| NiCeOnEEE | 15.04.2011 11:01 |
OTL Logs :
1.OTL Logfile: Code:
OTL logfile created on: 15.04.2011 12:20:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ricardo\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,48 Gb Total Space | 258,08 Gb Free Space | 56,66% Space Free | Partition Type: NTFS
Drive R: | 10,28 Gb Total Space | 6,22 Gb Free Space | 60,51% Space Free | Partition Type: NTFS
Computer Name: RICARDO-PC | User Name: Ricardo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Ricardo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
PRC - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Ricardo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (NMIndexingService) -- File not found
SRV - (MSSQLServerADHelper) -- File not found
SRV - (DarkDayMt2) -- File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TunngleService) -- C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)
DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)
DRV - (VMparport) -- C:\Windows\System32\drivers\vmparport.sys (VMware, Inc.)
DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)
DRV - (vmusb) -- C:\Windows\System32\drivers\vmusb.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (vmm) -- C:\Windows\System32\drivers\VMM.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)
DRV - (VPCNetS2) -- C:\Windows\System32\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (HECI) Intel(R) -- C:\Windows\system32\drivers\heci.sys (Intel Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (Cardex) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (JGOGO) -- C:\Windows\system32\drivers\jgogo.sys (JMicron )
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (tandpl) -- C:\Windows\System32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\Windows\System32\drivers\enodpl.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.03.04 17:37:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 19:36:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 19:36:02 | 000,000,000 | ---D | M]
[2011.03.03 22:26:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Extensions
[2011.04.14 16:13:50 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions
[2011.03.03 22:31:47 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.17 23:23:10 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.06 18:39:43 | 000,000,000 | -H-D | M] (Battlefield Play4Free) -- C:\Users\Ricardo\AppData\Roaming\mozilla\Firefox\Profiles\sv7l4vyz.default\extensions\battlefieldplay4free@ea.com
[2011.04.14 16:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.23 20:22:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.11 16:39:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.03.04 17:37:34 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010.06.11 16:39:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.09.21 12:05:20 | 001,193,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv41629.dll
[2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2009.04.08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
[2011.02.19 04:41:40 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.02.19 04:41:40 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.02.19 04:41:40 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.02.19 04:41:40 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.02.19 04:41:40 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.03.08 21:09:17 | 000,000,040 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 50.23.193.194 download.gameclub.com
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [iLeAAmvQHHaC] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\Ricardo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ricardo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\hrthrh2.exe) - File not found
O24 - Desktop WallPaper: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0ca4d0ea-037e-11de-af42-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0ca4d0ea-037e-11de-af42-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:a12cd29504) - C:\Windows\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.15 12:18:36 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Ricardo\Desktop\OTL.exe
[2011.04.14 21:43:59 | 000,000,000 | ---D | C] -- C:\Users\Ricardo\AppData\Roaming\Malwarebytes
[2011.04.14 21:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.14 21:42:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.14 21:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.14 21:42:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.14 21:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.14 18:41:36 | 000,552,960 | -H-- | C] (WinSCP) -- C:\Users\Ricardo\Desktop\test.exe
[2011.04.14 16:27:44 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\MineCraft
[2011.04.10 18:35:54 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\Neuer Ordner
[2011.04.10 17:14:23 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Stronghold 2
[2011.04.10 17:13:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2011.04.10 17:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Firefly Studios
[2011.04.09 21:33:02 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011.04.09 19:06:15 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\Cf Perfect Title Deserve
[2011.04.09 17:12:06 | 1891,178,662 | -H-- | C] (InstallShield Software Corporation ) -- C:\Users\Ricardo\Desktop\levelr.exe
[2011.04.06 19:10:52 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Battlefield Play4Free
[2011.04.04 17:14:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2011.04.04 17:14:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2011.04.03 16:29:23 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Desktop\OverKiller 3.0 with Injector
[2011.04.02 22:28:37 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Roaming\Screaming Bee
[2011.04.02 22:26:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
[2011.04.02 22:26:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2011.03.30 18:04:59 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Local\LogMeIn Hamachi
[2011.03.30 18:02:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.30 18:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.03.25 19:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Tunngle
[2011.03.25 19:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\AppData\Roaming\Tunngle
[2011.03.25 19:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2011.03.25 19:59:48 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\Windows\System32\drivers\tap0901t.sys
[2011.03.25 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2011.03.24 20:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011.03.23 13:50:13 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.03.23 13:50:12 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.03.19 16:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\PBSetup
[2011.03.19 00:26:41 | 000,000,000 | -H-D | C] -- C:\Users\Ricardo\Documents\Battlefield 2
[2011.03.19 00:16:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
[2011.03.19 00:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy
[2009.09.24 14:03:29 | 000,891,392 | -H-- | C] (Microsoft Corporation) -- C:\Users\Ricardo\AppData\Roaming\kernel33.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.15 12:18:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Ricardo\Desktop\OTL.exe
[2011.04.15 11:59:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.15 11:58:10 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.04.15 11:55:14 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.15 11:55:01 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 11:55:00 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 11:54:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.15 11:54:13 | 3220,451,328 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.15 11:50:51 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (5).lnk
[2011.04.15 11:50:42 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (4).lnk
[2011.04.15 11:48:59 | 000,000,104 | ---- | M] () -- C:\Users\Ricardo\Desktop\Papierkorb (2).lnk
[2011.04.15 11:38:25 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9956EA11-3179-4BA7-85BD-7D42D6A00C4A}.job
[2011.04.14 21:57:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2011.04.14 21:42:44 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 19:04:03 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (3).lnk
[2011.04.14 19:00:49 | 000,001,689 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (2).lnk
[2011.04.14 18:41:40 | 000,552,960 | -H-- | M] (WinSCP) -- C:\Users\Ricardo\Desktop\test.exe
[2011.04.13 17:13:27 | 000,007,900 | -HS- | M] () -- C:\Users\Ricardo\Desktop\Folder.jpg
[2011.04.13 17:13:27 | 000,002,280 | -HS- | M] () -- C:\Users\Ricardo\Desktop\AlbumArtSmall.jpg
[2011.04.13 17:12:25 | 009,264,428 | -H-- | M] () -- C:\Users\Ricardo\ts3_recording_11_04_13_17_11_17.wav
[2011.04.12 17:44:27 | 002,778,587 | -H-- | M] () -- C:\Users\Ricardo\Desktop\MineEdit-RELEASE-11212010.7z
[2011.04.11 22:03:35 | 000,770,304 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.11 22:03:35 | 000,724,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.11 22:03:35 | 000,183,176 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.11 22:03:35 | 000,153,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.11 21:58:26 | 003,811,456 | -H-- | M] () -- C:\Users\Ricardo\Desktop\David guetta ft Rihanna - Whos That Chick.mp3
[2011.04.10 17:20:48 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold 2.lnk
[2011.04.09 23:07:21 | 000,000,214 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Garry's Mod.url
[2011.04.09 17:58:27 | 1891,178,662 | -H-- | M] (InstallShield Software Corporation ) -- C:\Users\Ricardo\Desktop\levelr.exe
[2011.04.08 22:53:57 | 000,138,264 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.04.08 22:53:49 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.04.08 18:24:04 | 000,000,743 | -H-- | M] () -- C:\Users\Ricardo\Desktop\KeyBinder.lnk
[2011.04.06 19:10:15 | 000,138,056 | -H-- | M] () -- C:\Users\Ricardo\AppData\Roaming\PnkBstrK.sys
[2011.04.05 17:12:07 | 000,397,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.04 17:14:49 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011.04.03 12:13:21 | 000,000,692 | -H-- | M] () -- C:\Users\Ricardo\Desktop\SaMp.lnk
[2011.03.30 21:42:56 | 000,001,156 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Free YouTube to MP3 Converter.lnk
[2011.03.24 20:03:41 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011.03.19 18:31:44 | 000,001,004 | -H-- | M] () -- C:\Users\Ricardo\Desktop\Battelfield 2.lnk
[2011.03.19 00:17:04 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2011.03.18 14:18:28 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.15 11:51:06 | 000,001,689 | ---- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox - Kopie (2).lnk
[2011.04.15 11:50:51 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (5).lnk
[2011.04.15 11:50:42 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (4).lnk
[2011.04.15 11:48:59 | 000,000,104 | ---- | C] () -- C:\Users\Ricardo\Desktop\Papierkorb (2).lnk
[2011.04.14 21:42:44 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.14 19:17:02 | 3220,451,328 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.14 19:08:28 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox - Kopie.lnk
[2011.04.14 19:04:03 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (3).lnk
[2011.04.14 19:00:49 | 000,001,689 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Mozilla Firefox (2).lnk
[2011.04.13 17:11:22 | 009,264,428 | -H-- | C] () -- C:\Users\Ricardo\ts3_recording_11_04_13_17_11_17.wav
[2011.04.12 17:44:20 | 002,778,587 | -H-- | C] () -- C:\Users\Ricardo\Desktop\MineEdit-RELEASE-11212010.7z
[2011.04.11 21:58:05 | 003,811,456 | -H-- | C] () -- C:\Users\Ricardo\Desktop\David guetta ft Rihanna - Whos That Chick.mp3
[2011.04.10 17:13:53 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold 2.lnk
[2011.04.09 23:07:21 | 000,000,214 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Garry's Mod.url
[2011.04.04 17:14:49 | 000,000,703 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011.04.03 12:13:21 | 000,000,692 | -H-- | C] () -- C:\Users\Ricardo\Desktop\SaMp.lnk
[2011.04.03 12:12:45 | 000,000,743 | -H-- | C] () -- C:\Users\Ricardo\Desktop\KeyBinder.lnk
[2011.03.27 22:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011.03.24 20:03:41 | 000,000,967 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.03.24 20:03:41 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011.03.19 18:31:44 | 000,001,004 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Battelfield 2.lnk
[2011.03.17 23:22:51 | 000,001,156 | -H-- | C] () -- C:\Users\Ricardo\Desktop\Free YouTube to MP3 Converter.lnk
[2011.03.04 14:08:10 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2011.03.03 22:26:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.21 18:48:22 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AuyiliaryDisplayClassInstaller.dll
[2011.02.03 15:40:25 | 000,000,552 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\d3d8caps.dat
[2010.12.14 20:57:04 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.11.27 16:47:13 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.10.22 17:31:31 | 000,053,248 | -H-- | C] () -- C:\Users\Ricardo\AppData\Roaming\chrtmp
[2010.10.09 16:44:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.06.10 22:38:40 | 000,000,440 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.05.14 23:00:35 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.05.07 13:07:14 | 000,000,600 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\PUTTY.RND
[2010.05.06 16:56:25 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2010.05.03 20:51:02 | 000,000,859 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{3DB43E0E-CDC6-49E0-AE19-190E8D0730D7}_sta
[2010.05.03 20:51:00 | 000,000,856 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{3DB43E0E-CDC6-49E0-AE19-190E8D0730D7}_prof
[2010.04.09 23:49:30 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.03.23 22:13:57 | 000,000,095 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\fusioncache.dat
[2010.03.20 16:48:46 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F27BC7BB-9DFF-4157-9B87-EFBEFBB5512E}_sta
[2010.03.20 16:45:42 | 000,000,833 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F27BC7BB-9DFF-4157-9B87-EFBEFBB5512E}_prof
[2009.12.29 01:40:38 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2009.12.29 01:40:38 | 000,000,863 | ---- | C] () -- C:\Windows\unins000.dat
[2009.12.10 20:38:34 | 000,000,340 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.12.01 17:52:12 | 000,036,864 | ---- | C] () -- C:\Windows\uinst001.exe
[2009.10.15 14:15:35 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.09.24 14:03:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 14:03:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.10 21:33:10 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.08.10 21:33:10 | 000,138,056 | -H-- | C] () -- C:\Users\Ricardo\AppData\Roaming\PnkBstrK.sys
[2009.08.10 21:32:57 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.08.10 21:32:50 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.08.10 21:32:46 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.24 20:27:15 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{203ABEFF-3C0C-4603-8DED-363B50D295EE}_sta
[2009.06.24 20:27:12 | 000,000,857 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{203ABEFF-3C0C-4603-8DED-363B50D295EE}_prof
[2009.06.13 19:53:53 | 000,000,882 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{5C4DED7A-A9EC-4E78-A159-6EA8A6C68109}_sta
[2009.06.13 19:53:43 | 000,000,856 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{5C4DED7A-A9EC-4E78-A159-6EA8A6C68109}_prof
[2009.05.29 21:18:42 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2009.05.29 21:18:42 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2009.05.29 21:16:14 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2009.05.29 21:16:14 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
[2009.05.04 15:28:16 | 000,000,859 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F1FB4F9C-7684-4DD9-8541-DC861C626D43}_sta
[2009.05.04 15:26:47 | 000,000,855 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\RT73_{F1FB4F9C-7684-4DD9-8541-DC861C626D43}_prof
[2009.03.30 13:38:55 | 000,048,128 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.29 16:45:07 | 000,001,500 | ---- | C] () -- C:\Windows\eReg.dat
[2009.03.29 16:20:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.03.07 06:26:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.05 17:32:38 | 000,001,356 | -H-- | C] () -- C:\Users\Ricardo\AppData\Local\d3d9caps.dat
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.20 10:00:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.06.20 09:09:17 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.01.21 10:21:25 | 000,770,304 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 10:21:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 10:21:25 | 000,183,176 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 10:21:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.02.07 19:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:44:53 | 000,397,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,724,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,153,850 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.06.07 15:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006.03.07 13:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006.01.10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
========== Files - Unicode (All) ==========
[2010.10.26 15:36:42 | 000,000,000 | -H-D | M](C:\Users\Ricardo\Documents\?? ???) -- C:\Users\Ricardo\Documents\넥슨 플러그
[2010.10.26 15:36:42 | 000,000,000 | -H-D | C](C:\Users\Ricardo\Documents\?? ???) -- C:\Users\Ricardo\Documents\넥슨 플러그
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\Windows:264CCFA4BBACBB5E
< End of report >
--- --- --- |
