.27 23:07:19 | 000,000,136 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012.02.08 23:39:23 | 000,000,085 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012.02.09 22:33:51 | 000,000,164 | R--- | M] () - I:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{29e88fb0-de39-11e0-ba6e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{29e88fb0-de39-11e0-ba6e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{2d4d961e-e1e3-11e0-9aa1-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{2d4d961e-e1e3-11e0-9aa1-1c6f65d99f71}\Shell\AutoRun\command - "" = O:\noautorun.exe
O33 - MountPoints2\{2d4d9621-e1e3-11e0-9aa1-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{2d4d9621-e1e3-11e0-9aa1-1c6f65d99f71}\Shell\AutoRun\command - "" = R:\autorun.exe
O33 - MountPoints2\{362c27f6-dec2-11e0-9ac9-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{362c27f6-dec2-11e0-9ac9-1c6f65d99f71}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2012.02.27 23:07:19 | 000,838,548 | R--- | M] (EA Games )
O33 - MountPoints2\{362c27f7-dec2-11e0-9ac9-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{362c27f7-dec2-11e0-9ac9-1c6f65d99f71}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2012.02.08 23:39:23 | 000,460,793 | R--- | M] (Kalypso )
O33 - MountPoints2\{362c27f8-dec2-11e0-9ac9-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{362c27f8-dec2-11e0-9ac9-1c6f65d99f71}\Shell\AutoRun\command - "" = I:\Setup.exe -- [2012.02.09 22:33:51 | 000,442,495 | R--- | M] (2K Games )
O33 - MountPoints2\{47861d88-de4b-11e0-9791-1c6f65d99f71}\Shell - "" = AutoRun
O33 - MountPoints2\{47861d88-de4b-11e0-9791-1c6f65d99f71}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011.07.26 18:29:22 | 001,702,728 | R--- | M] ()
O33 - MountPoints2\{bf017fcd-de3e-11e0-9a0c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bf017fcd-de3e-11e0-9a0c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe -- [2006.01.10 15:49:24 | 000,492,032 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.03.24 23:42:20 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Desktop\Neuer Ordner (11)
[2012.03.24 23:33:35 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Documents\SelfMV
[2012.03.24 22:28:22 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Desktop\bluetoothview_1.61
[2012.03.24 19:12:06 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Local\DDMSettings
[2012.03.24 19:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.03.24 18:59:58 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Roaming\DivX
[2012.03.24 18:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.03.24 18:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.03.24 18:59:43 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.03.24 18:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.03.24 18:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.03.24 18:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.03.24 16:12:59 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Local\Divinity 2
[2012.03.24 15:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity II - Ego Draconis
[2012.03.24 15:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2
[2012.03.24 15:26:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Divinity II - Ego Draconis
[2012.03.18 05:10:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Jagged Alliance - Back in Action
[2012.03.18 04:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso
[2012.03.18 04:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2012.03.17 15:56:04 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Documents\Syndicate
[2012.03.17 15:40:10 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Desktop\SYNDICATE.MULTI-POSTMORTEM
[2012.03.07 20:36:21 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Roaming\gema
[2012.03.07 20:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\gema
[2012.03.04 16:21:52 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.03.04 16:11:16 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Roaming\AVG2012
[2012.03.04 16:10:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.03.04 16:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012.03.04 16:10:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012.03.04 16:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012.03.04 16:10:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012.03.04 16:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.03.04 16:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.03.03 18:42:20 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Roaming\Temp
[2012.03.03 18:41:43 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Desktop\Neuer Ordner (10)
[2012.03.03 18:04:25 | 000,000,000 | ---D | C] -- C:\Temp
[2012.03.03 18:01:19 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Local\Samsung
[2012.03.03 18:01:15 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Roaming\Samsung
[2012.03.03 18:01:14 | 000,000,000 | ---D | C] -- C:\Users\Marcel\Documents\samsung
[2012.03.03 18:00:44 | 001,917,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01005.dll
[2012.03.03 18:00:44 | 001,917,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01005.dll
[2012.03.03 18:00:44 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwhnt.sys
[2012.03.03 18:00:44 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2012.03.03 18:00:43 | 000,177,640 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadmdm.sys
[2012.03.03 18:00:43 | 000,157,672 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadbus.sys
[2012.03.03 18:00:43 | 000,146,920 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadserd.sys
[2012.03.03 18:00:43 | 000,036,328 | ---- | C] (Google Inc) -- C:\Windows\SysNative\drivers\ssadadb.sys
[2012.03.03 18:00:43 | 000,016,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadmdfl.sys
[2012.03.03 18:00:43 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcmnt.sys
[2012.03.03 18:00:43 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2012.03.03 18:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012.03.03 18:00:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012.03.03 18:00:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012.03.03 18:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012.03.03 17:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012.03.03 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012.03.03 17:57:47 | 000,000,000 | ---D | C] -- C:\Users\Marcel\AppData\Local\Downloaded Installations
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Marcel\AppData\Roaming\*.tmp files -> C:\Users\Marcel\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.04.01 18:00:13 | 001,533,818 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.01 18:00:13 | 000,670,986 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.01 18:00:13 | 000,622,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.01 18:00:13 | 000,135,360 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.01 18:00:13 | 000,111,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.01 17:55:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.01 17:55:50 | 2134,298,623 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.01 17:53:44 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.04.01 17:53:44 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.01 17:53:43 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Marcel-Startup.job
[2012.04.01 16:54:56 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.01 16:54:56 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.01 16:17:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.01 12:10:10 | 093,288,619 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.03.27 22:25:07 | 000,017,320 | ---- | M] () -- C:\Users\Marcel\Documents\Reifengruppe Ruhr.odt
[2012.03.24 22:28:08 | 000,048,475 | ---- | M] () -- C:\Users\Marcel\Desktop\bluetoothview_1.61.zip
[2012.03.24 20:17:43 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.03.24 19:00:05 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.03.24 19:00:04 | 000,001,611 | ---- | M] () -- C:\Users\Marcel\Desktop\DivX Movies.lnk
[2012.03.24 18:59:56 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.03.24 18:33:02 | 000,036,375 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.03.24 15:40:42 | 000,002,136 | ---- | M] () -- C:\Users\Marcel\Desktop\Divinity II - Ego Draconis.lnk
[2012.03.22 20:01:26 | 000,025,317 | ---- | M] () -- C:\Users\Marcel\Desktop\561292_196731000441059_121045294676297_311942_2064702898_n.jpg
[2012.03.22 00:41:09 | 000,018,267 | ---- | M] () -- C:\Users\Marcel\Documents\Euromaster.odt
[2012.03.20 00:18:42 | 000,017,534 | ---- | M] () -- C:\Users\Marcel\Documents\Overdreef.odt
[2012.03.19 20:24:02 | 000,000,219 | ---- | M] () -- C:\Users\Marcel\Desktop\Counter-Strike Source.url
[2012.03.19 20:24:02 | 000,000,219 | ---- | M] () -- C:\Users\Marcel\Desktop\Counter-Strike Source Beta.url
[2012.03.19 20:24:02 | 000,000,219 | ---- | M] () -- C:\Users\Marcel\Desktop\Counter-Strike Condition Zero Deleted Scenes.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | M] () -- C:\Users\Marcel\Desktop\Ricochet.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | M] () -- C:\Users\Marcel\Desktop\Deathmatch Classic.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | M] () -- C:\Users\Marcel\Desktop\Day of Defeat.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | M] () -- C:\Users\Marcel\Desktop\Counter-Strike.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | M] () -- C:\Users\Marcel\Desktop\Counter-Strike Condition Zero.url
[2012.03.18 20:07:02 | 000,018,510 | ---- | M] () -- C:\Users\Marcel\Documents\Taner Tanju.odt
[2012.03.18 14:48:46 | 000,041,050 | ---- | M] () -- C:\Users\Marcel\Desktop\429746_198949770209243_161127753991445_272782_408366310_n.jpg
[2012.03.18 04:57:26 | 000,002,302 | ---- | M] () -- C:\Users\Public\Desktop\Jagged Alliance - Back in Action.lnk
[2012.03.17 15:54:18 | 000,002,409 | ---- | M] () -- C:\Users\Public\Desktop\Syndicate.lnk
[2012.03.15 22:37:19 | 000,017,511 | ---- | M] () -- C:\Users\Marcel\Documents\Bernhard Ernst Witten.odt
[2012.03.15 20:38:33 | 000,911,518 | ---- | M] () -- C:\Users\Marcel\Desktop\IMG_20120220_191021.jpg
[2012.03.14 23:35:40 | 000,007,241 | ---- | M] () -- C:\Users\Marcel\Desktop\425314_343978115637297_310147982353644_875967_682328610_n.jpg
[2012.03.12 22:11:45 | 000,037,979 | ---- | M] () -- C:\Users\Marcel\Desktop\422636_247476888664908_232221663523764_580280_1495674464_n.jpg
[2012.03.04 20:10:17 | 000,012,733 | ---- | M] () -- C:\Users\Marcel\Desktop\431165_337153456326760_283069105068529_885275_1457106671_n.jpg
[2012.03.04 17:41:17 | 000,058,572 | ---- | M] () -- C:\Users\Marcel\Desktop\425080_380213372008775_100000603474888_1374740_406334807_n.jpg
[2012.03.04 16:10:52 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.03.04 16:10:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.03.04 16:10:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.03.04 03:52:50 | 000,001,063 | ---- | M] () -- C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8631463108393326g8j8.exe.lnk
[2012.03.03 18:03:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012.03.03 18:03:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.03.03 18:01:10 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.03.03 17:58:24 | 094,168,576 | ---- | M] () -- C:\Samsung Kies.msi
[2012.03.03 17:58:18 | 000,021,494 | ---- | M] () -- C:\0x0409.ini
[2012.03.03 17:58:18 | 000,003,584 | ---- | M] () -- C:\1033.MST
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Marcel\AppData\Roaming\*.tmp files -> C:\Users\Marcel\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.04.01 12:10:10 | 093,288,619 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.03.27 22:25:05 | 000,017,320 | ---- | C] () -- C:\Users\Marcel\Documents\Reifengruppe Ruhr.odt
[2012.03.24 22:28:06 | 000,048,475 | ---- | C] () -- C:\Users\Marcel\Desktop\bluetoothview_1.61.zip
[2012.03.24 22:00:42 | 000,000,130 | ---- | C] () -- C:\Users\Marcel\Desktop\SiteRips Ohne Ende Hier auf dd.24.eu.url
[2012.03.24 19:00:04 | 000,001,611 | ---- | C] () -- C:\Users\Marcel\Desktop\DivX Movies.lnk
[2012.03.24 18:59:56 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.03.24 18:59:47 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.03.24 18:33:02 | 000,036,375 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.03.24 15:40:42 | 000,002,136 | ---- | C] () -- C:\Users\Marcel\Desktop\Divinity II - Ego Draconis.lnk
[2012.03.22 20:01:25 | 000,025,317 | ---- | C] () -- C:\Users\Marcel\Desktop\561292_196731000441059_121045294676297_311942_2064702898_n.jpg
[2012.03.21 22:59:16 | 000,018,267 | ---- | C] () -- C:\Users\Marcel\Documents\Euromaster.odt
[2012.03.20 00:18:40 | 000,017,534 | ---- | C] () -- C:\Users\Marcel\Documents\Overdreef.odt
[2012.03.19 20:24:02 | 000,000,219 | ---- | C] () -- C:\Users\Marcel\Desktop\Counter-Strike Source.url
[2012.03.19 20:24:02 | 000,000,219 | ---- | C] () -- C:\Users\Marcel\Desktop\Counter-Strike Source Beta.url
[2012.03.19 20:24:02 | 000,000,219 | ---- | C] () -- C:\Users\Marcel\Desktop\Counter-Strike Condition Zero Deleted Scenes.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | C] () -- C:\Users\Marcel\Desktop\Ricochet.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | C] () -- C:\Users\Marcel\Desktop\Deathmatch Classic.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | C] () -- C:\Users\Marcel\Desktop\Day of Defeat.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | C] () -- C:\Users\Marcel\Desktop\Counter-Strike.url
[2012.03.19 20:24:02 | 000,000,218 | ---- | C] () -- C:\Users\Marcel\Desktop\Counter-Strike Condition Zero.url
[2012.03.18 20:07:01 | 000,018,510 | ---- | C] () -- C:\Users\Marcel\Documents\Taner Tanju.odt
[2012.03.18 14:48:46 | 000,041,050 | ---- | C] () -- C:\Users\Marcel\Desktop\429746_198949770209243_161127753991445_272782_408366310_n.jpg
[2012.03.18 04:57:26 | 000,002,302 | ---- | C] () -- C:\Users\Public\Desktop\Jagged Alliance - Back in Action.lnk
[2012.03.18 04:11:17 | 2469,404,672 | ---- | C] () -- C:\Users\Marcel\Desktop\sr-jabia.iso
[2012.03.17 15:54:18 | 000,002,409 | ---- | C] () -- C:\Users\Public\Desktop\Syndicate.lnk
[2012.03.15 22:37:17 | 000,017,511 | ---- | C] () -- C:\Users\Marcel\Documents\Bernhard Ernst Witten.odt
[2012.03.15 20:38:22 | 000,911,518 | ---- | C] () -- C:\Users\Marcel\Desktop\IMG_20120220_191021.jpg
[2012.03.14 23:35:39 | 000,007,241 | ---- | C] () -- C:\Users\Marcel\Desktop\425314_343978115637297_310147982353644_875967_682328610_n.jpg
[2012.03.12 22:11:44 | 000,037,979 | ---- | C] () -- C:\Users\Marcel\Desktop\422636_247476888664908_232221663523764_580280_1495674464_n.jpg
[2012.03.04 20:10:17 | 000,012,733 | ---- | C] () -- C:\Users\Marcel\Desktop\431165_337153456326760_283069105068529_885275_1457106671_n.jpg
[2012.03.04 17:41:16 | 000,058,572 | ---- | C] () -- C:\Users\Marcel\Desktop\425080_380213372008775_100000603474888_1374740_406334807_n.jpg
[2012.03.04 16:10:52 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.03.04 16:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.03.04 16:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.03.04 03:52:50 | 000,001,063 | ---- | C] () -- C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.8631463108393326g8j8.exe.lnk
[2012.03.03 18:03:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012.03.03 18:03:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.03.03 18:01:10 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012.03.03 17:58:38 | 000,021,494 | ---- | C] () -- C:\0x0409.ini
[2012.03.03 17:58:38 | 000,003,584 | ---- | C] () -- C:\1033.MST
[2012.03.03 17:58:37 | 094,168,576 | ---- | C] () -- C:\Samsung Kies.msi
[2012.02.24 20:35:21 | 000,005,416 | ---- | C] () -- C:\Users\Marcel\AppData\Roaming\BAcroIEHelpe078.dll
[2012.02.20 21:58:15 | 000,007,120 | ---- | C] () -- C:\Users\Marcel\AppData\Roaming\BAcroIEHelpe077.dll
[2012.02.14 20:49:48 | 000,007,120 | ---- | C] () -- C:\Users\Marcel\AppData\Roaming\BAcroIEHelpe075.dll
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.12.23 19:54:41 | 000,017,408 | ---- | C] () -- C:\Users\Marcel\AppData\Local\WebpageIcons.db
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.09 19:37:11 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011.10.07 20:37:57 | 000,001,103 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.09.26 20:37:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.09.18 13:07:37 | 000,003,024 | ---- | C] () -- C:\Windows\RbSystem.ini
[2011.09.18 13:07:04 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\PWUtility.dll
[2011.09.18 13:07:04 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\dtctrace.dll
[2011.09.18 13:07:03 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\xcd73532.dll
[2011.09.18 13:06:56 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.09.18 13:06:53 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll
[2011.09.18 13:06:53 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll
[2011.09.18 13:02:56 | 000,000,801 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.09.17 22:34:12 | 000,000,981 | ---- | C] () -- C:\Windows\eReg.dat
[2011.09.13 21:31:18 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.09.13 21:11:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.09.13 21:06:24 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.13 21:05:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

< End of report >

OTL Extras logfile created on: 01.04.2012 18:06:14 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Marcel\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,98 Gb Total Physical Memory | 6,94 Gb Available Physical Memory | 86,99% Memory free
15,97 Gb Paging File | 14,98 Gb Available in Paging File | 93,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 25,81 Gb Free Space | 2,77% Space Free | Partition Type: NTFS
Drive D: | 7,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 2,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 8,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 6,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 4,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 4,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: MARCEL-PC | User Name: Marcel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{116C20CC-0843-1FC0-2AE8-BD3535911B36}" = AMD Drag and Drop Transcoding
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{30CAD3B3-7EF6-4087-2A50-97EF66966776}" = ATI AVIVO64 Codecs
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012
"{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{06ACD0D6-537A-4831-9608-AA74A5795698}" = Fantasy Sound Pack
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional
"{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life
"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian
"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish
"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20052CA0-FF43-4901-8261-E6DBF0A09ED1}" = Farm Animal Sounds
"{216E21F4-0489-4311-92D6-20D1FB950FCE}" = Sci-Fi Voice Pack
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{336E1A2D-E3EB-4846-B7D0-BD75BBBBC0A4}" = Deep Space Voices
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish
"{418D77E2-7B60-48F8-B016-30A32699EE74}" = Splashtop Connect IE
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.1216.1
"{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}" = Male Voice Pack
"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese
"{47C555CA-1CFD-44F9-9479-D2D900683520}_is1" = Jagged Alliance Back in Action Demo Version 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5B616A3F-43D9-4F0B-9F49-D39342A98592}" = Creatures of Darkness
"{602A1471-063B-4E03-9DCE-0210B914EFF5}" = Translator Fun Voice Pack
"{62DAB694-358E-4C6F-82BF-26DA64B297A6}" = MorphVOX Pro
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C4BA010-69C2-46C7-B559-DC513EEB0B5F}_is1" = WinMaximizer 1.2.86
"{71F8C486-8A13-468E-8B73-06051075556A}" = Female Voice Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{79A743FA-FF99-42DF-8C35-BA40EAEA6668}" = Comic Sound Pack
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A48CE6DE-1E75-EBE2-8EF7-6E6EA51962AC}" = HydraVision
"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All
"{B0C00181-ECF5-4124-A6DE-14EA663D4799}" = Blue Satin Skin
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E01095-8BAA-456E-8AED-504C3CCADBA0}" = Nero 11
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean
"{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = Catalyst Control Center
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D13F2D95-1CE0-4147-846F-89ECB2E9A5CD}" = Sci-Fi Sound Pack
"{D2BF4F2C-BDF3-41C3-8D38-185F6342EC47}" = Splashtop Connect for Firefox
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D813EF9B-69CF-4996-893C-B400AE7292FA}" = Spooky Sounds
"{D91802D9-6A42-4563-BC37-B3E2D04DC95B}" = Ancient Weapon Sounds
"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian
"{DF3FE308-58F2-45E2-9BB0-6A993794AD5C}" = Galactic Voices
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E7E76513-335F-4995-86CF-A85B77D8D975}" = Sci-Fi 2 Sound Pack
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Blitzkrieg2 The Finest Hour_is1" = UninstallBlitz
"Bosch Viewer" = Bosch Viewer
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"DivX Setup" = DivX-Setup
"ESI Prüfwerte" = ESI Prüfwerte
"ESI[tronic]" = ESI[tronic]
"Free YouTube Download_is1" = Free YouTube Download version 3.0.19.1206
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.1216.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Jagged Alliance - Back in Action_is1" = Jagged Alliance - Back in Action
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPoker.net
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 30" = Day of Defeat
"Steam App 40" = Deathmatch Classic
"Steam App 60" = Ricochet
"Steam App 80" = Counter-Strike: Condition Zero
"Steuergeräte-Diagnose_is1" = Steuergeräte-Diagnose SD-SW-Setup:2010/1_1_13 KTS500-V:2009-09-
"Syndicate_is1" = Syndicate
"SystemRequirementsLab" = System Requirements Lab
"The Darkness II_is1" = The Darkness II
"The Power of Hightech Warfare" = The Power of Hightech Warfare
"Tunngle beta_is1" = Tunngle beta
"Updater Service" = Updater Service
"VLC media player" = VLC media player 1.1.11
"Yawle_0.3b" = YAWLE 0.5b

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Tropico 4" = Tropico 4 1.00

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

markusg · 01.04.2012, 19:21

hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL
O4 - HKCU..\Run: [vasja] C:\Users\Marcel\AppData\Local\Temp\mor.exe ()
 :Files
C:\Users\Marcel\AppData\Local\Temp\mor.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die

+ E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

Windows gesperrt Zahlungsaufforderung von 100 Euro

Log-Analyse und Auswertung: Windows gesperrt Zahlungsaufforderung von 100 Euro

Windows gesperrt Zahlungsaufforderung von 100 Euro

Windows gesperrt Zahlungsaufforderung von 100 Euro

Ähnliche Themen: Windows gesperrt Zahlungsaufforderung von 100 Euro