| Staff_Sgt. | 07.01.2012 19:38 |
OTL Logfile: Code:
OTL logfile created on: 07.01.2012 19:20:46 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\CoH\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 34,93% Memory free
6,19 Gb Paging File | 4,02 Gb Available in Paging File | 64,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,65 Gb Total Space | 9,26 Gb Free Space | 6,49% Space Free | Partition Type: NTFS
Drive D: | 142,67 Gb Total Space | 114,55 Gb Free Space | 80,29% Space Free | Partition Type: NTFS
Drive E: | 7,77 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,72 Gb Total Space | 3,25 Gb Free Space | 87,34% Space Free | Partition Type: FAT32
Computer Name: RUST-PC | User Name: CoH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.07 17:45:27 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\CoH\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2012.01.07 13:45:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\CoH\Desktop\OTL.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.10.15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.09 21:04:38 | 000,741,224 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe
PRC - [2011.08.01 13:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2011.08.01 01:53:04 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10u_ActiveX.exe
PRC - [2011.07.13 13:52:47 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.10 18:35:18 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.02 20:14:42 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.08.26 13:45:00 | 000,743,232 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.08.26 13:43:20 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.01.14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.11.06 20:22:20 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Rust\Program Files\DNA\btdna.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:36 | 000,059,392 | ---- | M] () -- C:\Users\Rust\AppData\Roaming\Google\Chrome\chrome.exe
PRC - [2008.09.19 04:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Modules (No Company Name) ==========
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - File not found [Auto | Stopped] -- -- (NTISchedulerSvc)
SRV - File not found [Auto | Stopped] -- -- (NTIBackupSvc)
SRV - File not found [Auto | Stopped] -- -- (LightScribeService)
SRV - File not found [Auto | Stopped] -- -- (ETService)
SRV - File not found [Auto | Stopped] -- -- (eDataSecurity Service)
SRV - File not found [Auto | Stopped] -- -- (CLHNService)
SRV - File not found [Auto | Stopped] -- -- (BUNAgentSvc)
SRV - File not found [Auto | Stopped] -- -- (Akamai)
SRV - [2012.01.05 13:01:56 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.08.09 21:04:38 | 000,741,224 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011.07.13 13:52:47 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.10 18:35:18 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.08.30 20:50:59 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.08.26 13:43:20 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.08.26 13:40:24 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.06.17 17:37:00 | 003,591,496 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ==========
DRV - [2011.10.15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.07.13 13:52:48 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.13 13:52:48 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.02.24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.09.16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.10.08 10:43:08 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)
DRV - [2008.10.08 10:43:06 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)
DRV - [2008.10.01 10:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.05.21 13:36:12 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2006.11.29 01:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005.08.17 06:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005.08.17 06:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005.08.17 06:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005.01.04 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0109&m=aspire_8730
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 5D 67 4F F9 C7 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2011.12.31 21:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CoH\AppData\Roaming\mozilla\Firefox\extensions
[2011.12.31 21:28:13 | 000,000,000 | ---D | M] (Freeware.de Community Toolbar) -- C:\Users\CoH\AppData\Roaming\mozilla\Firefox\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.5.1\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freeware.de Toolbar) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - C:\Program Files\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe File not found
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (CDownloadCtrl Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.64.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04ED6685-87EB-4385-9FCB-25BD09D4BF5D}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FAFED2A-826B-479E-B6A9-4636C777D5EA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B93112-A761-453D-943C-C2E1C63F8A47}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-itss - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.01.15 23:16:57 | 000,649,428 | R--- | M] () - E:\Autorun.dbd -- [ CDFS ]
O32 - AutoRun File - [2008.01.03 21:12:57 | 000,004,274 | R--- | M] () - E:\Autorun.txt -- [ CDFS ]
O32 - AutoRun File - [2008.01.03 21:12:57 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.01.07 14:04:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.07 13:45:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\CoH\Desktop\OTL.exe
[2012.01.06 17:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.01.06 15:24:58 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Malwarebytes
[2012.01.06 15:24:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.06 15:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.06 15:24:44 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.06 15:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.06 15:20:17 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\CoH\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.06 00:32:04 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Avira
[2012.01.06 00:25:24 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Skype
[2012.01.06 00:00:01 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\TuneUp Software
[2012.01.04 19:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2011.12.31 21:28:12 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Mozilla
[2011.12.31 21:27:40 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\Conduit
[2011.12.31 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Freeware.de
[2011.12.31 21:26:20 | 000,507,904 | ---- | C] (www.download-sponsor.de) -- C:\Users\CoH\Desktop\ProductKeyFinder.exe
[2011.12.31 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Adobe
[2011.12.31 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\LogMeIn Hamachi
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\Videos
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\Searches
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\Pictures
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\Music
[2011.12.31 21:15:58 | 000,000,000 | R--D | C] -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.31 21:15:55 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Identities
[2011.12.31 21:15:53 | 000,000,000 | R--D | C] -- C:\Users\CoH\Contacts
[2011.12.31 21:15:52 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\VirtualStore
[2011.12.31 21:15:50 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Vorlagen
[2011.12.31 21:15:50 | 000,000,000 | -HSD | C] -- C:\Users\CoH\AppData\Local\Verlauf
[2011.12.31 21:15:50 | 000,000,000 | -HSD | C] -- C:\Users\CoH\AppData\Local\Temporary Internet Files
[2011.12.31 21:15:50 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Lokale Einstellungen
[2011.12.31 21:15:50 | 000,000,000 | -HSD | C] -- C:\Users\CoH\AppData\Local\Anwendungsdaten
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Startmenü
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\SendTo
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Recent
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Netzwerkumgebung
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Eigene Dateien
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Druckumgebung
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Cookies
[2011.12.31 21:15:49 | 000,000,000 | -HSD | C] -- C:\Users\CoH\Anwendungsdaten
[2011.12.31 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\Temp
[2011.12.31 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\Microsoft Help
[2011.12.31 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Local\Microsoft
[2011.12.31 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Media Center Programs
[2011.12.31 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Macromedia
[2011.12.31 21:15:48 | 000,000,000 | --SD | C] -- C:\Users\CoH\AppData\Roaming\Microsoft
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Saved Games
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Links
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Favorites
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Downloads
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Documents
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\Desktop
[2011.12.31 21:15:48 | 000,000,000 | R--D | C] -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.31 21:15:48 | 000,000,000 | -H-D | C] -- C:\Users\CoH\AppData
[2011.12.31 21:15:48 | 000,000,000 | ---D | C] -- C:\Users\CoH\Documents\Visual Studio 2010
[2011.12.31 21:15:48 | 000,000,000 | ---D | C] -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
[2011.12.22 12:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.12.22 12:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.12.16 11:54:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.16 11:54:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.16 11:54:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.16 11:54:18 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.16 11:54:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.16 11:54:07 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.15 13:37:24 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.12.15 13:37:24 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.12.15 13:37:14 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.12.15 13:36:18 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.12.15 13:36:16 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.12.15 13:36:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009.01.20 21:46:28 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2012.01.07 18:33:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 18:33:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.07 14:38:59 | 000,699,828 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.07 14:38:59 | 000,655,950 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.07 14:38:59 | 000,157,120 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.07 14:38:59 | 000,128,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.07 14:33:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.07 14:27:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2012.01.07 13:45:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\CoH\Desktop\OTL.exe
[2012.01.06 15:24:47 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.06 15:24:19 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\CoH\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.06 00:24:09 | 000,000,200 | ---- | M] () -- C:\Users\CoH\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2011.12.31 21:26:27 | 000,507,904 | ---- | M] (www.download-sponsor.de) -- C:\Users\CoH\Desktop\ProductKeyFinder.exe
[2011.12.31 21:18:05 | 000,000,907 | ---- | M] () -- C:\Users\CoH\Desktop\Launch Internet Explorer Browser.lnk
[2011.12.31 13:56:05 | 281,128,070 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.12.17 08:57:55 | 000,300,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.01.06 15:24:47 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.06 00:24:09 | 000,000,200 | ---- | C] () -- C:\Users\CoH\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2011.12.31 21:18:05 | 000,000,907 | ---- | C] () -- C:\Users\CoH\Desktop\Launch Internet Explorer Browser.lnk
[2011.12.31 21:16:00 | 000,000,913 | ---- | C] () -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.31 21:15:58 | 000,000,908 | ---- | C] () -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.12.31 21:15:53 | 000,000,879 | ---- | C] () -- C:\Users\CoH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011.12.31 21:15:49 | 000,001,850 | ---- | C] () -- C:\Users\CoH\Desktop\Cyberlink PowerDirector.lnk
[2011.12.31 13:56:05 | 281,128,070 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.08.24 02:16:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011.02.20 22:37:34 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.12.26 01:17:14 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010.12.13 22:25:46 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2010.12.13 22:25:46 | 000,000,003 | ---- | C] () -- C:\Windows\sbacknt.bin
[2010.08.30 20:01:37 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.07.12 18:16:21 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.04.04 23:36:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.20 19:24:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 19:24:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.25 23:21:54 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009.07.23 18:49:04 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdndrs.dll
[2009.05.14 12:46:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdncaps.dll
[2009.01.20 12:57:36 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009.01.20 12:57:36 | 000,105,984 | ---- | C] () -- C:\Windows\FixUVC.exe
[2009.01.20 12:57:36 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini
[2009.01.20 12:56:34 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.01.20 12:56:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009.01.20 12:56:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009.01.20 12:56:34 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009.01.20 12:56:34 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009.01.20 12:56:01 | 000,079,572 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.20 12:55:34 | 000,079,572 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.11.20 12:57:32 | 000,699,828 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.20 12:57:32 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.20 12:57:32 | 000,157,120 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.20 12:57:32 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.20 05:06:51 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.11.20 04:52:53 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.11.20 04:52:53 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.11.20 04:20:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.11 04:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.11.11 04:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.11.11 04:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.11.11 04:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2007.10.02 13:51:10 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdncnv4.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,300,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,655,950 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,128,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:671329E4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:7CACEF61
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:9F683177
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:F65733F1
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:753F86A9
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:F3176E45
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:A42A9F39
< End of report >
--- --- --- |
