Hallo zusammen!

Ich war vorhin mit meinem Netbook online und plötzlich ging nichts mehr. Ich habe die Meldung bekommen, dass mein Pc wegen einer angeblich nicht lizensierter Software gesperrt wurde und ich innerhalb von 24 Stunden 100€ zahlen soll, weil mir sonst die Platte gelöscht wird.

Vielen Dank schon mal!

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 02.02.2012 20:45:15 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Juli Neverforever\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 3,22 Gb Available Physical Memory | 80,87% Memory free
7,96 Gb Paging File | 7,23 Gb Available in Paging File | 90,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,56 Gb Total Space | 448,85 Gb Free Space | 77,05% Space Free | Partition Type: NTFS
 
Computer Name: JULINEVERFOREVE | User Name: Juli Neverforever | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Juli Neverforever\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (Akamai) -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_e286960.dll ()
SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (libusbd) -- C:\Windows\SysWOW64\libusbd-nt.exe (libusb-Win32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VBTUSB) -- C:\Windows\SysNative\drivers\VBTUSB.sys (Sony Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to the VAIO portal
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to the VAIO portal
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local;127.0.0.1:9421;
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.02.01 06:43:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.04 01:11:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.02.01 06:43:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.02 19:55:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.04 01:11:49 | 000,000,000 | ---D | M]
 
[2011.08.06 13:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juli Neverforever\AppData\Roaming\mozilla\Extensions
[2012.01.08 20:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juli Neverforever\AppData\Roaming\mozilla\Firefox\Profiles\6bo1vwy2.default\extensions
[2011.12.25 16:04:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Juli Neverforever\AppData\Roaming\mozilla\Firefox\Profiles\6bo1vwy2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.06 13:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.04 01:11:50 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
() (No name found) -- C:\USERS\JULI NEVERFOREVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6BO1VWY2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JULI NEVERFOREVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6BO1VWY2.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.02.02 19:55:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.01.28 19:20:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.28 19:20:31 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.28 19:20:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.28 19:20:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.28 19:20:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.28 19:20:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-Suche = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: SiteAdvisor = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Juli Neverforever\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120131155246.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120131155246.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Juli Neverforever\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [vasja] C:\Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe (Orb Networks)
O4 - Startup: C:\Users\Juli Neverforever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DB9F266-CD47-4664-8C0C-6E0ECBAC8E45}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.02 20:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.02.02 16:50:26 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{18D3115A-8341-4DB2-801E-3D37C3AFC5BA}
[2012.02.02 16:50:14 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{75131516-5B49-47E4-9379-2E3E68C4EE38}
[2012.02.02 14:57:08 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{084EE758-617C-43EB-8975-46265439E8D3}
[2012.02.02 14:56:56 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{2EF9D592-AD6C-47A0-9DB3-EB46F2433DFA}
[2012.02.02 13:58:52 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{C2F2716E-1A9D-4CA8-AD81-F7357991E226}
[2012.02.01 21:49:51 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Desktop\bass
[2012.02.01 20:14:57 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{7EF7934E-AABF-426F-8109-8AFC6B79D696}
[2012.02.01 20:14:45 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{F1CD6263-E790-439A-B421-2BC776775B52}
[2012.02.01 06:45:25 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{C3F5DC82-7DF8-4385-BFF9-9F6645A1D953}
[2012.02.01 06:45:08 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{0D1C3820-0E5B-48A5-B112-5DC405FD4B77}
[2012.01.31 13:36:05 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{1B2B5038-0F4C-47BC-BB05-79245F3EF4C5}
[2012.01.31 13:35:53 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{8A45A679-18ED-4164-B839-B8B84F3B1903}
[2012.01.30 18:53:24 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{888926F3-2CC5-4EDA-BD50-7E37D938AC78}
[2012.01.30 18:53:12 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{34E47F36-E1B7-4E49-8D70-52C3C328B27D}
[2012.01.30 15:18:00 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{4C226A87-D1B6-4FAB-A877-FF0F7C562EC1}
[2012.01.29 21:17:06 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{456D1E64-E641-49EE-BD1F-99C32D3F1338}
[2012.01.29 21:16:55 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{A4115F57-E524-4116-AC88-ABEDD87BE7CF}
[2012.01.29 08:55:54 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{498754FC-A4C3-4277-BBB2-C7CD4406E06F}
[2012.01.29 08:55:42 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{DEDB424D-F1FE-4C0F-849E-FCE2446BFF1F}
[2012.01.28 22:22:37 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{10270408-0D42-4BE1-B37B-3A32DFD25D5F}
[2012.01.28 16:29:46 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\Downloaded Installations
[2012.01.28 15:05:40 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Documents\Need for Speed World
[2012.01.28 13:44:45 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2012.01.28 13:44:45 | 000,115,272 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2012.01.28 13:44:45 | 000,074,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys
[2012.01.28 13:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2012.01.28 13:44:05 | 002,548,160 | ---- | C] (MotioninJoy | Playstation 3|Xbox 360|Dualshock 3|Sixaxis|Game|Driver|                                         ) -- C:\Users\Juli Neverforever\Desktop\MotioninJoy_060005_amd64_signed.exe
[2012.01.28 13:40:42 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{E40A4C86-996D-4705-B562-990D30EF45CD}
[2012.01.27 20:19:00 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{72CEAC6E-F008-4957-8CD9-334A6EA1A21E}
[2012.01.27 20:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibUSB-Win32
[2012.01.27 20:14:01 | 000,046,592 | ---- | C] (libusb-Win32) -- C:\Windows\SysWow64\libusb0.dll
[2012.01.27 20:14:01 | 000,019,456 | ---- | C] (libusb-Win32) -- C:\Windows\SysWow64\libusbd-9x.exe
[2012.01.27 20:14:01 | 000,018,944 | ---- | C] (libusb-Win32) -- C:\Windows\SysWow64\libusbd-nt.exe
[2012.01.27 20:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibUSB-Win32-0.1.10.1
[2012.01.27 20:13:01 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Desktop\Ps3
[2012.01.27 20:02:31 | 000,255,496 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\MijFrc.dll
[2012.01.27 20:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2012.01.27 20:02:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Roaming\MotioninJoy
[2012.01.27 20:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MotioninJoy
[2012.01.27 19:34:01 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Roaming\Need for Speed World
[2012.01.27 18:49:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\Electronic_Arts_Inc
[2012.01.27 18:48:21 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\Akamai
[2012.01.27 18:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2012.01.27 18:47:06 | 005,006,472 | ---- | C] (Electronic Arts                                             ) -- C:\Users\Juli Neverforever\Desktop\setup_659.exe
[2012.01.27 16:45:17 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\ArcSoft
[2012.01.27 16:45:09 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Roaming\ArcSoft
[2012.01.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Roaming\skypePM
[2012.01.27 16:27:41 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Roaming\Skype
[2012.01.27 06:15:02 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{76DC0439-7ED8-4901-9A88-032EF1D613F3}
[2012.01.27 06:14:48 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{7333E948-5D05-46BD-85B7-8BA2ABF8E49B}
[2012.01.26 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{2F6AA7B7-C746-46D6-AD64-F4ED792A5DFD}
[2012.01.26 07:45:21 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.26 07:45:21 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.26 07:45:21 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.26 07:45:21 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.26 07:45:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.26 07:45:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.26 07:40:55 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{A3870534-52FA-41B5-8BEA-24DD6666D216}
[2012.01.25 17:21:41 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{0D4756C0-C2E2-4394-BF4D-D9407FBC5E82}
[2012.01.25 17:21:28 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{8D17C973-B625-484B-9B3F-F4C273848695}
[2012.01.25 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{DA83EB2B-FDE6-4C5D-BEB4-FB67E3DD976E}
[2012.01.25 14:27:08 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{972712DA-AE25-40BD-852F-B29FA5FE835F}
[2012.01.25 06:15:55 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{702C724B-0C9C-4F55-B0A9-18465A9E8326}
[2012.01.24 17:05:34 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{4C2B0698-57C3-4042-83FE-317B96E0433A}
[2012.01.24 17:05:22 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{B0A656DB-C4B8-469D-A89D-6C72DB8BBD33}
[2012.01.24 06:13:54 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{B038D0DE-FB61-40A1-8D6D-F14EC523C749}
[2012.01.24 06:13:42 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{FE7358BC-1DDC-429C-ACF1-CDABCE2C908A}
[2012.01.23 18:44:54 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{05EFE5B6-6F37-4DCE-8154-B43045C03803}
[2012.01.23 17:19:46 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{74FEFDEE-0E43-4ABE-AC51-DE0D93351E3D}
[2012.01.23 16:44:26 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{642A0FCD-234F-48BF-A954-81E0E5A847F4}
[2012.01.23 06:15:57 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{37A39452-A10D-4F0C-A813-7F59914896A6}
[2012.01.22 13:34:22 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{148E7582-5CEF-4720-872A-7DC508038640}
[2012.01.22 13:34:09 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{3C91AAD0-594D-449D-94D2-B24C457C31F1}
[2012.01.21 15:10:57 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Desktop\Musik
[2012.01.21 14:28:28 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{BF80478B-7C63-46C5-AF63-70D0939AA053}
[2012.01.21 14:28:17 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{1FD145D0-F8F1-4663-A98C-6DD4D14A19D0}
[2012.01.21 12:23:03 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Schule-TBK
[2012.01.21 12:18:21 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\Programme
[2012.01.21 11:46:16 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{9E49324C-8274-4232-AEA7-8A9A89E0898B}
[2012.01.21 11:42:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{6766DBB5-0633-4F9E-8F97-691CCEE374A4}
[2012.01.20 18:58:33 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{988BADC1-59E1-460D-97E4-A9044B28A605}
[2012.01.20 18:58:21 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{9618FCE8-944A-4B4C-830F-891190CB0CB4}
[2012.01.20 06:10:13 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{2FAF81AA-E0D2-4E02-8719-965C00C77F0A}
[2012.01.20 06:10:02 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{7557FAD4-F5D0-4743-A3D7-D2F3550766BD}
[2012.01.19 19:31:27 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{EAB1286C-6CD0-4A25-880A-64EB825E4F31}
[2012.01.19 07:44:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{8CD10BE8-4509-46C0-B5DD-F848C6CEB6D4}
[2012.01.18 19:15:32 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{43465114-97DC-4CCF-82C4-A1573E822FD5}
[2012.01.18 16:56:15 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{2AA0E436-CA5E-4A0A-8423-1FE0F121DE1D}
[2012.01.18 16:56:04 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{576FAB87-FBE1-429A-A100-8328807083D9}
[2012.01.18 06:51:31 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{5913EA69-B6B2-4565-A32D-283725358390}
[2012.01.18 06:51:19 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{6907D4C3-BE11-447A-BB05-E62F5FA6F689}
[2012.01.17 07:45:58 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{BCFA5245-E8E3-4C13-893A-0A9167AC7C97}
[2012.01.16 17:39:00 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{92C75499-C667-400A-BAC7-B3009D7CC6CB}
[2012.01.16 06:06:32 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{4B24E0A1-D3A3-4D7C-8BA7-5333573733F6}
[2012.01.15 21:34:12 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{80523A97-7525-4AD2-9B60-71C54D49261B}
[2012.01.15 15:35:41 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{ED0D9926-CEE3-4A43-82FB-DFC28D03F9DE}
[2012.01.15 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{B3E6C7F3-A866-4DA7-A61D-0FC154E56340}
[2012.01.14 19:26:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{DCBDAFCD-DD14-48EA-B4C5-82C082C89294}
[2012.01.14 14:43:32 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{52AB8E10-C5DB-4A63-A693-29144580A017}
[2012.01.13 16:31:30 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{48704820-0F54-43FE-B1AF-93FC547F343F}
[2012.01.13 16:31:19 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{F745FD3A-55A8-4F2E-B5E7-A7FC353E80A8}
[2012.01.13 15:14:01 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{0DCD455E-0C51-4FAF-9545-8A8CBDCE84A4}
[2012.01.13 15:13:50 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{8EB4EEBB-CD09-4791-87CB-5A14C816E7C5}
[2012.01.13 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{637737E4-7CAE-40ED-9EC0-38C136782DBC}
[2012.01.13 11:48:21 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{5D6D5361-CBF7-465C-9D2E-F550FBF12F12}
[2012.01.13 06:12:47 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{13800EB0-D302-4F8D-AD10-0669B18C7819}
[2012.01.13 06:12:34 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{ECF4ED3A-FDA2-48D9-BDFC-0479845B04C1}
[2012.01.12 16:15:33 | 000,119,840 | ---- | C] (Martin Pesch) -- C:\Users\Juli Neverforever\Desktop\mp3DirectCut.exe
[2012.01.12 06:11:49 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{C1426193-4728-4A74-82ED-F0B0B97E121B}
[2012.01.12 06:11:38 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{07F7A503-AC5F-45E7-B4F7-20C17A6D0377}
[2012.01.11 20:38:40 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 20:38:40 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 20:38:40 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 20:38:40 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 20:33:37 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.11 20:33:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.11 20:33:14 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 20:33:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 20:33:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 06:09:42 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{35AFBAB6-5197-4DD6-A24F-A9B64BF1C979}
[2012.01.10 15:31:59 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{06D1D7DB-5DC7-4B76-9ECC-E1D6BB666C01}
[2012.01.10 06:07:55 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{E8DDF4DA-B89A-4741-B565-10D84E9F80F3}
[2012.01.09 21:26:16 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{CA3258A2-CF54-4E41-938A-61B8314944C9}
[2012.01.09 06:05:49 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{2CAC67EE-B76D-454E-B31D-EE85AED97B8F}
[2012.01.09 06:05:38 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{D90343DC-1442-4CB0-9076-5B64363FD9C2}
[2012.01.08 20:19:00 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{1ADECC66-D9FB-4C74-8B0F-8BE7A84DA4EA}
[2012.01.08 20:18:49 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{B46CA1C9-5AD0-4E8C-87E9-276E22DE2893}
[2012.01.08 14:21:18 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{11092A27-1E7E-452D-8E5E-D4EAB7279C43}
[2012.01.05 09:34:46 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{E4D5B1F4-5671-4398-8CE9-8A7E4CE5C8DC}
[2012.01.05 09:34:34 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\{74E0B6DE-6DD8-4DB2-9CFC-BAACB2939D8F}
[2012.01.04 13:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012.01.04 13:11:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2012.01.04 13:11:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2012.01.04 13:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2012.01.04 13:11:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0305010.00A
[2012.01.04 13:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.01.04 13:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.01.04 13:11:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012.01.04 01:17:44 | 000,000,000 | ---D | C] -- C:\Users\Juli Neverforever\AppData\Local\DDMSettings
[2012.01.04 01:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.01.04 01:11:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.01.04 01:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.01.04 01:10:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.01.04 01:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.01.03 20:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.03 20:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.03 20:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.03 20:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.01.03 20:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.01.03 20:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.01.03 20:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.01.03 20:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.02 20:33:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.02 20:33:24 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.02 20:25:26 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.02 20:24:39 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.02 20:24:39 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.02 19:59:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.02 19:42:23 | 003,191,953 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Natalia Kills - Mirrors (Frankmusik Obsidian Overkill Remix).mp3
[2012.02.02 08:12:39 | 134,579,546 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\B.o.B - Strange Clouds remix feat. T.I. _ Young Jeezy.mp4
[2012.02.02 08:09:05 | 016,478,274 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\mirror.flv
[2012.02.02 07:58:32 | 007,298,464 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\T.I.+-+I+Need+Dollas+(Tags).mp3
[2012.02.01 21:58:41 | 000,004,395 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\mp3DirectCut.ini
[2012.02.01 21:41:48 | 011,268,499 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Dev+feat.+Enrique+Iglesias+-+Naked+(It's+The+DJ+Kue+Remix!).mp3
[2012.02.01 20:29:57 | 007,768,295 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Timati+&+P.+Diddy,+DJ+Antoine,+Dirty+Money+-+I'm+On+You+(DJ+Antoine+Vs.+Mad+Mark+Remix).mp3
[2012.01.31 19:22:15 | 007,242,765 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Marlon Roudette - Anti Hero.flv
[2012.01.31 14:19:43 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.31 14:19:43 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.31 14:19:43 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.31 14:19:43 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.31 14:19:43 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.28 13:47:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2012.01.28 13:47:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2012.01.28 13:44:45 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2012.01.27 20:02:03 | 001,991,452 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\MotioninJoy_060003_x86_signed.zip
[2012.01.27 18:47:44 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012.01.27 18:47:11 | 005,006,472 | ---- | M] (Electronic Arts                                             ) -- C:\Users\Juli Neverforever\Desktop\setup_659.exe
[2012.01.27 16:29:04 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2012.01.27 15:49:21 | 005,260,433 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Jay-Z & Pharrell & Lana Del Rey – Allure (OTTR) [Urban Noize Remix].mp3
[2012.01.27 15:43:34 | 004,926,901 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Benny Benassi feat. Gary Go - Cinema (Skrillex Remix).mp3
[2012.01.27 15:42:55 | 012,544,415 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\01 Snoop Dogg - Sensual Seduction (Skrillex Remix).mp3
[2012.01.25 19:52:12 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.01.25 15:02:17 | 015,450,162 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Afrojack+&+Shermanology+-+Can't+Stop+Me+(Club+Mix).mp3
[2012.01.25 14:58:41 | 010,965,460 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\Ian+Carey+&+Rosette+feat.+Timbaland+&+Brasco+-+Amnesia+(Extended+Mix).mp3
[2012.01.23 21:52:45 | 000,083,152 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\anigif2.gif
[2012.01.23 17:34:30 | 000,032,081 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\anigif.gif
[2012.01.19 12:15:52 | 003,537,752 | ---- | M] (Tobit.Software) -- C:\Windows\RXSUnins.exe
[2012.01.19 12:15:52 | 003,537,752 | ---- | M] (Tobit.Software) -- C:\Windows\RXCUnins.exe
[2012.01.11 22:54:04 | 001,592,786 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.11 20:15:37 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Juli Neverforever.job
[2012.01.08 21:23:22 | 000,410,012 | ---- | M] () -- C:\test.xml
[2012.01.04 01:11:54 | 000,001,628 | ---- | M] () -- C:\Users\Juli Neverforever\Desktop\DivX Movies.lnk
[2012.01.03 20:59:15 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.03 20:52:31 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.02 19:42:22 | 003,191,953 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Natalia Kills - Mirrors (Frankmusik Obsidian Overkill Remix).mp3
[2012.02.02 08:09:11 | 134,579,546 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\B.o.B - Strange Clouds remix feat. T.I. _ Young Jeezy.mp4
[2012.02.02 08:09:02 | 016,478,274 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\mirror.flv
[2012.02.02 07:58:23 | 007,298,464 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\T.I.+-+I+Need+Dollas+(Tags).mp3
[2012.02.01 21:28:13 | 011,268,499 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Dev+feat.+Enrique+Iglesias+-+Naked+(It's+The+DJ+Kue+Remix!).mp3
[2012.02.01 20:29:48 | 007,768,295 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Timati+&+P.+Diddy,+DJ+Antoine,+Dirty+Money+-+I'm+On+You+(DJ+Antoine+Vs.+Mad+Mark+Remix).mp3
[2012.01.31 19:20:10 | 007,242,765 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Marlon Roudette - Anti Hero.flv
[2012.01.28 13:47:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2012.01.28 13:47:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2012.01.28 13:44:45 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2012.01.27 20:14:01 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2012.01.27 20:01:39 | 001,991,452 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\MotioninJoy_060003_x86_signed.zip
[2012.01.27 18:47:44 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012.01.27 16:29:04 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.01.27 15:49:12 | 005,260,433 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Jay-Z & Pharrell & Lana Del Rey – Allure (OTTR) [Urban Noize Remix].mp3
[2012.01.27 15:43:34 | 004,926,901 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Benny Benassi feat. Gary Go - Cinema (Skrillex Remix).mp3
[2012.01.27 15:41:45 | 012,544,415 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\01 Snoop Dogg - Sensual Seduction (Skrillex Remix).mp3
[2012.01.25 14:35:00 | 015,450,162 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Afrojack+&+Shermanology+-+Can't+Stop+Me+(Club+Mix).mp3
[2012.01.25 14:33:25 | 010,965,460 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\Ian+Carey+&+Rosette+feat.+Timbaland+&+Brasco+-+Amnesia+(Extended+Mix).mp3
[2012.01.23 21:52:45 | 000,083,152 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\anigif2.gif
[2012.01.23 17:34:30 | 000,032,081 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\anigif.gif
[2012.01.21 12:24:24 | 000,004,395 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\mp3DirectCut.ini
[2012.01.04 13:11:34 | 000,000,476 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Juli Neverforever.job
[2012.01.04 13:11:28 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0305010.00A\isolate.ini
[2012.01.04 01:11:54 | 000,001,628 | ---- | C] () -- C:\Users\Juli Neverforever\Desktop\DivX Movies.lnk
[2012.01.03 20:59:15 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.03 20:52:31 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.12.25 11:41:37 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.12.25 11:41:10 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.10.15 10:35:02 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2011.09.01 12:05:33 | 000,000,415 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.02.11 00:03:27 | 001,592,786 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.12.25 12:36:46 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\MAGIX
[2012.01.27 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\MotioninJoy
[2012.01.27 19:34:01 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\Need for Speed World
[2011.09.21 16:49:35 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\OpenOffice.org
[2012.01.25 19:45:20 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\Opera
[2011.11.03 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\PapDesigner
[2011.08.16 13:49:12 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\PhotoScape
[2011.10.28 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\phpDesigner
[2012.01.21 18:41:33 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\SoftGrid Client
[2011.10.15 10:35:23 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\Tobit
[2011.09.21 14:45:54 | 000,000,000 | ---D | M] -- C:\Users\Juli Neverforever\AppData\Roaming\TP
[2012.01.21 11:42:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

--- --- ---

hi


dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code: Alles auswählenAufklappen

ATTFilter

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local;127.0.0.1:9421;
O4 - HKCU..\Run: [vasja] C:\Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe (Orb Networks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
 :Files
C:\Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Drücke bitte die + E Taste.

• Öffne dein Systemlaufwerk ( meistens C: )
• Suche nun
  folgenden Ordner: _OTL und öffne diesen.
• Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
• 
  Dies wird eine Movedfiles.zip Datei in _OTL erstellen
• Lade diese bitte in unseren Uploadchannel
  hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\vasja deleted successfully.
C:\Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56502 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Juli Neverforever
->Flash cache emptied: 143180 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Juli Neverforever
->Temp folder emptied: 20173432959 bytes
->Temporary Internet Files folder emptied: 67419392 bytes
->Java cache emptied: 217053 bytes
->FireFox cache emptied: 196269898 bytes
->Google Chrome cache emptied: 492144870 bytes
->Opera cache emptied: 4911930 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 249894014 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 52658 bytes
RecycleBin emptied: 1979820 bytes

Total Files Cleaned = 20.205,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02032012_132102

Files\Folders moved on Reboot...
C:\Users\Juli Neverforever\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

hi, bitte den upload nicht fergessen.

soeben abgeschickt, danke (:

Eine frage hätte ich dann noch. wäre dann mein pc soweit wieder startklar oder müsste ich dann jetzt noch was machen??

danke für den upload
wir machen noch 2 scans, dann muss er abgesichert werden, bitte nicht durch die gegend surfen sonst fängst du dirs evtl. gleich noch mal ein.
ne ahnung übrigens, wo du zum infektionszeitpunkt warst? kino, serien oder sport streams geschaut? weitere infos als private nachicht, ich würd gern den infektionsweg wissen und evtl. können ihn dann hersteller von antimalware software blockieren bzw man kann ihn aus dem internet nehmen lassen.

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.

• Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
  Tool
  
  Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  
• Hinweis:
  Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  
• Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-02-03.02 - Juli Neverforever 03.02.2012  14:46:56.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.2817 [GMT 1:00]
ausgeführt von:: c:\users\Juli Neverforever\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee  Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-01-03 bis 2012-02-03  ))))))))))))))))))))))))))))))
.
.
2012-02-03 13:58 . 2012-02-03 13:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-02-03 12:21 . 2012-02-03 12:31	--------	d-----w-	C:\_OTL
2012-01-31 14:52 . 2011-12-06 16:22	28760	----a-w-	c:\program files (x86)\Mozilla Firefox\ScriptFF.dll
2012-01-28 18:20 . 2012-02-02 18:55	45016	----a-w-	c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-28 18:20 . 2012-01-28 18:20	548864	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-28 18:20 . 2012-01-28 18:20	479232	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-28 18:20 . 2012-01-28 18:20	626688	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-28 15:29 . 2012-01-28 15:29	--------	d-----w-	c:\users\Juli Neverforever\AppData\Local\Downloaded Installations
2012-01-28 12:44 . 2012-01-28 12:44	--------	d-----w-	c:\program files\MotioninJoy
2012-01-28 12:44 . 2011-11-10 17:32	115272	----a-w-	c:\windows\system32\drivers\MijXfilt.sys
2012-01-28 12:44 . 2010-08-19 18:24	74960	----a-w-	c:\windows\system32\drivers\xusb21.sys
2012-01-28 12:44 . 2010-05-03 15:12	328712	----a-w-	c:\windows\system32\MijFrc.dll
2012-01-27 19:14 . 2012-01-27 19:14	--------	d-----w-	c:\program files (x86)\LibUSB-Win32-0.1.10.1
2012-01-27 19:14 . 2005-03-09 19:50	19456	----a-w-	c:\windows\SysWow64\libusbd-9x.exe
2012-01-27 19:14 . 2005-03-09 19:50	18944	----a-w-	c:\windows\SysWow64\libusbd-nt.exe
2012-01-27 19:14 . 2005-03-09 19:50	33792	----a-w-	c:\windows\SysWow64\drivers\libusb0.sys
2012-01-27 19:14 . 2005-03-09 19:50	46592	----a-w-	c:\windows\SysWow64\libusb0.dll
2012-01-27 19:02 . 2010-08-19 18:24	255496	----a-w-	c:\windows\SysWow64\MijFrc.dll
2012-01-27 19:02 . 2012-01-27 19:02	--------	d-----w-	c:\users\Juli Neverforever\AppData\Roaming\MotioninJoy
2012-01-27 19:02 . 2012-01-27 19:02	--------	d-----w-	c:\program files (x86)\MotioninJoy
2012-01-27 18:34 . 2012-01-27 18:34	--------	d-----w-	c:\users\Juli Neverforever\AppData\Roaming\Need for Speed World
2012-01-27 17:49 . 2012-01-27 17:49	--------	d-----w-	c:\users\Juli Neverforever\AppData\Local\Electronic_Arts_Inc
2012-01-27 17:48 . 2012-01-27 17:48	--------	d-----w-	c:\users\Juli Neverforever\AppData\Local\Akamai
2012-01-27 17:47 . 2012-02-03 13:44	--------	d-----w-	c:\program files (x86)\Common Files\Akamai
2012-01-27 15:45 . 2012-01-27 15:45	--------	d-----w-	c:\users\Juli Neverforever\AppData\Local\ArcSoft
2012-01-27 15:45 . 2012-01-27 15:45	--------	d-----w-	c:\users\Juli Neverforever\AppData\Roaming\ArcSoft
2012-01-27 15:29 . 2012-01-27 15:29	--------	d-----w-	c:\users\Juli Neverforever\AppData\Roaming\skypePM
2012-01-27 15:27 . 2012-01-27 17:46	--------	d-----w-	c:\users\Juli Neverforever\AppData\Roaming\Skype
2012-01-21 11:23 . 2012-01-21 11:23	--------	d-----w-	c:\users\Juli Neverforever\Schule-TBK
2012-01-21 11:18 . 2012-01-21 11:20	--------	d-----w-	c:\users\Juli Neverforever\Programme
2012-01-11 19:38 . 2011-10-26 05:25	1572864	----a-w-	c:\windows\system32\quartz.dll
2012-01-11 19:38 . 2011-10-26 05:25	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-01-11 19:38 . 2011-10-26 04:32	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-01-11 19:38 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\SysWow64\quartz.dll
2012-01-11 19:33 . 2011-11-17 06:41	1731920	----a-w-	c:\windows\system32\ntdll.dll
2012-01-11 19:33 . 2011-11-17 05:38	1292080	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-01-11 19:33 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-01-11 19:33 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-19 11:15 . 2011-10-15 09:35	3537752	----a-w-	c:\windows\RXSUnins.exe
2012-01-19 11:15 . 2011-10-15 09:35	3537752	----a-w-	c:\windows\RXCUnins.exe
2011-12-06 16:25 . 2011-05-10 03:40	161168	----a-w-	c:\windows\system32\mfevtps.exe
2011-11-24 04:52 . 2011-12-15 07:04	3145216	----a-w-	c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EA Core"="c:\program files (x86)\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
"rfxsrvtray"="c:\program files (x86)\Tobit Radio.fx\Client\rfx-tray.exe" [2012-01-18 2057048]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Akamai NetSession Interface"="c:\users\Juli Neverforever\AppData\Local\Akamai\netsession_win.exe" [2011-12-23 3334432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\users\Juli Neverforever\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Radio.fx.LNK - c:\program files (x86)\Tobit Radio.fx\Client\rfx-client.exe [2011-10-15 6819160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11 135664]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11 135664]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-31 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-31 75936]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 Radio.fx;Radio.fx Server;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe [2012-01-26 3665752]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-03-30 1021112]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11 09:30]
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11 09:30]
.
2012-01-11 c:\windows\Tasks\Norton Security Scan for Juli Neverforever.job
- c:\progra~2\NORTON~2\Engine\351~1.10\Nss.exe [2012-01-04 08:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.sony.eu/vaioportal
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Juli Neverforever\AppData\Roaming\Mozilla\Firefox\Profiles\6bo1vwy2.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_e286960.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_e286960.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-02-03  15:28:23
ComboFix-quarantined-files.txt  2012-02-03 14:28
.
Vor Suchlauf: 14 Verzeichnis(se), 485.624.819.712 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 485.495.926.784 Bytes frei
.
- - End Of File - - B54210FFA84CC5B3469E88B45799237E
         

--- --- ---

malwarebytes:
Downloade Dir bitte Malwarebytes

• Installiere
  das Programm in den vorgegebenen Pfad.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Starte Malwarebytes, klicke auf Aktualisierung --> Suche
  nach Aktualisierung
• Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
• Wenn der Scan beendet
  ist, klicke auf Ergebnisse anzeigen.
• Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
• Poste
  das Logfile, welches sich in Notepad öffnet, hier in den Thread.
• Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Juli Neverforever :: JULINEVERFOREVE [Administrator]

Schutz: Aktiviert

03.02.2012 15:49:09
mbam-log-2012-02-03 (15-49-09).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 346918
Laufzeit: 1 Stunde(n), 16 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Juli Neverforever\Downloads\SoftonicDownloader_fuer_mp3directcut.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juli Neverforever\Downloads\SoftonicDownloader_fuer_undercoverxp.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02032012_132102\C_Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe (Trojan.VUPX.ON1) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.02.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Juli Neverforever :: JULINEVERFOREVE [Administrator]

Schutz: Aktiviert

03.02.2012 15:49:09
mbam-log-2012-02-03 (15-49-09).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 346918
Laufzeit: 1 Stunde(n), 16 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Juli Neverforever\Downloads\SoftonicDownloader_fuer_mp3directcut.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juli Neverforever\Downloads\SoftonicDownloader_fuer_undercoverxp.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02032012_132102\C_Users\Juli Neverforever\AppData\Local\Temp\0.9681800670356396.exe (Trojan.VUPX.ON1) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

lade den CCleaner standard:
CCleaner Download - CCleaner 3.15.1643
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.