> OTL logg verdacht Tro.BHO.O, verdacht auf tojaner bho.o
Hallo Rokop

Ich habe mal wieder ein ungebetenen Gast auf meinem Pc denke ich. Angefangen hat es eben damit das meine Browser nicht mehr funtionierten und nunja nun geht wenigstens Ie wieder ... ich habe mit Malewarebytes gescannt und den Tojaner BHO.O gefunden. Problem ist nun folgendes, der Trojan ist auf einmal nicht mehr findbar Ie geht wieder , firefox leider nicht und mein System kommt mir immernoch infiziert vor. Nun habe ich mal mit OTL ein Logg erstellt, wäre nett wenn ihr euch das mal anschaut.

OTL logfile created on: 08.06.2010 15:15:50 - Run 1
OTL by OldTimer - Version Folder = C:\Users\n3tgh0st\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,68 Gb Total Space | 19,97 Gb Free Space | 26,05% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 8,58 Gb Free Space | 11,52% Space Free | Partition Type: NTFS
Drive E: | 2,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ELITE
Current User Name: n3tgh0st
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\n3tgh0st\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Programme\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
PRC - C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\n3tgh0st\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (RalinkRegistryWriter) -- C:\Programme\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (utczmjuz) -- C:\Windows\System32\drivers\utczmjuz.sys ()
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nvamacpi) -- C:\Windows\system32\DRIVERS\NVAMACPI.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (t3) -- C:\Windows\System32\drivers\t3.sys (Creative Technology Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (cmuda3) -- C:\Windows\System32\drivers\cmudax3.sys (C-Media Inc)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - "ICQ Search"
FF - "XfireXO Customized Web Search"
FF - "{searchTerms}"
FF - "Google"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:
FF - prefs.js..keyword.URL: ""
FF - ""
FF - 445
FF - 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.17 17:36:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.17 17:36:40 | 000,000,000 | ---D | M]

[2009.08.03 16:04:28 | 000,000,000 | ---D | M] -- C:\Users\n3tgh0st\AppData\Roaming\mozilla\Extensions
[2010.06.07 11:59:57 | 000,000,000 | ---D | M] -- C:\Users\n3tgh0st\AppData\Roaming\mozilla\Firefox\Profiles\umn1bxf2.default\extensions
[2010.03.29 01:12:33 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\n3tgh0st\AppData\Roaming\mozilla\Firefox\Profiles\umn1bxf2.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.01.06 05:32:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\n3tgh0st\AppData\Roaming\mozilla\Firefox\Profiles\umn1bxf2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.08.30 16:15:52 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\n3tgh0st\AppData\Roaming\mozilla\Firefox\Profiles\umn1bxf2.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.03.24 16:12:38 | 000,000,917 | ---- | M] () -- C:\Users\n3tgh0st\AppData\Roaming\Mozilla\FireFox\Profiles\umn1bxf2.default\searchplugins\conduit.xml
[2010.06.03 01:04:59 | 000,000,950 | ---- | M] () -- C:\Users\n3tgh0st\AppData\Roaming\Mozilla\FireFox\Profiles\umn1bxf2.default\searchplugins\icqplugin-1.xml
[2009.08.11 17:37:40 | 000,000,822 | ---- | M] () -- C:\Users\n3tgh0st\AppData\Roaming\Mozilla\FireFox\Profiles\umn1bxf2.default\searchplugins\icqplugin.xml
[2010.06.08 15:05:47 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.08.03 16:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - File not found
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - File not found
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} (Java Plug-in 1.6.0_14)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\n3tgh0st\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\n3tgh0st\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003.02.20 00:57:36 | 000,006,578 | R--- | M] () - E:\autorun.apm -- [ CDFS ]
O32 - AutoRun File - [2000.09.05 11:00:00 | 000,532,480 | R--- | M] (Indigo Rose Corporation) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.02.20 00:57:36 | 000,000,029 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{85d629cc-707b-11df-b2c5-001d608d83e0}\Shell - "" = AutoRun
O33 - MountPoints2\{85d629cc-707b-11df-b2c5-001d608d83e0}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found
O33 - MountPoints2\{b0a7a0bd-802d-11de-a1d9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b0a7a0bd-802d-11de-a1d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2000.09.05 11:00:00 | 000,532,480 | R--- | M] (Indigo Rose Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\ [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.06.08 15:14:50 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Users\n3tgh0st\Desktop\OTL.exe
[2010.06.08 14:03:09 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.06.08 13:51:17 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.06.08 12:17:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.06.08 12:17:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.06.08 12:17:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.06.08 12:17:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.06.07 20:56:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stu2.exe
[2010.06.05 11:58:55 | 000,000,000 | ---D | C] -- C:\Programme\avmwlanstick
[2010.06.05 11:58:39 | 000,265,088 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusb.sys
[2010.06.05 11:58:39 | 000,074,752 | ---- | C] (AVM Berlin) -- C:\Windows\System32\fwlanci.dll
[2010.06.05 11:58:39 | 000,004,352 | ---- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmeject.sys
[2010.06.05 11:58:39 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2010.06.05 11:58:38 | 000,000,000 | ---D | C] -- C:\Users\n3tgh0st\AVM_Driver
[2010.06.04 20:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2010.06.04 20:26:21 | 000,054,016 | ---- | C] (OrangeWare Corporation) -- C:\Windows\System32\drivers\ousb2hub.sys
[2010.06.04 20:26:21 | 000,039,040 | ---- | C] (OrangeWare Corporation) -- C:\Windows\System32\drivers\ousbehci.sys
[2010.06.04 20:26:21 | 000,000,000 | ---D | C] -- C:\Windows\Drivers
[2010.06.04 17:51:27 | 000,798,208 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\System32\drivers\netr28u.sys
[2010.06.04 17:51:27 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2010.06.04 17:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2010.06.04 17:51:05 | 000,000,000 | ---D | C] -- C:\Programme\Cisco
[2010.06.04 17:50:51 | 001,585,152 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\RaCertMgr.dll
[2010.06.04 17:50:51 | 000,769,536 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\RAIHV.dll
[2010.06.04 17:50:51 | 000,097,280 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\RAEXTUI.dll
[2010.06.04 17:50:48 | 000,000,000 | ---D | C] -- C:\Programme\Ralink
[2010.06.03 23:26:00 | 000,000,000 | ---D | C] -- C:\Users\n3tgh0st\Desktop\LUI v30001
[2010.05.29 15:07:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010.05.29 15:07:26 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010.05.29 15:07:26 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010.05.24 07:52:29 | 000,000,000 | ---D | C] -- C:\Users\n3tgh0st\Desktop\Neuer Ordner
[2010.05.23 11:04:15 | 000,000,000 | ---D | C] -- C:\Users\n3tgh0st\Desktop\autocad 2010 crack
[2010.05.20 22:20:41 | 000,000,000 | ---D | C] -- C:\Users\n3tgh0st\Desktop\Funz_moddet
[2010.05.20 18:10:00 | 000,000,000 | ---D | C] -- C:\Programme\mp3DirectCut
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.08 15:15:22 | 002,097,152 | -HS- | M] () -- C:\Users\n3tgh0st\NTUSER.DAT
[2010.06.08 15:14:51 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\n3tgh0st\Desktop\OTL.exe
[2010.06.08 15:03:57 | 000,033,164 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.06.08 15:03:57 | 000,033,164 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.06.08 15:03:49 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.08 15:03:49 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.08 15:03:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.08 15:03:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.08 15:03:42 | 3488,079,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.08 15:00:41 | 002,533,939 | -H-- | M] () -- C:\Users\n3tgh0st\AppData\Local\IconCache.db
[2010.06.08 12:17:10 | 003,704,374 | R--- | M] () -- C:\Users\n3tgh0st\Desktop\ComboFix.exe
[2010.06.08 12:03:01 | 000,626,596 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.08 12:03:00 | 001,509,842 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.08 12:03:00 | 000,657,758 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.08 12:03:00 | 000,123,282 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.08 12:03:00 | 000,110,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.07 21:42:42 | 000,239,880 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\mindfuck3.jpg
[2010.06.06 17:37:41 | 043,367,066 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\phpbb_db_backup.sql
[2010.06.06 14:01:53 | 000,027,732 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\olol.png
[2010.06.05 17:31:11 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.06.05 17:25:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.06.04 21:14:43 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.06.03 23:25:49 | 015,829,457 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\LUI
[2010.06.01 18:21:03 | 000,033,187 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\omfg.jpg
[2010.05.29 18:17:03 | 001,806,661 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\PKK.mp3
[2010.05.29 15:36:34 | 000,000,500 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\dre.html
[2010.05.29 15:07:26 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010.05.29 15:07:26 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010.05.29 15:07:26 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010.05.28 17:18:07 | 000,106,811 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\internets_srs_bsns_ninjas.jpg
[2010.05.28 13:11:58 | 001,002,240 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\Bild015.jpg
[2010.05.26 13:03:44 | 000,005,266 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\pic_1186611850_7.jpg
[2010.05.26 13:03:44 | 000,000,848 | ---- | M] () -- C:\Users\n3tgh0st\.recently-used.xbel
[2010.05.24 07:51:51 | 002,797,291 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\funs2(2).rar
[2010.05.23 11:04:11 | 005,281,099 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\autocad_2010_crack.rar
[2010.05.20 18:42:00 | 007,011,193 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\funsupdate.rar
[2010.05.20 18:10:00 | 000,000,852 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\mp3DirectCut.lnk
[2010.05.20 18:09:24 | 000,212,713 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\mp3DC211.exe
[2010.05.20 18:00:43 | 000,148,311 | ---- | M] () -- C:\Users\n3tgh0st\Desktop\WoWScrnShot_052010_175516.jpg
[2010.05.11 20:37:10 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.08 13:09:50 | 3488,079,872 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.08 12:17:40 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.06.08 12:17:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.06.08 12:17:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.06.08 12:17:40 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.06.08 12:17:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.06.07 21:42:41 | 000,239,880 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\mindfuck3.jpg
[2010.06.06 17:37:29 | 043,367,066 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\phpbb_db_backup.sql
[2010.06.06 14:01:53 | 000,027,732 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\olol.png
[2010.06.06 14:00:05 | 000,029,763 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\7f1fa400fec9f33df5465c7c17c866d2.png
[2010.06.05 17:25:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.06.05 11:58:40 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010.06.04 17:51:27 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010.06.03 23:25:00 | 015,829,457 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\LUI
[2010.06.01 18:21:03 | 000,033,187 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\omfg.jpg
[2010.05.29 18:27:59 | 001,806,661 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\PKK.mp3
[2010.05.29 15:08:07 | 001,002,240 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\Bild015.jpg
[2010.05.28 17:18:06 | 000,106,811 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\internets_srs_bsns_ninjas.jpg
[2010.05.26 13:03:44 | 000,000,848 | ---- | C] () -- C:\Users\n3tgh0st\.recently-used.xbel
[2010.05.26 13:01:20 | 000,005,266 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\pic_1186611850_7.jpg
[2010.05.24 07:51:48 | 002,797,291 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\funs2(2).rar
[2010.05.23 11:03:53 | 005,281,099 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\autocad_2010_crack.rar
[2010.05.21 19:57:07 | 000,003,563 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\tunein-station.pls
[2010.05.20 18:10:31 | 007,011,193 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\funsupdate.rar
[2010.05.20 18:10:00 | 000,000,852 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\mp3DirectCut.lnk
[2010.05.20 18:09:24 | 000,212,713 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\mp3DC211.exe
[2010.05.20 18:00:42 | 000,148,311 | ---- | C] () -- C:\Users\n3tgh0st\Desktop\WoWScrnShot_052010_175516.jpg
[2010.05.11 20:37:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.01.07 02:01:41 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\utczmjuz.sys
[2009.12.07 05:27:25 | 000,210,456 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009.12.07 05:27:25 | 000,206,360 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009.12.07 05:27:25 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009.12.07 05:27:25 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009.12.07 05:27:25 | 000,194,072 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009.12.07 05:27:25 | 000,026,136 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009.11.27 18:09:57 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.11.14 09:46:09 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.08.13 15:44:41 | 000,028,672 | ---- | C] () -- C:\Windows\System32\cmrmdrv3.dll
[2009.08.13 15:44:29 | 000,065,536 | R--- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2009.08.13 15:44:29 | 000,000,539 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2009.08.13 15:44:27 | 000,000,727 | R--- | C] () -- C:\Windows\cmudax3.ini
[2009.08.12 21:08:33 | 000,004,626 | ---- | C] () -- C:\Windows\System32\AudioDrv.ini
[2009.08.12 21:08:08 | 000,000,049 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009.08.12 21:07:11 | 000,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini
[2009.08.12 21:07:11 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini
[2009.08.12 21:07:11 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini
[2009.08.12 21:07:11 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini
[2009.08.12 21:07:11 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini
[2009.08.12 21:07:11 | 000,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini
[2009.08.12 21:07:11 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini
[2009.08.12 21:07:11 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini
[2009.08.12 21:07:11 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini
[2009.08.12 21:07:11 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini
[2009.08.12 21:07:11 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini
[2009.08.12 21:07:11 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini
[2009.08.12 21:07:11 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RLI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03FMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03DI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RLI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02FMi.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02DI.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01Mic.ini
[2009.08.12 21:07:11 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01LI.ini
[2009.08.12 21:07:10 | 000,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini
[2009.08.12 21:07:10 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01DI.ini
[2009.08.12 21:06:58 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2009.08.12 21:06:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009.08.12 12:31:35 | 000,065,536 | R--- | C] () -- C:\Windows\VMix.dll
[2009.08.03 16:39:27 | 000,148,992 | ---- | C] () -- C:\Windows\System32\OemSpiE.dll
[2009.08.03 15:47:04 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009.08.03 15:47:03 | 000,009,697 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.08.03 15:46:53 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2009.04.14 15:34:28 | 000,033,080 | ---- | C] () -- C:\Windows\System32\t3.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL
< End of report >

