Auswertung Logfiles vor Erstellen eines Backups
 

Hallo zusammen!

Es würde mich freuen, falls jemand einen sachkundigen Blick auf die Logfiles werfen könnte.
Ich möchte ja ein sauberes System im Backup vorfinden ;-)

Es handelt sich bei meinem BS um
Visat Business SP2 mit allen aktuell verfügbaren Updates und Patches

Vielen Dank im Voraus!

Bernd


OTL logfile created on: 05.08.2011 12:44:02 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\G\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,33 Gb Available Physical Memory | 71,83% Memory free
6,69 Gb Paging File | 5,89 Gb Available in Paging File | 88,04% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 78,37 Gb Free Space | 33,65% Space Free | Partition Type: NTFS

Computer Name: - | User Name: G | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.05 12:30:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\G\Desktop\OTL.exe
PRC - [2009.04.10 23:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011.08.05 12:30:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\G\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (.bntr)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.04.22 14:21:10 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011.04.20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.03.16 17:01:22 | 000,132,464 | ---- | M] (Samsung Electronics CO., LTD.) [Disabled | Stopped] -- C:\Windows\System32\SUPDSvc.exe -- (Samsung UPD Service)
SRV - [2009.12.06 17:35:49 | 000,361,288 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.06 17:10:56 | 000,604,488 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.09.11 21:24:07 | 000,062,464 | ---- | M] () [Disabled | Stopped] -- C:\Windows\unsignedthemessvc.exe -- (UnsignedThemes)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.19 14:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)


========== Driver Services (SafeList) ==========

DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.04 19:17:30 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.06.16 20:05:57 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.04.20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.04.20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.04.20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.03.28 10:52:52 | 000,381,032 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2011.03.28 10:52:52 | 000,040,824 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2011.03.28 10:52:48 | 000,057,112 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010.09.15 16:16:23 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.09.15 16:16:23 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010.03.10 04:03:50 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009.12.21 21:56:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.11.26 20:48:46 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.09.02 05:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.07.17 11:52:00 | 000,155,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009.06.19 21:54:48 | 000,021,864 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch)
DRV - [2009.04.30 23:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009.04.30 22:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008.09.10 18:07:48 | 000,182,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2007.10.12 03:40:14 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007.10.11 19:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007.10.11 13:24:00 | 000,079,104 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\sleen16.sys -- (SLEE_16_DRIVER)
DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.01.16 22:28:54 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007.01.16 22:28:54 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006.11.10 15:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ATITool.sys -- (ATITool)
DRV - [2005.12.05 21:55:42 | 000,071,372 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.sueddeutsche.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.7.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.enabled: false
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\G\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.12 18:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.11 18:10:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\G\Program Files\DNA
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{E0CC257A-4D42-4ED7-AFAF-0AE6422F60D0}: C:\Program Files\Copernic Desktop Search - Home\Firefox36Connector

[2011.07.09 14:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\G\AppData\Roaming\Mozilla\Extensions
[2011.07.09 14:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\G\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.07.29 18:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\9dloz750.default\extensions
[2011.07.17 14:57:00 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\9dloz750.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.06.20 19:13:29 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\9dloz750.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011.03.21 18:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\uwko68yu.alternative Basic\extensions
[2011.03.13 11:51:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\uwko68yu.alternative Basic\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.03 20:53:16 | 000,001,210 | ---- | M] () -- C:\Users\G\AppData\Roaming\Mozilla\Firefox\Profiles\9dloz750.default\searchplugins\scroogle-de.xml
[2011.08.04 19:54:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.05.22 09:18:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011.06.13 13:59:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.08.04 19:54:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\G\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9DLOZ750.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\G\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9DLOZ750.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2009.06.24 19:05:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.07.08 09:16:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.04 19:54:03 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.08 21:08:24 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2010.06.13 20:14:25 | 000,000,894 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Create 5\bin\ZeonIEFavClient.dll (Zeon Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\G\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\G\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{40142a7a-90de-11de-9452-001fd0591c35}\Shell - "" = AutoRun
O33 - MountPoints2\{40142a7a-90de-11de-9452-001fd0591c35}\Shell\AutoRun\command - "" = F:\Setup.exe cd
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.08.05 12:30:51 | 000,000,000 | ---D | C] -- C:\Users\G\Desktop\69886-fuer-alle-hilfesuchenden-muss-ich-vor-der-eroeffnung-eines-themas-beachten_files
[2011.08.05 12:30:08 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\G\Desktop\OTL.exe
[2011.08.05 12:10:16 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.08.05 12:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.04 19:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.07.29 14:40:27 | 000,017,224 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.07.29 14:39:38 | 000,029,000 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2011.07.17 14:11:13 | 000,000,000 | ---D | C] -- C:\Users\G\AppData\Roaming\vlc
[2011.07.17 13:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.07.11 18:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange
[2011.07.09 14:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\G\Desktop\*.tmp files -> C:\Users\G\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.05 12:39:26 | 000,004,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.05 12:39:26 | 000,004,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.05 12:39:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.05 12:38:01 | 000,000,020 | ---- | M] () -- C:\Users\G\defogger_reenable
[2011.08.05 12:30:55 | 000,053,460 | ---- | M] () -- C:\Users\G\Desktop\69886-fuer-alle-hilfesuchenden-muss-ich-vor-der-eroeffnung-eines-themas-beachten.html
[2011.08.05 12:30:09 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\G\Desktop\OTL.exe
[2011.08.04 21:11:26 | 000,137,728 | ---- | M] () -- C:\Users\G\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.04 16:52:55 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.04 16:52:55 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.04 11:55:31 | 000,000,411 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.08.04 11:52:28 | 000,002,708 | ---- | M] () -- C:\Windows\System32\.rsp
[2011.08.04 11:52:28 | 000,001,536 | ---- | M] () -- C:\Windows\System32\.lck
[2011.08.01 18:47:09 | 000,002,331 | ---- | M] () -- C:\Users\G\Application Data\Microsoft\Internet Explorer\Quick Launch\SyncToy 2.1.lnk
[2011.07.17 13:14:33 | 000,000,908 | ---- | M] () -- C:\Users\G\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011.07.13 17:09:27 | 000,338,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.07.12 18:42:17 | 000,000,830 | ---- | M] () -- C:\Users\G\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\G\Desktop\*.tmp files -> C:\Users\G\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.05 12:37:51 | 000,000,020 | ---- | C] () -- C:\Users\G\defogger_reenable
[2011.08.05 12:30:50 | 000,053,460 | ---- | C] () -- C:\Users\G\Desktop\69886-fuer-alle-hilfesuchenden-muss-ich-vor-der-eroeffnung-eines-themas-beachten.html
[2011.08.04 11:52:28 | 000,002,708 | ---- | C] () -- C:\Windows\System32\.rsp
[2011.08.04 11:52:28 | 000,001,536 | ---- | C] () -- C:\Windows\System32\.lck
[2011.03.17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.02.28 21:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.09.06 20:30:03 | 000,216,876 | ---- | C] () -- C:\Windows\hpwins24.dat.temp
[2010.06.08 18:14:40 | 000,000,411 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.05.27 18:24:24 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010.04.25 20:02:10 | 000,282,624 | ---- | C] () -- C:\Windows\System32\DscPnt.dll
[2010.04.25 20:02:10 | 000,260,464 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2010.04.25 20:02:10 | 000,026,624 | ---- | C] () -- C:\Windows\System32\spd__l.dll
[2010.03.18 12:31:12 | 000,000,036 | ---- | C] () -- C:\Users\G\AppData\Local\housecall.guid.cache
[2010.03.02 22:11:40 | 000,017,408 | ---- | C] () -- C:\Users\G\AppData\Local\WebpageIcons.db
[2010.02.28 16:46:46 | 000,001,758 | ---- | C] () -- C:\Windows\hpwmdl24.dat.temp
[2010.02.28 16:37:12 | 000,217,040 | ---- | C] () -- C:\Windows\hpwins24.dat
[2009.12.12 17:32:12 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.10.13 16:40:41 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.10.09 20:50:48 | 000,000,264 | ---- | C] () -- C:\Windows\tb89r.ini
[2009.10.07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.10.07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.09.14 19:03:07 | 000,003,722 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.14 19:01:51 | 000,000,391 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.09.14 17:50:39 | 000,000,045 | -H-- | C] () -- C:\Windows\dsez5928.dat
[2009.09.11 21:24:07 | 000,062,464 | ---- | C] () -- C:\Windows\unsignedthemessvc.exe
[2009.09.02 10:03:02 | 000,000,000 | ---- | C] () -- C:\Windows\bdb.ini
[2009.08.24 22:20:18 | 000,000,158 | ---- | C] () -- C:\Windows\Clony2.ini
[2009.08.24 12:48:13 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.19 21:54:48 | 000,021,864 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys
[2009.05.27 19:35:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.05.26 18:01:34 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.05.26 18:01:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.26 18:00:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.04.29 10:27:00 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009.04.12 17:01:20 | 000,074,240 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2009.02.15 19:00:23 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.01.10 17:06:14 | 000,001,594 | ---- | C] () -- C:\Users\G\AppData\Roaming\SAS7_000.DAT
[2008.12.26 22:55:41 | 000,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.12.17 06:09:43 | 000,001,758 | ---- | C] () -- C:\Windows\hpwmdl24.dat
[2008.12.14 20:55:23 | 000,000,153 | ---- | C] () -- C:\Windows\cavscan.INI
[2008.12.13 18:39:07 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.11.30 23:27:47 | 000,137,728 | ---- | C] () -- C:\Users\G\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.30 17:10:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.30 16:05:38 | 000,064,000 | ---- | C] () -- C:\Windows\System32\esfw30.bin
[2008.11.30 15:51:33 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssgh1l3.dll
[2008.11.30 14:37:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.11.30 14:30:57 | 000,001,356 | ---- | C] () -- C:\Users\G\AppData\Local\d3d9caps.dat
[2006.11.10 15:08:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys
[2006.11.02 14:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:43 | 000,338,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2009.08.26 12:43:23 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Acronis
[2009.08.10 20:06:41 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Ashampoo
[2008.12.10 11:58:14 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Auslogics
[2010.03.02 14:39:54 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\CloneSpy
[2010.03.11 18:34:34 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2011.07.04 20:26:53 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\DAEMON Tools Lite
[2008.12.10 17:28:12 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\DNA
[2009.12.14 17:31:36 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Duden
[2011.03.19 12:51:11 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\EPSON
[2011.03.26 19:19:08 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\FreeHideIP
[2009.04.25 19:00:41 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\gtk-2.0
[2008.11.30 16:40:02 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\HDD Thermometer
[2009.10.13 16:09:44 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\iPodder
[2009.05.23 22:31:50 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\KC Softwares
[2008.12.16 09:32:27 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Leadertech
[2011.07.27 17:18:27 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Nuance
[2008.11.30 22:03:12 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\OpenOffice.org
[2011.03.13 22:39:09 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Orbit
[2010.06.13 18:05:35 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Panda Security
[2011.06.14 12:53:47 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\pokerth
[2009.10.13 16:47:47 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\River Past G5
[2009.09.18 21:16:49 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\ScanSoft
[2009.01.18 18:19:34 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\SoundSpectrum
[2011.03.13 22:39:09 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Steganos
[2009.04.30 09:43:22 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Thinstall
[2008.12.10 00:01:34 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\TomTom
[2008.12.01 21:20:01 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Tracker Software
[2008.11.30 17:06:33 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\TuneUp Software
[2009.08.26 14:57:07 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\USBSafelyRemove
[2011.08.05 00:32:46 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\uTorrent
[2009.09.14 19:19:05 | 000,000,000 | ---D | M] -- C:\Users\G\AppData\Roaming\Zeon
[2011.08.05 12:38:10 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:B90F8A52D48FAD4D
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9B013599
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:FED912DB

< End of report >

Von TU würde ich dringend von abraten. Insbesondere die angeblichen "Tuneingtipps" und Registry-"Optimierungen" erinnern eher an Schlangenöl als an seriösen Maßnahmen.

OTL sieht soweit ok aus, mach mal einen Vollscan mit Malwarebytes.