Trojaner-Board - Versuchte Datei?

Hallo, ich habe heute Mittag eine .docx datei geöffnet die 3mb groß war aber keinen Inhalt hatte. Danach habe ich zumindest einen Prozess unter den Tasks gesehen den ich nicht kannte. Leider ist er jetzt weg und ich kann mich nciht an den Namen erinnern, trotzdem wäre es nett wenn ihr mal meine Logfiles überfliegt.
dankeschön
lg

OTL logfile created on: 21.08.2012 22:04:15 - Run 2
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\username\Desktop\Neuer Ordner
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,01 Gb Available Physical Memory | 75,31% Memory free
8,00 Gb Paging File | 6,91 Gb Available in Paging File | 86,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 10,61 Gb Free Space | 18,14% Space Free | Partition Type: NTFS
Drive E: | 239,49 Gb Total Space | 102,00 Gb Free Space | 42,59% Space Free | Partition Type: NTFS
Drive H: | 1863,01 Gb Total Space | 434,98 Gb Free Space | 23,35% Space Free | Partition Type: NTFS

Computer Name: BB-LI-W7 | User Name: username | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.21 21:50:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\username\Desktop\Neuer Ordner\OTL.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.09.29 03:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.26 14:57:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.05 12:34:26 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.08.05 13:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011.08.05 13:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011.08.05 13:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.20 13:53:19 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.19 22:07:19 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.01.19 22:07:18 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.09.29 04:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.09.29 04:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.09.29 03:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.08.16 12:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2012.03.29 16:32:12 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [1998.05.07 01:00:00 | 000,000,111 | ---- | M] () [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.SRG -- (Winsock)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 B4 55 70 FB 7F CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\username\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\username\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.04 03:12:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.26 14:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.21 18:51:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.26 14:57:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.21 18:51:05 | 000,000,000 | ---D | M]

[2012.01.04 03:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\username\AppData\Roaming\mozilla\Extensions
[2012.08.07 01:15:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\username\AppData\Roaming\mozilla\Firefox\Profiles\ezg0owud.default\extensions
[2012.04.21 02:04:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.26 14:57:35 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.26 14:55:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.26 14:55:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.26 14:55:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.26 14:55:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.26 14:55:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.26 14:55:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sou rceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\username\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\username\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\username\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\username\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\username\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.1_0\
CHR - Extension: YouTube = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: FB Photo Zoom = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1206.11.1_0\
CHR - Extension: AdBlock = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Disconnect = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\3.6.0_0\
CHR - Extension: Google Mail-Checker = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: iFood.tv = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngeklgfllcbcfbffbobpokjkdloljgni\1.0.3_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.08.14 11:38:36 | 000,002,300 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.
O1 - Hosts: 127.0.0.1 psdto.com
O1 - Hosts: 22 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FE9C31D-8401-4CC4-8303-AAE6FADE0992}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ccsetup321.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\firefox.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\zune.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ccsetup321.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\firefox.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\zune.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6017e811-ae63-11e1-9c2b-0019dbf38d50}\Shell - "" = AutoRun
O33 - MountPoints2\{6017e811-ae63-11e1-9c2b-0019dbf38d50}\Shell\AutoRun\command - "" = F:\start.exe
O33 - MountPoints2\{98c2923c-5edb-11e1-a130-0019dbf38d50}\Shell - "" = AutoRun
O33 - MountPoints2\{98c2923c-5edb-11e1-a130-0019dbf38d50}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{a3b8b5d0-6907-11e0-9549-0019dbf38d50}\Shell - "" = AutoRun
O33 - MountPoints2\{a3b8b5d0-6907-11e0-9549-0019dbf38d50}\Shell\AutoRun\command - "" = G:\unlock.exe autoplay=true
O33 - MountPoints2\{a7b3fab6-cffb-11e1-b866-0019dbf38d50}\Shell - "" = AutoRun
O33 - MountPoints2\{a7b3fab6-cffb-11e1-b866-0019dbf38d50}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{e121ba44-ecf9-11df-bf0c-0019dbf38d50}\Shell - "" = AutoRun
O33 - MountPoints2\{e121ba44-ecf9-11df-bf0c-0019dbf38d50}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.21 21:50:21 | 000,000,000 | ---D | C] -- C:\Users\username\Desktop\Neuer Ordner
[2012.08.21 21:38:52 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Local\Wajam
[2012.08.21 18:50:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.21 16:59:28 | 000,000,000 | ---D | C] -- C:\Users\username\Documents\Updater
[2012.08.16 16:10:21 | 000,000,000 | ---D | C] -- C:\Users\username\Desktop\10.000
[2012.08.15 15:19:18 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Local\Microsoft Games
[2012.08.15 15:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2012.08.15 14:47:07 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\Media Player Classic
[2012.08.14 21:26:20 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.08.14 21:26:20 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.08.14 21:26:20 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.08.14 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.08.07 18:54:34 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\vlc
[2012.08.07 01:18:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.08.07 00:13:07 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\ScummVM
[2012.08.07 00:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScummVM
[2012.08.07 00:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012.08.07 00:04:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.08.07 00:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.08.06 20:53:08 | 000,000,000 | ---D | C] -- C:\Users\username\Documents\Square Enix
[2012.08.06 20:02:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.02 22:14:46 | 003,907,920 | ---- | C] (Piriform Ltd) -- C:\Users\username\Desktop\ccsetup321.exe
[2012.08.02 18:41:13 | 000,000,000 | ---D | C] -- C:\Users\username\Documents\WB Games
[2012.08.02 18:39:10 | 000,000,000 | ---D | C] -- C:\Users\username\Documents\Games for Windows - LIVE Demos
[2012.08.02 18:37:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.08.02 18:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.07.26 16:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012.07.26 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\Thinstall
[2012.07.24 17:35:28 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\GlarySoft
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.08.21 22:07:41 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.21 22:07:41 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.21 22:00:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.21 22:00:16 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.21 21:59:34 | 000,000,020 | ---- | M] () -- C:\Users\username\defogger_reenable
[2012.08.21 21:23:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3773092963-2584170513-1593871782-1000UA.job
[2012.08.21 18:51:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.21 18:23:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3773092963-2584170513-1593871782-1000Core.job
[2012.08.21 17:01:10 | 000,003,324 | ---- | M] () -- C:\Users\username\Desktop\Unbenannt-2.png
[2012.08.16 17:27:29 | 001,644,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.16 17:27:29 | 000,707,918 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.16 17:27:29 | 000,661,514 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.16 17:27:29 | 000,153,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.16 17:27:29 | 000,125,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.16 15:47:05 | 079,119,398 | ---- | M] () -- C:\Users\username\Desktop\10.000.rar
[2012.08.16 15:45:03 | 000,353,371 | ---- | M] () -- C:\Users\username\Desktop\WP_000456.jpg
[2012.08.16 14:53:53 | 000,060,359 | ---- | M] () -- C:\Users\username\Desktop\studbesch_6FBAE6A4787249ECB5C11FC30F9B2FC1.cit-prod-tomcat2.pdf
[2012.08.16 14:53:32 | 000,060,355 | ---- | M] () -- C:\Users\username\Desktop\vorstudbesch_6FBAE6A4787249ECB5C11FC30F9B2FC1.cit-prod-tomcat2.pdf
[2012.08.16 03:00:36 | 000,042,996 | ---- | M] () -- C:\Users\username\Desktop\5069033_460s.jpg
[2012.08.15 13:50:58 | 000,101,944 | ---- | M] () -- C:\Users\username\Desktop\418491_3788923487037_1478150138_n.jpg
[2012.08.15 12:53:16 | 000,476,734 | ---- | M] () -- C:\Users\username\Desktop\256331_434712349913224_362815178_o.jpg
[2012.08.15 12:48:21 | 000,237,553 | ---- | M] () -- C:\Users\username\Desktop\22.08.png
[2012.08.07 22:03:00 | 004,864,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.07 18:54:29 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.03 00:29:27 | 000,087,064 | ---- | M] () -- C:\Users\username\Desktop\83135.jpg
[2012.08.02 22:15:17 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.02 22:14:44 | 003,907,920 | ---- | M] (Piriform Ltd) -- C:\Users\username\Desktop\ccsetup321.exe
[2012.07.26 21:39:12 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.21 21:59:34 | 000,000,020 | ---- | C] () -- C:\Users\username\defogger_reenable
[2012.08.21 18:50:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.08.21 18:50:35 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.08.21 17:00:03 | 000,003,324 | ---- | C] () -- C:\Users\username\Desktop\Unbenannt-2.png
[2012.08.16 15:45:06 | 000,353,371 | ---- | C] () -- C:\Users\username\Desktop\WP_000456.jpg
[2012.08.16 15:03:20 | 079,119,398 | ---- | C] () -- C:\Users\username\Desktop\10.000.rar
[2012.08.16 14:53:54 | 000,060,359 | ---- | C] () -- C:\Users\username\Desktop\studbesch_6FBAE6A4787249ECB5C11FC30F9B2FC1.cit-prod-tomcat2.pdf
[2012.08.16 14:53:35 | 000,060,355 | ---- | C] () -- C:\Users\username\Desktop\vorstudbesch_6FBAE6A4787249ECB5C11FC30F9B2FC1.cit-prod-tomcat2.pdf
[2012.08.16 03:00:40 | 000,042,996 | ---- | C] () -- C:\Users\username\Desktop\5069033_460s.jpg
[2012.08.15 13:51:01 | 000,101,944 | ---- | C] () -- C:\Users\username\Desktop\418491_3788923487037_1478150138_n.jpg
[2012.08.15 12:53:19 | 000,476,734 | ---- | C] () -- C:\Users\username\Desktop\256331_434712349913224_362815178_o.jpg
[2012.08.15 12:48:20 | 000,237,553 | ---- | C] () -- C:\Users\username\Desktop\22.08.png
[2012.08.14 21:26:14 | 000,002,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.08.07 18:54:29 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.07 10:30:21 | 3220,672,512 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.07 01:21:41 | 000,001,272 | ---- | C] () -- C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zune.exe.lnk
[2012.08.03 00:29:18 | 000,087,064 | ---- | C] () -- C:\Users\username\Desktop\83135.jpg
[2012.08.02 22:15:17 | 000,000,840 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner.lnk
[2012.08.02 22:15:17 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.26 21:39:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.26 14:29:49 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.04.25 01:22:08 | 000,000,064 | ---- | C] () -- C:\Windows\picture2avi.ini
[2012.02.16 17:37:39 | 000,001,456 | ---- | C] () -- C:\Users\username\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.02.16 17:35:08 | 000,000,132 | ---- | C] () -- C:\Users\username\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.01.13 20:25:55 | 000,000,097 | ---- | C] () -- C:\Users\username\AppData\Local\fusioncache.dat
[2012.01.12 16:21:03 | 000,179,471 | ---- | C] () -- C:\ProgramData\1326377832.bdinstall.bin
[2012.01.11 17:57:51 | 000,017,408 | ---- | C] () -- C:\Users\username\AppData\Local\WebpageIcons.db
[2011.10.08 21:47:20 | 000,017,434 | ---- | C] () -- C:\Windows\W2BNEUnin.dat
[2011.04.28 16:47:45 | 001,672,648 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.25 19:11:52 | 000,000,132 | ---- | C] () -- C:\Users\username\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.03.14 17:03:03 | 000,001,456 | ---- | C] () -- C:\Users\username\AppData\Local\Adobe Für Web speichern 11.0 Prefs
[2010.12.28 20:12:42 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.12.28 20:12:42 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI

========== LOP Check ==========

[2011.09.20 18:49:45 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\.minecraft
[2012.07.26 15:05:16 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Atari
[2012.04.26 14:15:13 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\avidemux
[2011.11.04 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\benibela
[2012.04.30 16:26:38 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Broad Intelligence
[2012.01.10 18:00:27 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\calibre
[2011.10.03 21:40:53 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\casualArts
[2011.10.04 11:28:16 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Command and Conquer 4
[2012.07.23 14:14:32 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\DAEMON Tools Lite
[2012.06.14 23:40:30 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\DAEMON Tools Pro
[2012.07.26 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\GlarySoft
[2012.01.10 18:18:42 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\GonVisor
[2011.09.17 15:31:11 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Hoyle Blackjack
[2011.09.17 15:37:34 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Hoyle Card Games
[2011.09.17 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Hoyle FaceCreator
[2011.05.01 13:07:59 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\ICQ
[2011.12.21 02:54:39 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Jens Lorek
[2011.02.23 00:55:10 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Kalypso Media
[2012.01.13 03:44:24 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\KRKsoft
[2012.06.20 15:04:06 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Leadertech
[2012.03.30 15:54:16 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Might & Magic Heroes VI
[2010.11.12 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Miranda
[2011.10.12 20:45:42 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Nokia
[2010.11.09 15:30:45 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Notepad++
[2011.01.02 20:32:29 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\OpenOffice.org
[2012.01.04 03:16:28 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Opera
[2012.03.21 20:16:58 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\PACE Anti-Piracy
[2011.12.18 20:08:38 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\PC Remote
[2011.10.12 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\PC Suite
[2011.08.30 03:09:36 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\PunkBuster
[2012.01.12 16:18:52 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\QuickScan
[2012.04.23 01:06:18 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2011.09.16 12:37:30 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Rovio
[2012.08.07 00:13:07 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\ScummVM
[2012.07.17 15:50:18 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\SoftGrid Client
[2012.03.23 19:24:36 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.04.26 14:35:32 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\systweak
[2012.07.26 14:07:33 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Thinstall
[2012.07.12 17:17:07 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\TP
[2012.08.06 20:03:55 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\TuneUp Software
[2011.12.01 19:40:56 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Ubisoft
[2011.10.27 19:33:44 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\xm1
[2011.02.02 19:21:24 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\{4916c8ce-b9e7-4e25-9a23-25493e41e04c}
[2012.07.13 20:21:26 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 1116 bytes -> C:\Users\username\AppData\Local\MyjDBrFH:EIkK4N0KvgdvsB9hrEF9
@Alternate Data Stream - 1056 bytes -> C:\Users\username\AppData\Local\5xy5YcJtplwRGrx:C3vhYiu7vRizrjAmoTt

< End of report >

Extra.txt file gabs nicht!