| |  GVU Trojaner will einfach nicht verschwinden.
 Hallo liebe Community,
ich habe mir mal wieder einen ganz besonders hartnäckigen GVU Trojaner eingefangen, der abgesicherte Modus meines Windows 7 Home Premium 64-Bit geht zwar noch, aber jegliche Versuche dem Teil Herr zu werden sind gescheitert, bisher ausgeführt :
1) Panda ActiveScan Pro
2) Temp. Files gelöscht
3) Malware Bytes Anti-Malware
Leider habe ich wohl versäumt auf diesem Gerät SP1 zu installieren *peinlich*
Anbei auch die beiden OTL Files! Zitat:
OTL logfile created on: 05.03.2013 11:32:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\OAPalliance\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,68 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 76,88% Memory free
7,35 Gb Paging File | 6,57 Gb Available in Paging File | 89,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,66 Gb Total Space | 427,31 Gb Free Space | 94,40% Space Free | Partition Type: NTFS
Computer Name: OAPALLIANCE-PC | User Name: OAPalliance | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\OAPalliance\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (mfevtp) -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7745g&r=27360213v706l0433z1j5t5641l549
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.02.22 20:21:43 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20100513193929.dll (McAfee, Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100513193929.dll (McAfee, Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trigger New Acer AlaunchX] c:\OEM\Preload\Command\AlaunchX\AppInRun.exe ()
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Global Registration] C:\Program Files (x86)\Acer\Registration\GREG.exe (Acer Incorporated)
O4:64bit: - HKLM..\RunOnce: [New Acer AlaunchX] c:\OEM\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.199 217.0.43.33 217.0.43.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C}: DhcpNameServer = 192.168.100.199 217.0.43.33 217.0.43.17
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.05 11:31:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\OAPalliance\Desktop\OTL.exe
[2013.03.05 09:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.03.04 18:09:38 | 000,703,352 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\OAPalliance\Desktop\autoruns.exe
[2013.03.04 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Malwarebytes
[2013.03.04 14:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.04 14:01:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.04 14:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.04 14:01:24 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\Programs
[2013.03.04 12:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2013.03.04 12:31:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.04 12:24:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.04 12:22:54 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Adobe
[2013.02.23 04:57:49 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2013.02.23 04:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2013.02.23 04:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2013.02.23 04:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2013.02.23 04:57:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2013.02.23 04:57:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013.02.23 04:57:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2013.02.23 04:57:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2013.02.23 04:57:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2013.02.23 04:57:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2013.02.23 04:57:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2013.02.23 04:57:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2013.02.23 04:57:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2013.02.23 04:57:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2013.02.23 04:57:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2013.02.23 04:57:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2013.02.23 04:57:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2013.02.23 04:57:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2013.02.23 04:57:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2013.02.23 04:57:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2013.02.23 04:57:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2013.02.23 04:57:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2013.02.23 04:57:03 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2013.02.23 04:57:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2013.02.23 04:57:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2013.02.23 04:57:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2013.02.23 04:57:02 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2013.02.23 04:57:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2013.02.23 04:57:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2013.02.23 04:57:02 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2013.02.23 04:57:02 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2013.02.23 04:57:02 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2013.02.23 04:57:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2013.02.23 04:57:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2013.02.23 04:56:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2013.02.23 04:56:57 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2013.02.23 04:56:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2013.02.23 04:56:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2013.02.23 04:56:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2013.02.23 04:56:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2013.02.23 04:56:54 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2013.02.23 04:56:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2013.02.23 04:56:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2013.02.23 04:56:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2013.02.23 04:56:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2013.02.23 04:56:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2013.02.23 04:56:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2013.02.23 04:56:53 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2013.02.23 04:56:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2013.02.23 04:56:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2013.02.23 04:56:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2013.02.23 04:56:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2013.02.23 04:56:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2013.02.23 04:56:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2013.02.23 04:56:49 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2013.02.23 04:56:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2013.02.23 04:56:49 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2013.02.23 04:56:48 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2013.02.23 04:56:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2013.02.23 04:56:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2013.02.23 04:56:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2013.02.23 04:52:25 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2013.02.22 20:43:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
[2013.02.22 20:42:07 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\Cyberlink
[2013.02.22 20:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2013.02.22 20:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.02.22 20:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013.02.22 20:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.02.22 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.02.22 20:38:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013.02.22 20:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2013.02.22 20:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013.02.22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013.02.22 20:38:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.02.22 20:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013.02.22 20:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.02.22 20:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013.02.22 20:33:56 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2013.02.22 20:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.02.22 20:31:57 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Liteon
[2013.02.22 20:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam
[2013.02.22 20:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Crystal Eye webcam
[2013.02.22 20:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2013.02.22 20:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013.02.22 20:29:31 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\InstallShield
[2013.02.22 20:25:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.02.22 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\ATI
[2013.02.22 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\ATI
[2013.02.22 20:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.22 20:24:58 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Intel Corporation
[2013.02.22 20:24:47 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\EgisTec IPS
[2013.02.22 20:24:46 | 000,000,000 | ---D | C] -- C:\book
[2013.02.22 20:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2013.02.22 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Macromedia
[2013.02.22 20:24:33 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.02.22 20:24:33 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Searches
[2013.02.22 20:24:33 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.02.22 20:24:25 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Identities
[2013.02.22 20:24:23 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Contacts
[2013.02.22 20:24:21 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\VirtualStore
[2013.02.22 20:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2013.02.22 20:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Accessory Store
[2013.02.22 20:21:35 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Vorlagen
[2013.02.22 20:21:35 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\AppData\Local\Verlauf
[2013.02.22 20:21:35 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\AppData\Local\Temporary Internet Files
[2013.02.22 20:21:35 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Lokale Einstellungen
[2013.02.22 20:21:35 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\AppData\Local\Anwendungsdaten
[2013.02.22 20:21:34 | 000,000,000 | --SD | C] -- C:\Users\OAPalliance\AppData\Roaming\Microsoft
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Videos
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Saved Games
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Pictures
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Music
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Links
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Favorites
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Downloads
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Documents
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\Desktop
[2013.02.22 20:21:34 | 000,000,000 | R--D | C] -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Startmenü
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\SendTo
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Recent
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Netzwerkumgebung
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Documents\Eigene Videos
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Documents\Eigene Musik
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Eigene Dateien
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Documents\Eigene Bilder
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Druckumgebung
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Cookies
[2013.02.22 20:21:34 | 000,000,000 | -HSD | C] -- C:\Users\OAPalliance\Anwendungsdaten
[2013.02.22 20:21:34 | 000,000,000 | -H-D | C] -- C:\Users\OAPalliance\AppData
[2013.02.22 20:21:34 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\Temp
[2013.02.22 20:21:34 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Local\Microsoft
[2013.02.22 20:21:34 | 000,000,000 | ---D | C] -- C:\Users\OAPalliance\AppData\Roaming\Media Center Programs
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.02.22 20:21:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.02.22 20:21:29 | 000,000,000 | ---D | C] -- C:\Recovery
[2013.02.22 20:07:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.02.22 20:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.02.22 20:06:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.02.22 20:05:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.02.22 20:04:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013.02.22 20:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.02.22 20:04:52 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013.02.22 20:04:52 | 001,913,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013.02.22 20:04:52 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013.02.22 20:04:52 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013.02.22 20:04:52 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013.02.22 20:04:52 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013.02.22 20:04:52 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013.02.22 20:04:52 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013.02.22 20:04:52 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013.02.22 20:04:51 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013.02.22 20:04:51 | 001,659,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013.02.22 20:04:51 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013.02.22 20:04:51 | 001,210,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013.02.22 20:04:51 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013.02.22 20:04:51 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013.02.22 20:04:51 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013.02.22 20:04:51 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013.02.22 20:04:51 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013.02.22 20:04:51 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013.02.22 20:04:51 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013.02.22 20:04:51 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013.02.22 20:04:51 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013.02.22 20:04:51 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013.02.22 20:04:51 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013.02.22 20:04:51 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013.02.22 20:04:51 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013.02.22 20:04:51 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013.02.22 20:04:51 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013.02.22 20:04:51 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013.02.22 20:04:51 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013.02.22 20:04:51 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013.02.22 20:04:51 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013.02.22 20:04:51 | 000,069,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013.02.22 20:04:50 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.02.22 20:04:50 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013.02.22 20:04:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013.02.22 20:04:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.02.22 20:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013.02.22 20:02:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2013.03.05 11:31:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\OAPalliance\Desktop\OTL.exe
[2013.03.05 09:52:26 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.05 09:52:26 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.05 09:52:26 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.05 09:52:26 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.05 09:52:26 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.05 09:50:19 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
[2013.03.05 09:48:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.05 09:47:54 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.23 04:57:38 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2013.02.23 04:57:38 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2013.02.23 04:57:20 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2013.02.23 04:57:16 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2013.02.23 04:57:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
[2013.02.23 04:57:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2013.02.23 04:57:06 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2013.02.23 04:57:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2013.02.23 04:57:03 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2013.02.23 04:57:03 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2013.02.23 04:57:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2013.02.23 04:57:03 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2013.02.23 04:57:03 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2013.02.23 04:57:03 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2013.02.23 04:57:03 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2013.02.23 04:57:03 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2013.02.23 04:57:03 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2013.02.23 04:57:03 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2013.02.23 04:57:03 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2013.02.23 04:57:03 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2013.02.23 04:57:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2013.02.23 04:57:03 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2013.02.23 04:57:03 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2013.02.23 04:57:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2013.02.23 04:57:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2013.02.23 04:57:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2013.02.23 04:57:02 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2013.02.23 04:57:02 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2013.02.23 04:57:02 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2013.02.23 04:57:02 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
[2013.02.23 04:57:02 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2013.02.23 04:57:02 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2013.02.23 04:57:02 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2013.02.23 04:57:02 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2013.02.23 04:57:02 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2013.02.23 04:57:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2013.02.23 04:57:02 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2013.02.23 04:57:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2013.02.23 04:57:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2013.02.23 04:56:59 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2013.02.23 04:56:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2013.02.23 04:56:57 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2013.02.23 04:56:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2013.02.23 04:56:56 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2013.02.23 04:56:56 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2013.02.23 04:56:54 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2013.02.23 04:56:54 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2013.02.23 04:56:54 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2013.02.23 04:56:54 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2013.02.23 04:56:54 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2013.02.23 04:56:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2013.02.23 04:56:54 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2013.02.23 04:56:53 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2013.02.23 04:56:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2013.02.23 04:56:53 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2013.02.23 04:56:51 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2013.02.23 04:56:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2013.02.23 04:56:51 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2013.02.23 04:56:51 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2013.02.23 04:56:49 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2013.02.23 04:56:49 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2013.02.23 04:56:49 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2013.02.23 04:56:48 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2013.02.23 04:56:48 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2013.02.23 04:56:48 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2013.02.23 04:56:48 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2013.02.23 04:52:25 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2013.02.22 20:35:36 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:35:36 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 20:32:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.02.22 20:31:12 | 000,000,000 | ---- | M] () -- C:\Windows\SETUP.INI
[2013.02.22 20:31:11 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2013.02.22 20:22:00 | 000,002,609 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2013.02.22 20:21:50 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\Acer Zubehör Shop.lnk
[2013.02.22 20:17:48 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.02.22 20:17:48 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.02.22 20:11:46 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.22 20:11:07 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.02.22 20:10:05 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd
========== Files Created - No Company Name ==========
[2013.02.23 05:01:16 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2013.02.23 04:58:13 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2013.02.23 04:58:12 | 000,643,628 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.23 04:58:12 | 000,126,188 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.23 04:58:12 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2013.02.22 20:36:10 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2013.02.22 20:32:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.02.22 20:31:12 | 000,000,000 | ---- | C] () -- C:\Windows\SETUP.INI
[2013.02.22 20:24:38 | 000,001,409 | ---- | C] () -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.02.22 20:24:34 | 000,001,443 | ---- | C] () -- C:\Users\OAPalliance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.02.22 20:22:00 | 000,002,609 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2013.02.22 20:21:50 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\Acer Zubehör Shop.lnk
[2013.02.22 20:11:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.02.22 20:10:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\PLD_Framework.cmd
[2013.02.22 20:07:16 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013.02.22 20:07:16 | 000,001,105 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2013.02.22 20:04:53 | 000,231,056 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2013.02.22 20:04:53 | 000,030,856 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2013.02.22 20:04:53 | 000,001,352 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2013.02.22 20:04:53 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2013.02.22 20:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat
[2013.02.22 20:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2013.02.22 20:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2013.02.22 20:04:53 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2013.02.22 20:04:53 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat
[2013.02.22 20:04:53 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2013.02.22 20:04:18 | 000,696,680 | ---- | C] () -- C:\Windows\SysNative\oem6.inf
[2013.02.22 20:02:56 | 2960,510,976 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.14 03:29:27 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
| Zitat:
OTL Extras logfile created on: 05.03.2013 11:32:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\OAPalliance\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,68 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 76,88% Memory free
7,35 Gb Paging File | 6,57 Gb Available in Paging File | 89,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,66 Gb Total Space | 427,31 Gb Free Space | 94,40% Space Free | Partition Type: NTFS
Computer Name: OAPALLIANCE-PC | User Name: OAPalliance | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11F56432-6CE4-4C7E-BD84-81B3D5F39F45}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A587D0D8-7794-4580-820D-5BA8B7BD84F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12ADA536-652F-4FD7-9B60-F0150084D470}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{29CD4701-413E-49D3-A07B-AE91E6EECA41}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3238093F-B8B3-4316-9764-C88A34A0560D}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{82101DBE-3B25-4341-BA89-BA39B650F3D6}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{87FFCDCF-0884-467F-8FD8-3CE1D28F3C9B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9DF2A7BD-9821-4ECB-8481-CF371A720DD7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9EB95263-38C4-4BC3-90D6-07A94960C700}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CB9A2E62-ED0E-40E6-89E1-38BA8567B7F2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{241E3816-2EF1-A1D1-8811-4478E28E130B}" = ccc-utility64
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AFBE654A-4597-89DB-EF5F-7CC7D0475691}" = ATI Catalyst Install Manager
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0E9118B6-0191-3642-E743-B69EBE42D4AF}" = Catalyst Control Center Graphics Full Existing
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19F3712E-BDCF-B1DA-A22E-A67537C8A2F0}" = CCC Help Polish
"{1BE1B77F-4307-B5D3-1532-CEE7ECF9CBBB}" = CCC Help Norwegian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CD5493C-51AF-C805-A197-DC36E8C57784}" = CCC Help Portuguese
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{4FEF7A1D-0DAC-F687-E474-AA7A13E3D8CA}" = Catalyst Control Center Graphics Full New
"{50B9544E-CA9A-CA08-3BC8-F66A69A4E49F}" = CCC Help Spanish
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{525A74BE-B7F5-94D0-987C-0324FF58FBB1}" = CCC Help French
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5F0FF70C-5828-2178-4642-206D9F3B681F}" = Catalyst Control Center InstallProxy
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{74A8E6D0-5E5B-6CAC-F592-8EDA39FC15C0}" = CCC Help Korean
"{780B7CAD-9E59-8986-63EC-D60B8D06D6E6}" = Catalyst Control Center Graphics Light
"{7C1BA7EF-0866-BBDB-129A-F53DB0954F61}" = CCC Help Turkish
"{7E2CD483-7D07-BE78-C0C6-DE07057DC551}" = Catalyst Control Center Core Implementation
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{832BC337-E36D-0039-065C-7E4EDC5D45B4}" = CCC Help Greek
"{849EC471-5D3C-59E4-5C52-845C3AC320B3}" = CCC Help Thai
"{86021347-6DF2-7015-B152-51A17DCFDB22}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9347A62B-EDAF-AA30-0F68-3EF11B51DCA1}" = CCC Help German
"{935E59AB-A56F-6EB5-9BA8-A1FC7A203A77}" = ccc-core-static
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95E4B940-E816-933C-D48F-2E000F2629C8}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D027EFD-8DA7-474D-FEF9-6302A77BDB27}" = CCC Help Chinese Standard
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8439DCA-AE39-2510-3EC3-730C4EE13473}" = CCC Help Finnish
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AC838E60-C5DB-3127-1743-E6789CC26C74}" = PX Profile Update
"{B6F57B2E-1C93-E0B3-4F6A-F5E2118709AA}" = CCC Help Swedish
"{B73424BF-A4E9-572B-3FE1-6E7AF172D192}" = Catalyst Control Center Graphics Previews Vista
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C76DD602-F340-0433-87B9-432996F4707A}" = Catalyst Control Center Localization All
"{D421F957-7D5B-D409-FA76-7400853952E3}" = CCC Help Czech
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DBB3F067-D7DF-C159-4224-3DABD84492E1}" = CCC Help Hungarian
"{DCDCE4BE-9E4B-BC42-85F6-76D4F0AE7EE0}" = CCC Help Russian
"{DF4F714F-5EDA-31FF-F597-317A29B42B8B}" = CCC Help Danish
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E1831D71-DBCA-999B-075D-7CC2B9B115C9}" = CCC Help Japanese
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"{EA562C1C-D6C2-070A-FE8B-B1FF6094ACB8}" = CCC Help Dutch
"{EADB1B66-8AAD-BC58-7E6E-33BC314A27D5}" = CCC Help Italian
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"MSC" = McAfee Internet Security Suite
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.02.2013 15:06:53 | Computer Name = WIN-V9ULR9KRBSD | Source = MsiInstaller | ID = 11935
Description =
[ System Events ]
Error - 04.03.2013 11:00:15 | Computer Name = OAPalliance-PC | Source = DCOM | ID = 10005
Description =
Error - 04.03.2013 11:00:14 | Computer Name = OAPalliance-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\System32\bcmihvsrv64.dll Fehlercode: 21
Error - 04.03.2013 11:00:18 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:18 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:18 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:19 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:19 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:19 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:19 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 04.03.2013 11:00:19 | Computer Name = OAPalliance-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
| Danke im vorraus.
Gruß,
DarKxRaideR
|
05.03.2013, 12:16
Baum-Darstellung