| DarkAscalon | 15.10.2012 16:33 |
kommt sofort
So einmal OTL.txt von dem QuickscanOTL Logfile: Code:
OTL logfile created on: 15.10.2012 17:36:35 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frame\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,29% Memory free
8,00 Gb Paging File | 6,29 Gb Available in Paging File | 78,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 121,97 Gb Total Space | 77,00 Gb Free Space | 63,13% Space Free | Partition Type: NTFS
Drive G: | 110,81 Gb Total Space | 102,78 Gb Free Space | 92,75% Space Free | Partition Type: NTFS
Computer Name: PHILLIP-PC | User Name: phillip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\phillip\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe (Ralink Technology, Corp.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)
SRV - (TSNxGService) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
SRV - (GDTunerSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
SRV - (jswpsapi) -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe (Wireless)
SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe (Ralink Technology, Corp.)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (TpMediaServer) -- C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (TS4NT) -- C:\Windows\SysNative\drivers\TS4nt.sys (G Data Software)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8H2c9kUP&i=26
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\phillip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\phillip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
[2012.10.01 21:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\phillip\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.10.01 21:01:13 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\phillip\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012.10.01 23:30:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\phillip\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Internetradio Deutschland = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\agclceincpmoblobmbhhbdfmplndgndf\1_0\
CHR - Extension: YouTube = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Der Pate: Die F\\u00FCnf Familien = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl\1.0_0\
CHR - Extension: Stylish = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: Sammourac = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\llljnblgdjpjhmejpiejijklnhkddlnn\1_0\
CHR - Extension: Google Mail = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [TSNxG4Tray] "C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGTray.exe" /system File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{958BCAC9-D078-4AC9-9DFB-AB81878C0F80}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ed51cafd-0eeb-11e2-817f-001a927cc1e9}\Shell - "" = AutoRun
O33 - MountPoints2\{ed51cafd-0eeb-11e2-817f-001a927cc1e9}\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.10.08 10:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.10.08 08:10:27 | 000,000,000 | ---D | C] -- C:\Users\phillip\AppData\Roaming\Malwarebytes
[2012.10.08 08:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.08 08:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.08 08:10:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.08 08:10:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\he-IL
[2012.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he
[2012.10.07 22:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2012.10.07 22:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he
[2012.10.07 22:11:31 | 000,000,000 | ---D | C] -- C:\Windows\he-IL
[2012.10.07 22:03:03 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\he-IL\pscr.sys.mui
[2012.10.07 22:01:58 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrSerIb.sys.mui
[2012.10.07 22:01:56 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrSerId.sys.mui
[2012.10.07 22:01:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrParwdm.sys.mui
[2012.10.07 21:59:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sl-SI
[2012.10.07 21:59:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sl-SI
[2012.10.07 21:59:50 | 000,000,000 | ---D | C] -- C:\Windows\sl-SI
[2012.10.07 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\ar-SA
[2012.10.07 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar
[2012.10.07 21:48:04 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2012.10.07 21:48:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2012.10.07 21:48:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar
[2012.10.07 21:34:42 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\ar-SA\pscr.sys.mui
[2012.10.07 21:33:51 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerIb.sys.mui
[2012.10.07 21:33:50 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerId.sys.mui
[2012.10.07 21:33:50 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrParwdm.sys.mui
[2012.10.07 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sk-SK
[2012.10.07 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2012.10.07 21:31:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sk-SK
[2012.10.07 18:42:18 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\fr-FR
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\040C
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040C
[2012.10.07 18:32:17 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\fr-FR\pscr.sys.mui
[2012.10.07 18:31:03 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrSerIb.sys.mui
[2012.10.07 18:31:01 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrSerId.sys.mui
[2012.10.07 18:31:01 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrParwdm.sys.mui
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\es-ES
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0C0A
[2012.10.07 18:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es
[2012.10.07 18:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C0A
[2012.10.07 18:28:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2012.10.07 18:28:47 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2012.10.07 18:21:53 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\es-ES\pscr.sys.mui
[2012.10.07 18:21:05 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrSerIb.sys.mui
[2012.10.07 18:21:02 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrSerId.sys.mui
[2012.10.07 18:21:02 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrParwdm.sys.mui
[2012.10.07 18:19:22 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\it-IT
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0410
[2012.10.07 18:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2012.10.07 18:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0410
[2012.10.07 18:19:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it
[2012.10.07 18:13:13 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\it-IT\pscr.sys.mui
[2012.10.07 18:12:28 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerIb.sys.mui
[2012.10.07 18:12:26 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerId.sys.mui
[2012.10.07 18:12:26 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrParwdm.sys.mui
[2012.10.07 18:10:47 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2012.10.07 18:10:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2012.10.07 18:10:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012.10.07 18:10:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2012.10.07 18:04:10 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.10.07 18:03:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.10.07 18:03:33 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.10.07 18:03:33 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.10.07 13:24:43 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\WindowsUpdate
[2012.10.06 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\ElevatedDiagnostics
[2012.10.06 12:40:59 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\NVIDIA
[2012.10.05 15:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.10.05 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.10.05 15:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.10.05 15:37:41 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.05 15:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.10.05 15:37:35 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\DAEMON Tools Lite
[2012.10.05 15:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.10.05 15:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.10.05 15:36:17 | 000,000,000 | ---D | C] -- C:\temp
[2012.10.05 15:36:06 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.10.05 15:36:06 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.10.05 15:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.10.05 15:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.10.05 15:32:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.10.05 15:07:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.10.05 15:06:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.10.03 13:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012.10.03 13:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion
[2012.10.03 13:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.10.02 18:20:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.10.02 18:02:18 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Diagnostics
[2012.10.02 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Skype
[2012.10.02 15:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.10.02 15:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.10.02 15:55:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.10.02 15:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.10.02 13:49:16 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\LolClient
[2012.10.02 13:49:15 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Macromedia
[2012.10.02 13:49:12 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Adobe
[2012.10.02 13:18:08 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.10.02 13:17:50 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.10.02 12:19:40 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.10.02 10:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.10.02 03:59:13 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.10.01 23:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.01 23:30:34 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Babylon
[2012.10.01 23:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.10.01 23:06:10 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\CRE
[2012.10.01 23:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.10.01 23:05:49 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Conduit
[2012.10.01 22:54:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.10.01 22:02:40 | 000,000,000 | ---D | C] -- C:\Users\Frame\Desktop\Games
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\WinRAR
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.01 21:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.10.01 21:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.10.01 21:01:13 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Mozilla
[2012.10.01 21:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012.10.01 21:00:31 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.10.01 20:35:49 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\PMB Files
[2012.10.01 20:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.10.01 20:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.10.01 20:30:44 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.01 20:28:17 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Google
[2012.10.01 18:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2013
[2012.10.01 18:55:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BioAPIFFDB
[2012.10.01 18:55:11 | 000,098,760 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2012.10.01 18:55:09 | 000,059,768 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.10.01 18:55:03 | 000,122,744 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.10.01 18:55:03 | 000,064,376 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.10.01 18:55:03 | 000,054,136 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.10.01 18:55:02 | 000,065,912 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.10.01 18:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2012.10.01 18:53:36 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Downloaded Installations
[2012.10.01 18:31:33 | 432,321,552 | ---- | C] (G Data Software AG) -- C:\Users\Frame\Desktop\GER_R_FUL_2013_TP.exe
[2012.10.01 18:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012.10.01 18:20:27 | 001,547,616 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012.10.01 18:20:27 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012.10.01 18:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK Driver
[2012.10.01 18:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.10.01 18:20:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.01 18:20:17 | 002,399,584 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2012.10.01 18:20:17 | 001,112,928 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2012.10.01 18:20:17 | 001,112,928 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2012.10.01 18:20:17 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2012.10.01 18:20:17 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2012.10.01 18:20:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages
[2012.10.01 18:19:00 | 000,000,000 | ---D | C] -- C:\Users\phillip\AppData\Roaming\TP-LINK
[2012.10.01 18:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2012.10.01 18:18:49 | 000,884,736 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\jswscsup.dll
[2012.10.01 18:18:49 | 000,026,624 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\jswpslwfx.sys
[2012.10.01 18:18:48 | 001,607,008 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2012.10.01 18:18:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.10.01 18:18:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK
[2012.10.01 18:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\Searches
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.01 18:06:49 | 000,000,000 | -H-D | C] -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012.10.01 18:06:40 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Identities
[2012.10.01 18:06:38 | 000,000,000 | R--D | C] -- C:\Users\Frame\Contacts
[2012.10.01 18:06:37 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\VirtualStore
[2012.10.01 18:06:29 | 000,000,000 | --SD | C] -- C:\Users\Frame\AppData\Roaming\Microsoft
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Videos
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Saved Games
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Pictures
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Music
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Links
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Favorites
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Downloads
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Documents
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Desktop
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\Temporary Internet Files
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Templates
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Start Menu
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\SendTo
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Recent
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\PrintHood
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\NetHood
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Videos
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Pictures
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Music
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\My Documents
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Local Settings
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\History
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Cookies
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Application Data
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\Application Data
[2012.10.01 18:06:29 | 000,000,000 | -H-D | C] -- C:\Users\Frame\AppData
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Temp
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Microsoft
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Media Center Programs
[2012.10.01 18:06:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.01 18:02:46 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.01 18:00:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.01 18:00:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2012.10.15 17:38:01 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 17:38:01 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 17:34:46 | 000,826,405 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.10.15 17:34:46 | 000,044,952 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.10.15 17:30:45 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{AF20604E-4BD5-4AE4-9988-B95687A1D2EC}.job
[2012.10.15 17:30:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.15 17:30:14 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 09:45:22 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000UA.job
[2012.10.11 22:45:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000Core.job
[2012.10.11 16:27:25 | 000,002,451 | ---- | M] () -- C:\Users\Frame\Desktop\Google Chrome.lnk
[2012.10.08 09:04:49 | 000,000,168 | ---- | M] () -- C:\Users\Frame\defogger_reenable
[2012.10.08 08:37:01 | 000,004,214 | ---- | M] () -- C:\Users\Frame\Documents\G Data Protokoll ID 67.html
[2012.10.08 08:10:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.08 07:39:50 | 004,895,608 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.08 07:39:50 | 000,694,232 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012.10.08 07:39:50 | 000,693,256 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012.10.08 07:39:50 | 000,688,910 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012.10.08 07:39:50 | 000,651,768 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.08 07:39:50 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.08 07:39:50 | 000,434,288 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2012.10.08 07:39:50 | 000,353,324 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2012.10.08 07:39:50 | 000,136,864 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012.10.08 07:39:50 | 000,129,942 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012.10.08 07:39:50 | 000,129,468 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.08 07:39:50 | 000,126,946 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012.10.08 07:39:50 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.08 07:39:50 | 000,078,786 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2012.10.08 07:39:50 | 000,068,896 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2012.10.07 22:11:19 | 000,229,316 | ---- | M] () -- C:\Windows\SysNative\perfi00D.dat
[2012.10.07 22:11:19 | 000,032,166 | ---- | M] () -- C:\Windows\SysNative\perfd00D.dat
[2012.10.07 21:47:37 | 000,289,060 | ---- | M] () -- C:\Windows\SysNative\perfi001.dat
[2012.10.07 21:47:37 | 000,042,056 | ---- | M] () -- C:\Windows\SysNative\perfd001.dat
[2012.10.07 18:41:48 | 000,344,522 | ---- | M] () -- C:\Windows\SysNative\perfi00C.dat
[2012.10.07 18:41:48 | 000,038,160 | ---- | M] () -- C:\Windows\SysNative\perfd00C.dat
[2012.10.07 18:28:19 | 000,341,432 | ---- | M] () -- C:\Windows\SysNative\perfi00A.dat
[2012.10.07 18:28:19 | 000,041,390 | ---- | M] () -- C:\Windows\SysNative\perfd00A.dat
[2012.10.07 18:18:57 | 000,335,478 | ---- | M] () -- C:\Windows\SysNative\perfi010.dat
[2012.10.07 18:18:57 | 000,037,534 | ---- | M] () -- C:\Windows\SysNative\perfd010.dat
[2012.10.07 18:10:19 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2012.10.07 18:10:19 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2012.10.05 16:57:29 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.05 15:38:47 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.05 15:37:41 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.03 13:34:50 | 000,000,454 | ---- | M] () -- C:\user.js
[2012.10.02 15:55:05 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.01 23:06:24 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.01 21:00:31 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.10.01 20:26:29 | 000,001,441 | ---- | M] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.10.01 20:25:21 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012.10.01 19:30:47 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.01 19:30:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.01 18:55:11 | 000,098,760 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2012.10.01 18:55:09 | 000,059,768 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.10.01 18:55:03 | 000,122,744 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.10.01 18:55:03 | 000,064,376 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.10.01 18:55:03 | 000,054,136 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.10.01 18:55:02 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.10.01 18:54:50 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk
[2012.10.01 18:20:45 | 000,001,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk
[2012.10.01 18:18:56 | 000,002,303 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:18:56 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:03:26 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.01 18:03:26 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.10.01 18:01:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
========== Files Created - No Company Name ==========
[2012.10.08 09:04:49 | 000,000,168 | ---- | C] () -- C:\Users\phillip\defogger_reenable
[2012.10.08 08:37:01 | 000,004,214 | ---- | C] () -- C:\Users\phillip\Documents\G Data Protokoll ID 67.html
[2012.10.08 08:10:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.07 22:13:00 | 000,229,316 | ---- | C] () -- C:\Windows\SysNative\perfi00D.dat
[2012.10.07 22:12:59 | 000,353,324 | ---- | C] () -- C:\Windows\SysNative\perfh00D.dat
[2012.10.07 22:12:59 | 000,068,896 | ---- | C] () -- C:\Windows\SysNative\perfc00D.dat
[2012.10.07 22:12:59 | 000,032,166 | ---- | C] () -- C:\Windows\SysNative\perfd00D.dat
[2012.10.07 21:49:06 | 000,434,288 | ---- | C] () -- C:\Windows\SysNative\perfh001.dat
[2012.10.07 21:49:06 | 000,289,060 | ---- | C] () -- C:\Windows\SysNative\perfi001.dat
[2012.10.07 21:49:06 | 000,042,056 | ---- | C] () -- C:\Windows\SysNative\perfd001.dat
[2012.10.07 21:49:05 | 000,078,786 | ---- | C] () -- C:\Windows\SysNative\perfc001.dat
[2012.10.07 18:43:03 | 000,694,232 | ---- | C] () -- C:\Windows\SysNative\perfh00C.dat
[2012.10.07 18:43:03 | 000,344,522 | ---- | C] () -- C:\Windows\SysNative\perfi00C.dat
[2012.10.07 18:43:03 | 000,129,942 | ---- | C] () -- C:\Windows\SysNative\perfc00C.dat
[2012.10.07 18:43:03 | 000,038,160 | ---- | C] () -- C:\Windows\SysNative\perfd00C.dat
[2012.10.07 18:29:47 | 000,693,256 | ---- | C] () -- C:\Windows\SysNative\perfh00A.dat
[2012.10.07 18:29:47 | 000,341,432 | ---- | C] () -- C:\Windows\SysNative\perfi00A.dat
[2012.10.07 18:29:47 | 000,136,864 | ---- | C] () -- C:\Windows\SysNative\perfc00A.dat
[2012.10.07 18:29:47 | 000,041,390 | ---- | C] () -- C:\Windows\SysNative\perfd00A.dat
[2012.10.07 18:20:01 | 000,688,910 | ---- | C] () -- C:\Windows\SysNative\perfh010.dat
[2012.10.07 18:20:01 | 000,335,478 | ---- | C] () -- C:\Windows\SysNative\perfi010.dat
[2012.10.07 18:20:01 | 000,126,946 | ---- | C] () -- C:\Windows\SysNative\perfc010.dat
[2012.10.07 18:20:01 | 000,037,534 | ---- | C] () -- C:\Windows\SysNative\perfd010.dat
[2012.10.07 18:11:31 | 000,651,768 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.07 18:11:31 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2012.10.07 18:11:31 | 000,129,468 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.07 18:11:31 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2012.10.05 15:38:47 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.05 15:33:44 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.10.03 13:35:20 | 000,000,416 | -H-- | C] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{AF20604E-4BD5-4AE4-9988-B95687A1D2EC}.job
[2012.10.03 13:34:49 | 000,000,454 | ---- | C] () -- C:\user.js
[2012.10.02 15:55:05 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.02 13:19:11 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012.10.02 13:18:56 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.10.02 13:17:31 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.10.02 13:17:21 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.10.02 13:17:21 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.10.02 13:17:11 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012.10.02 13:17:11 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.10.02 10:29:15 | 000,826,405 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012.10.02 10:29:15 | 000,044,952 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2012.10.01 23:06:23 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.01 20:30:46 | 000,002,451 | ---- | C] () -- C:\Users\Frame\Desktop\Google Chrome.lnk
[2012.10.01 20:28:19 | 000,001,128 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000UA.job
[2012.10.01 20:28:17 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000Core.job
[2012.10.01 20:26:29 | 000,001,441 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.10.01 20:25:21 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012.10.01 19:30:47 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.01 19:30:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.01 18:54:50 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk
[2012.10.01 18:20:45 | 000,001,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk
[2012.10.01 18:20:27 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.10.01 18:20:27 | 000,014,051 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012.10.01 18:20:17 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2012.10.01 18:20:17 | 000,792,416 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.dll
[2012.10.01 18:20:17 | 000,000,452 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2012.10.01 18:20:17 | 000,000,452 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.ini
[2012.10.01 18:18:56 | 000,002,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:18:56 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:06:53 | 000,001,413 | ---- | C] () -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.10.01 18:06:50 | 000,001,447 | ---- | C] () -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.01 18:06:29 | 000,000,290 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012.10.01 18:06:29 | 000,000,272 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012.10.01 18:03:15 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.01 18:03:10 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.01 18:01:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.01 18:00:01 | 3220,578,304 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.01 23:30:34 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\Babylon
[2012.10.05 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\DAEMON Tools Lite
[2012.10.02 13:49:16 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\LolClient
[2012.10.01 18:22:19 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\TP-LINK
========== Purity Check ==========
< End of report >
--- --- ---
So einmal OTL.txt von dem QuickscanOTL Logfile: Code:
OTL logfile created on: 15.10.2012 17:36:35 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frame\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,29% Memory free
8,00 Gb Paging File | 6,29 Gb Available in Paging File | 78,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 121,97 Gb Total Space | 77,00 Gb Free Space | 63,13% Space Free | Partition Type: NTFS
Drive G: | 110,81 Gb Total Space | 102,78 Gb Free Space | 92,75% Space Free | Partition Type: NTFS
Computer Name: PHILLIP-PC | User Name: phillip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\phillip\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe (Ralink Technology, Corp.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll ()
MOD - C:\Users\Frame\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)
SRV - (TSNxGService) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)
SRV - (GDTunerSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)
SRV - (jswpsapi) -- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe (Wireless)
SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe (Ralink Technology, Corp.)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (TpMediaServer) -- C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (TS4NT) -- C:\Windows\SysNative\drivers\TS4nt.sys (G Data Software)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8H2c9kUP&i=26
IE - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\phillip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\phillip\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
[2012.10.01 21:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\phillip\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.10.01 21:01:13 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\phillip\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2012.10.01 23:30:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
========== Chrome ==========
CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\phillip\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\phillip\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Internetradio Deutschland = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\agclceincpmoblobmbhhbdfmplndgndf\1_0\
CHR - Extension: YouTube = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Der Pate: Die F\\u00FCnf Familien = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl\1.0_0\
CHR - Extension: Stylish = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: Sammourac = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\llljnblgdjpjhmejpiejijklnhkddlnn\1_0\
CHR - Extension: Google Mail = C:\Users\phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [TSNxG4Tray] "C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGTray.exe" /system File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-4028804549-2359495096-1494413759-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{958BCAC9-D078-4AC9-9DFB-AB81878C0F80}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ed51cafd-0eeb-11e2-817f-001a927cc1e9}\Shell - "" = AutoRun
O33 - MountPoints2\{ed51cafd-0eeb-11e2-817f-001a927cc1e9}\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.10.08 10:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.10.08 08:10:27 | 000,000,000 | ---D | C] -- C:\Users\phillip\AppData\Roaming\Malwarebytes
[2012.10.08 08:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.08 08:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.08 08:10:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.08 08:10:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\he-IL
[2012.10.07 22:11:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he
[2012.10.07 22:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2012.10.07 22:11:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he
[2012.10.07 22:11:31 | 000,000,000 | ---D | C] -- C:\Windows\he-IL
[2012.10.07 22:03:03 | 000,003,072 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\he-IL\pscr.sys.mui
[2012.10.07 22:01:58 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrSerIb.sys.mui
[2012.10.07 22:01:56 | 000,008,704 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrSerId.sys.mui
[2012.10.07 22:01:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\he-IL\BrParwdm.sys.mui
[2012.10.07 21:59:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sl-SI
[2012.10.07 21:59:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sl-SI
[2012.10.07 21:59:50 | 000,000,000 | ---D | C] -- C:\Windows\sl-SI
[2012.10.07 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\ar-SA
[2012.10.07 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar
[2012.10.07 21:48:04 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2012.10.07 21:48:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2012.10.07 21:48:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar
[2012.10.07 21:34:42 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\ar-SA\pscr.sys.mui
[2012.10.07 21:33:51 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerIb.sys.mui
[2012.10.07 21:33:50 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerId.sys.mui
[2012.10.07 21:33:50 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrParwdm.sys.mui
[2012.10.07 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sk-SK
[2012.10.07 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2012.10.07 21:31:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sk-SK
[2012.10.07 18:42:18 | 000,000,000 | ---D | C] -- C:\Windows\fr-FR
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\fr-FR
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2012.10.07 18:42:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\040C
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr
[2012.10.07 18:42:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040C
[2012.10.07 18:32:17 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\fr-FR\pscr.sys.mui
[2012.10.07 18:31:03 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrSerIb.sys.mui
[2012.10.07 18:31:01 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrSerId.sys.mui
[2012.10.07 18:31:01 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\fr-FR\BrParwdm.sys.mui
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\es-ES
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es
[2012.10.07 18:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0C0A
[2012.10.07 18:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es
[2012.10.07 18:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C0A
[2012.10.07 18:28:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2012.10.07 18:28:47 | 000,000,000 | ---D | C] -- C:\Windows\es-ES
[2012.10.07 18:21:53 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\es-ES\pscr.sys.mui
[2012.10.07 18:21:05 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrSerIb.sys.mui
[2012.10.07 18:21:02 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrSerId.sys.mui
[2012.10.07 18:21:02 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\es-ES\BrParwdm.sys.mui
[2012.10.07 18:19:22 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\it-IT
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2012.10.07 18:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0410
[2012.10.07 18:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2012.10.07 18:19:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0410
[2012.10.07 18:19:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it
[2012.10.07 18:13:13 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\it-IT\pscr.sys.mui
[2012.10.07 18:12:28 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerIb.sys.mui
[2012.10.07 18:12:26 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerId.sys.mui
[2012.10.07 18:12:26 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrParwdm.sys.mui
[2012.10.07 18:10:47 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2012.10.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2012.10.07 18:10:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2012.10.07 18:10:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012.10.07 18:10:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2012.10.07 18:04:10 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.10.07 18:03:35 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.10.07 18:03:33 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.10.07 18:03:33 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.10.07 13:24:43 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\WindowsUpdate
[2012.10.06 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\ElevatedDiagnostics
[2012.10.06 12:40:59 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\NVIDIA
[2012.10.05 15:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.10.05 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.10.05 15:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.10.05 15:37:41 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.05 15:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.10.05 15:37:35 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\DAEMON Tools Lite
[2012.10.05 15:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.10.05 15:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.10.05 15:36:17 | 000,000,000 | ---D | C] -- C:\temp
[2012.10.05 15:36:06 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.10.05 15:36:06 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.10.05 15:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.10.05 15:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.10.05 15:32:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.10.05 15:07:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.10.05 15:06:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.10.03 13:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012.10.03 13:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion
[2012.10.03 13:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.10.02 18:20:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.10.02 18:02:18 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Diagnostics
[2012.10.02 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Skype
[2012.10.02 15:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.10.02 15:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.10.02 15:55:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.10.02 15:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.10.02 13:49:16 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\LolClient
[2012.10.02 13:49:15 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Macromedia
[2012.10.02 13:49:12 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Adobe
[2012.10.02 13:18:08 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.10.02 13:17:50 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.10.02 12:19:40 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.10.02 10:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.10.02 03:59:13 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.10.01 23:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.01 23:30:34 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Babylon
[2012.10.01 23:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.10.01 23:06:10 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\CRE
[2012.10.01 23:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.10.01 23:05:49 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Conduit
[2012.10.01 22:54:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.10.01 22:02:40 | 000,000,000 | ---D | C] -- C:\Users\Frame\Desktop\Games
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\WinRAR
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.01 21:48:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.10.01 21:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.10.01 21:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.10.01 21:01:13 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Mozilla
[2012.10.01 21:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012.10.01 21:00:31 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.10.01 20:35:49 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\PMB Files
[2012.10.01 20:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.10.01 20:35:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.10.01 20:30:44 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.01 20:28:17 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Google
[2012.10.01 18:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2013
[2012.10.01 18:55:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BioAPIFFDB
[2012.10.01 18:55:11 | 000,098,760 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2012.10.01 18:55:09 | 000,059,768 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.10.01 18:55:03 | 000,122,744 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.10.01 18:55:03 | 000,064,376 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.10.01 18:55:03 | 000,054,136 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.10.01 18:55:02 | 000,065,912 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.10.01 18:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2012.10.01 18:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2012.10.01 18:53:36 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Downloaded Installations
[2012.10.01 18:31:33 | 432,321,552 | ---- | C] (G Data Software AG) -- C:\Users\Frame\Desktop\GER_R_FUL_2013_TP.exe
[2012.10.01 18:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2012.10.01 18:20:27 | 001,547,616 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012.10.01 18:20:27 | 000,327,008 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2012.10.01 18:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK Driver
[2012.10.01 18:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.10.01 18:20:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.01 18:20:17 | 002,399,584 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2012.10.01 18:20:17 | 001,112,928 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2012.10.01 18:20:17 | 001,112,928 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2012.10.01 18:20:17 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2012.10.01 18:20:17 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2012.10.01 18:20:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages
[2012.10.01 18:19:00 | 000,000,000 | ---D | C] -- C:\Users\phillip\AppData\Roaming\TP-LINK
[2012.10.01 18:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2012.10.01 18:18:49 | 000,884,736 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysWow64\jswscsup.dll
[2012.10.01 18:18:49 | 000,026,624 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\jswpslwfx.sys
[2012.10.01 18:18:48 | 001,607,008 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2012.10.01 18:18:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.10.01 18:18:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK
[2012.10.01 18:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\Searches
[2012.10.01 18:06:49 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.01 18:06:49 | 000,000,000 | -H-D | C] -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012.10.01 18:06:40 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Identities
[2012.10.01 18:06:38 | 000,000,000 | R--D | C] -- C:\Users\Frame\Contacts
[2012.10.01 18:06:37 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\VirtualStore
[2012.10.01 18:06:29 | 000,000,000 | --SD | C] -- C:\Users\Frame\AppData\Roaming\Microsoft
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Videos
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Saved Games
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Pictures
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Music
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Links
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Favorites
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Downloads
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Documents
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\Desktop
[2012.10.01 18:06:29 | 000,000,000 | R--D | C] -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\Temporary Internet Files
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Templates
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Start Menu
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\SendTo
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Recent
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\PrintHood
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\NetHood
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Videos
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Pictures
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Documents\My Music
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\My Documents
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Local Settings
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\History
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Cookies
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\Application Data
[2012.10.01 18:06:29 | 000,000,000 | -HSD | C] -- C:\Users\Frame\AppData\Local\Application Data
[2012.10.01 18:06:29 | 000,000,000 | -H-D | C] -- C:\Users\Frame\AppData
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Temp
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Local\Microsoft
[2012.10.01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Frame\AppData\Roaming\Media Center Programs
[2012.10.01 18:06:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.01 18:02:46 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.01 18:00:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.01 18:00:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2012.10.15 17:38:01 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 17:38:01 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 17:34:46 | 000,826,405 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012.10.15 17:34:46 | 000,044,952 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012.10.15 17:30:45 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{AF20604E-4BD5-4AE4-9988-B95687A1D2EC}.job
[2012.10.15 17:30:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.15 17:30:14 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 09:45:22 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000UA.job
[2012.10.11 22:45:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000Core.job
[2012.10.11 16:27:25 | 000,002,451 | ---- | M] () -- C:\Users\Frame\Desktop\Google Chrome.lnk
[2012.10.08 09:04:49 | 000,000,168 | ---- | M] () -- C:\Users\Frame\defogger_reenable
[2012.10.08 08:37:01 | 000,004,214 | ---- | M] () -- C:\Users\Frame\Documents\G Data Protokoll ID 67.html
[2012.10.08 08:10:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.08 07:39:50 | 004,895,608 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.08 07:39:50 | 000,694,232 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012.10.08 07:39:50 | 000,693,256 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012.10.08 07:39:50 | 000,688,910 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012.10.08 07:39:50 | 000,651,768 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.08 07:39:50 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.08 07:39:50 | 000,434,288 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2012.10.08 07:39:50 | 000,353,324 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2012.10.08 07:39:50 | 000,136,864 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012.10.08 07:39:50 | 000,129,942 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012.10.08 07:39:50 | 000,129,468 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.08 07:39:50 | 000,126,946 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012.10.08 07:39:50 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.08 07:39:50 | 000,078,786 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2012.10.08 07:39:50 | 000,068,896 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2012.10.07 22:11:19 | 000,229,316 | ---- | M] () -- C:\Windows\SysNative\perfi00D.dat
[2012.10.07 22:11:19 | 000,032,166 | ---- | M] () -- C:\Windows\SysNative\perfd00D.dat
[2012.10.07 21:47:37 | 000,289,060 | ---- | M] () -- C:\Windows\SysNative\perfi001.dat
[2012.10.07 21:47:37 | 000,042,056 | ---- | M] () -- C:\Windows\SysNative\perfd001.dat
[2012.10.07 18:41:48 | 000,344,522 | ---- | M] () -- C:\Windows\SysNative\perfi00C.dat
[2012.10.07 18:41:48 | 000,038,160 | ---- | M] () -- C:\Windows\SysNative\perfd00C.dat
[2012.10.07 18:28:19 | 000,341,432 | ---- | M] () -- C:\Windows\SysNative\perfi00A.dat
[2012.10.07 18:28:19 | 000,041,390 | ---- | M] () -- C:\Windows\SysNative\perfd00A.dat
[2012.10.07 18:18:57 | 000,335,478 | ---- | M] () -- C:\Windows\SysNative\perfi010.dat
[2012.10.07 18:18:57 | 000,037,534 | ---- | M] () -- C:\Windows\SysNative\perfd010.dat
[2012.10.07 18:10:19 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2012.10.07 18:10:19 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2012.10.05 16:57:29 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.05 15:38:47 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.05 15:37:41 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.10.03 13:34:50 | 000,000,454 | ---- | M] () -- C:\user.js
[2012.10.02 15:55:05 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.01 23:06:24 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.01 21:00:31 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012.10.01 20:26:29 | 000,001,441 | ---- | M] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.10.01 20:25:21 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012.10.01 19:30:47 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.01 19:30:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.01 18:55:11 | 000,098,760 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2012.10.01 18:55:09 | 000,059,768 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012.10.01 18:55:03 | 000,122,744 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012.10.01 18:55:03 | 000,064,376 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2012.10.01 18:55:03 | 000,054,136 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012.10.01 18:55:02 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012.10.01 18:54:50 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk
[2012.10.01 18:20:45 | 000,001,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk
[2012.10.01 18:18:56 | 000,002,303 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:18:56 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:03:26 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.01 18:03:26 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.10.01 18:01:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
========== Files Created - No Company Name ==========
[2012.10.08 09:04:49 | 000,000,168 | ---- | C] () -- C:\Users\phillip\defogger_reenable
[2012.10.08 08:37:01 | 000,004,214 | ---- | C] () -- C:\Users\phillip\Documents\G Data Protokoll ID 67.html
[2012.10.08 08:10:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.07 22:13:00 | 000,229,316 | ---- | C] () -- C:\Windows\SysNative\perfi00D.dat
[2012.10.07 22:12:59 | 000,353,324 | ---- | C] () -- C:\Windows\SysNative\perfh00D.dat
[2012.10.07 22:12:59 | 000,068,896 | ---- | C] () -- C:\Windows\SysNative\perfc00D.dat
[2012.10.07 22:12:59 | 000,032,166 | ---- | C] () -- C:\Windows\SysNative\perfd00D.dat
[2012.10.07 21:49:06 | 000,434,288 | ---- | C] () -- C:\Windows\SysNative\perfh001.dat
[2012.10.07 21:49:06 | 000,289,060 | ---- | C] () -- C:\Windows\SysNative\perfi001.dat
[2012.10.07 21:49:06 | 000,042,056 | ---- | C] () -- C:\Windows\SysNative\perfd001.dat
[2012.10.07 21:49:05 | 000,078,786 | ---- | C] () -- C:\Windows\SysNative\perfc001.dat
[2012.10.07 18:43:03 | 000,694,232 | ---- | C] () -- C:\Windows\SysNative\perfh00C.dat
[2012.10.07 18:43:03 | 000,344,522 | ---- | C] () -- C:\Windows\SysNative\perfi00C.dat
[2012.10.07 18:43:03 | 000,129,942 | ---- | C] () -- C:\Windows\SysNative\perfc00C.dat
[2012.10.07 18:43:03 | 000,038,160 | ---- | C] () -- C:\Windows\SysNative\perfd00C.dat
[2012.10.07 18:29:47 | 000,693,256 | ---- | C] () -- C:\Windows\SysNative\perfh00A.dat
[2012.10.07 18:29:47 | 000,341,432 | ---- | C] () -- C:\Windows\SysNative\perfi00A.dat
[2012.10.07 18:29:47 | 000,136,864 | ---- | C] () -- C:\Windows\SysNative\perfc00A.dat
[2012.10.07 18:29:47 | 000,041,390 | ---- | C] () -- C:\Windows\SysNative\perfd00A.dat
[2012.10.07 18:20:01 | 000,688,910 | ---- | C] () -- C:\Windows\SysNative\perfh010.dat
[2012.10.07 18:20:01 | 000,335,478 | ---- | C] () -- C:\Windows\SysNative\perfi010.dat
[2012.10.07 18:20:01 | 000,126,946 | ---- | C] () -- C:\Windows\SysNative\perfc010.dat
[2012.10.07 18:20:01 | 000,037,534 | ---- | C] () -- C:\Windows\SysNative\perfd010.dat
[2012.10.07 18:11:31 | 000,651,768 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.07 18:11:31 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2012.10.07 18:11:31 | 000,129,468 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.07 18:11:31 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2012.10.05 15:38:47 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.10.05 15:33:44 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.10.03 13:35:20 | 000,000,416 | -H-- | C] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{AF20604E-4BD5-4AE4-9988-B95687A1D2EC}.job
[2012.10.03 13:34:49 | 000,000,454 | ---- | C] () -- C:\user.js
[2012.10.02 15:55:05 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.02 13:19:11 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012.10.02 13:18:56 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.10.02 13:17:31 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.10.02 13:17:21 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.10.02 13:17:21 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.10.02 13:17:11 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012.10.02 13:17:11 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.10.02 10:29:15 | 000,826,405 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012.10.02 10:29:15 | 000,044,952 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2012.10.01 23:06:23 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.01 20:30:46 | 000,002,451 | ---- | C] () -- C:\Users\Frame\Desktop\Google Chrome.lnk
[2012.10.01 20:28:19 | 000,001,128 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000UA.job
[2012.10.01 20:28:17 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4028804549-2359495096-1494413759-1000Core.job
[2012.10.01 20:26:29 | 000,001,441 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012.10.01 20:25:21 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012.10.01 19:30:47 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.01 19:30:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.01 18:54:50 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk
[2012.10.01 18:20:45 | 000,001,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk
[2012.10.01 18:20:27 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.10.01 18:20:27 | 000,014,051 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2012.10.01 18:20:17 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2012.10.01 18:20:17 | 000,792,416 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.dll
[2012.10.01 18:20:17 | 000,000,452 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2012.10.01 18:20:17 | 000,000,452 | ---- | C] () -- C:\Windows\SysNative\DiagFunc.ini
[2012.10.01 18:18:56 | 000,002,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:18:56 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2012.10.01 18:06:53 | 000,001,413 | ---- | C] () -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.10.01 18:06:50 | 000,001,447 | ---- | C] () -- C:\Users\Frame\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.01 18:06:29 | 000,000,290 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012.10.01 18:06:29 | 000,000,272 | ---- | C] () -- C:\Users\Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012.10.01 18:03:15 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.01 18:03:10 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.01 18:01:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.01 18:00:01 | 3220,578,304 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.01 23:30:34 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\Babylon
[2012.10.05 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\DAEMON Tools Lite
[2012.10.02 13:49:16 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\LolClient
[2012.10.01 18:22:19 | 000,000,000 | ---D | M] -- C:\Users\Frame\AppData\Roaming\TP-LINK
========== Purity Check ==========
< End of report >
--- --- ---
Nochmal die OTL.txt |
