|
20 tan abfrage bei volksbank online banking - virus hallo erstmal hier im forum ich bin seit 10 minuten angemeldet weil ich hilfe brauche und nicht weiterkomme... das problem ist: der laptop meiner freundin hat ein virus der mit norton und avira nicht erkannt wird,nun habe ich beim online banking eine tan abfrage mit 20 tans und will da nichts eingeben und der weg ist sehr weit zur bank und wir haben kein auto deshalb sind wir auf online banking angewiesen... und noch ein problem : der laptop wurde gekauft mit vista vorinstallliuert das heisst keine cd:( so ich hab mir hier einiges durchgelesen aber nur die hälfte verstanden und mir otl runtergeladen und die files lad ich hier gleich hoch weil ich daraus nicht schlau werde ich brauch dringend eure hilfe danke im vorraus |
bank anrufen, online banking sperren lassen bitte. du wirst warscheinlich nicht drumm rum kommen, ne neue cd zu besorgen. 2. weist du sowieso nie, ob deine instalation ewig hällt, was ich bezweifle. 2. ist die neu instalation das sicherste. lieber geld für windows ausgeben, anstatt den ärger mit nem evtl. geplündertem konto. ich würde aber auf win7 umsteigen. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL O4 - HKCU..\Run: [CatDBcfghid] C:\Users\Matthias\AppData\Local\Cdcfgmm\CatDBcfghid.DLL () O36 - AppCertDlls: atad32 - (C:\Windows\system32\mshtplUI.dll) - C:\Windows\System32\mshtplUI.dll () :Files C:\Users\Matthias\AppData\Local\Cdcfgmm :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort posten. öffne mein computer, c: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. lade das archiv in unserem upload channel hoch. http://www.trojaner-board.de/54791-a...ner-board.html |
OTL logfile created on: 04.02.2011 11:01:14 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\X-RX\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 623,44 Gb Free Space | 66,93% Space Free | Partition Type: NTFS Computer Name: X-RX-PC | User Name: X-RX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.04 10:41:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\X-RX\Downloads\OTL.exe PRC - [2011.01.30 01:38:40 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.2\ICQ.exe PRC - [2011.01.04 22:34:06 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010.12.09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.12.03 20:43:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.12.03 20:43:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.08.02 16:14:12 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010.08.02 16:14:04 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2010.08.02 16:14:03 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2010.08.02 16:14:02 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe PRC - [2010.06.28 12:59:52 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010.04.27 10:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe PRC - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe PRC - [2008.07.04 12:52:14 | 002,072,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe PRC - [2008.02.21 15:58:18 | 000,098,304 | ---- | M] () -- C:\Advanced Wheel Mouse\wh_exec.exe PRC - [2003.12.29 23:33:16 | 000,094,208 | ---- | M] (ICSI Technology Ltd.) -- C:\Windows\Dit.exe PRC - [2003.07.11 10:31:12 | 000,061,440 | ---- | M] (ICSI) -- C:\Windows\DitExp.exe ========== Modules (SafeList) ========== MOD - [2011.02.04 10:41:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\X-RX\Downloads\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010.06.15 16:50:00 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll MOD - [2009.12.29 07:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2009.06.10 22:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll MOD - [2009.06.10 22:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll MOD - [2008.02.21 15:58:18 | 000,036,864 | ---- | M] () -- C:\Advanced Wheel Mouse\wh_hook.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.06.15 16:50:10 | 000,823,288 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.01.30 01:38:40 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.01.12 16:25:15 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.11.29 10:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R) SRV - [2010.11.19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.08.02 16:14:12 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.08.02 16:14:04 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2010.08.02 16:14:03 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010.03.15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.01.30 01:38:41 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.01.14 13:12:39 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.01.14 13:12:39 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010.11.25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore) DRV:64bit: - [2010.09.07 21:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.08.02 16:14:21 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010.07.16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA) DRV:64bit: - [2010.06.29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS) DRV:64bit: - [2010.06.23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.06.15 16:49:48 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV:64bit: - [2010.05.15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:64bit: - [2008.03.17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2007.01.26 09:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k) DRV - [2010.11.03 23:51:56 | 000,014,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64) DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.yahoo.com" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.08 22:51:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.08 22:51:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.01.30 18:18:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.12 16:33:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.03 16:23:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.12.31 02:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\X-RX\AppData\Roaming\mozilla\Extensions [2011.02.04 10:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions [2011.01.24 05:35:22 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2011.01.09 09:28:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.02.03 16:20:11 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.01.09 09:28:24 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2011.01.30 18:18:50 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Toolbar) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} [2011.01.18 05:39:14 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\youtube2mp3@mondayx.de [2011.01.05 19:43:44 | 000,004,140 | ---- | M] () -- C:\Users\X-RX\AppData\Roaming\Mozilla\Firefox\Profiles\h6uxwp6r.default\searchplugins\youtube.xml [2011.02.04 10:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.01.08 15:58:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.01.09 12:28:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.01.08 22:51:08 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.08 22:51:09 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.01.30 18:18:51 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\WOW64\TRUSTCHECKER [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dit] C:\Windows\Dit.exe (ICSI Technology Ltd.) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe () O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [KPeerNexonEU] File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{afadf280-17d5-11e0-9b40-6c626d9fecd9}\Shell - "" = AutoRun O33 - MountPoints2\{afadf280-17d5-11e0-9b40-6c626d9fecd9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{afadf286-17d5-11e0-9b40-6c626d9fecd9}\Shell - "" = AutoRun O33 - MountPoints2\{afadf286-17d5-11e0-9b40-6c626d9fecd9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.04 10:51:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011.02.04 10:20:45 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Task Killer [2011.02.04 10:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Task Killer [2011.02.04 10:20:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Task Killer [2011.02.03 16:24:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Adobe [2011.02.03 16:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.02.03 16:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.02.03 16:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.02.03 16:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2011.02.03 16:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.02.03 16:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2011.02.03 16:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2011.02.03 16:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2011.02.03 16:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NOS [2011.02.01 23:04:46 | 000,000,000 | ---D | C] -- C:\TokensBackup [2011.02.01 22:35:11 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\ICQ [2011.02.01 22:20:45 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll [2011.02.01 22:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\W32 Sdbot WARemoval Tool [2011.02.01 22:20:44 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll [2011.02.01 22:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\W32 Sdbot WARemoval Tool [2011.02.01 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio [2011.02.01 21:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CamStudio [2011.01.31 20:56:45 | 000,266,240 | ---- | C] (ICSI) -- C:\Windows\Dit.DLL [2011.01.31 20:56:45 | 000,094,208 | ---- | C] (ICSI Technology Ltd.) -- C:\Windows\Dit.exe [2011.01.31 20:56:45 | 000,061,440 | ---- | C] (ICSI) -- C:\Windows\DitExp.exe [2011.01.31 20:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi-Card Reader & Flash Disk [2011.01.30 21:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2011.01.30 21:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2011.01.30 21:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2011.01.30 19:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moleskinsoft Directory Size 2.4 [2011.01.30 19:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Moleskinsoft Directory Size 2.4 [2011.01.30 01:41:38 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Avira [2011.01.30 01:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.01.30 01:33:19 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.01.30 01:33:19 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.01.30 01:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.01.30 01:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.01.30 00:54:57 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys [2011.01.30 00:54:57 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys [2011.01.30 00:54:57 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys [2011.01.30 00:54:57 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys [2011.01.30 00:54:54 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys [2011.01.30 00:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security [2011.01.30 00:54:53 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\PC Tools [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2011.01.30 00:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.01.30 00:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2011.01.29 23:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU [2011.01.29 21:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon [2011.01.29 20:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon [2011.01.29 20:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS [2011.01.29 19:48:44 | 000,000,000 | ---D | C] -- C:\Download [2011.01.29 19:48:13 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2011.01.28 18:01:32 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\FOMM [2011.01.28 15:59:48 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\ForceField Shared Files [2011.01.28 15:59:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\CheckPoint [2011.01.28 15:59:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2011.01.28 15:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm-Sicherheit [2011.01.28 15:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2011.01.28 15:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm [2011.01.28 15:59:01 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\SysWow64\vsutil_loc0407.dll [2011.01.28 15:59:00 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll [2011.01.28 15:58:43 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2011.01.28 15:58:15 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll [2011.01.28 15:58:15 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll [2011.01.28 15:58:05 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll [2011.01.28 15:58:01 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll [2011.01.28 15:58:01 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll [2011.01.28 15:58:00 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll [2011.01.28 15:58:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs [2011.01.28 15:57:59 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll [2011.01.28 15:57:57 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll [2011.01.28 15:57:50 | 000,458,840 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys [2011.01.28 15:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs [2011.01.28 15:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2011.01.28 15:57:22 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll [2011.01.28 15:57:22 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll [2011.01.28 15:57:22 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.01.28 14:39:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Malwarebytes [2011.01.28 14:39:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.01.28 14:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.01.28 14:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.28 14:39:01 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.01.28 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.01.28 13:55:21 | 000,000,000 | ---D | C] -- C:\test [2011.01.28 12:10:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.01.28 09:42:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.01.28 09:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.01.28 09:42:06 | 002,828,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2011.01.28 09:42:06 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.01.28 09:42:06 | 002,328,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2011.01.28 09:42:06 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2011.01.28 09:42:06 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2011.01.28 09:42:06 | 000,626,792 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2011.01.28 09:42:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.01.28 09:42:06 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.01.28 09:42:06 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2011.01.28 09:42:06 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2011.01.28 09:42:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.01.28 09:42:06 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.01.28 09:42:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.01.28 09:42:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.01.28 09:42:06 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2011.01.28 09:42:06 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll [2011.01.28 09:42:06 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.01.28 09:42:06 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2011.01.28 09:42:06 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.01.28 09:42:06 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2011.01.28 09:42:06 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2011.01.28 09:42:05 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.01.28 09:42:05 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2011.01.28 09:42:05 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2011.01.28 09:42:05 | 000,608,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2011.01.28 09:42:05 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2011.01.28 09:42:05 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2011.01.28 09:42:05 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2011.01.28 09:42:05 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.01.28 09:42:05 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.01.28 09:42:05 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.01.28 09:42:05 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2011.01.28 09:42:05 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2011.01.28 09:42:05 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2011.01.28 09:42:05 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2011.01.28 09:42:01 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.01.28 09:42:01 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011.01.28 09:42:01 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011.01.28 09:42:01 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011.01.28 09:42:01 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011.01.28 09:42:01 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011.01.28 09:42:01 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011.01.28 09:42:01 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011.01.28 09:42:01 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011.01.28 09:42:01 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011.01.28 09:42:01 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011.01.28 09:42:01 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011.01.28 09:42:01 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011.01.28 09:42:00 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2011.01.28 09:42:00 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2011.01.28 09:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.01.28 09:41:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.01.28 09:41:57 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.01.28 09:25:33 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphic Equalizer Studio 2010 [2011.01.28 09:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PAS-Products [2011.01.24 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\CAPCOM [2011.01.24 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\CAPCOM [2011.01.24 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM [2011.01.24 19:30:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\oundergarden [2011.01.24 16:53:38 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard [2011.01.23 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi-ICQ [2011.01.23 11:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multi-ICQ [2011.01.21 11:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.01.21 11:42:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.01.21 11:42:08 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Skype [2011.01.21 11:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.01.18 04:59:06 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\OpenOffice.org [2011.01.18 04:53:21 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 [2011.01.18 04:50:56 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\OpenOffice.org 3.2 (de) Installation Files [2011.01.18 04:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.01.17 12:33:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\vlc [2011.01.17 12:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.01.17 12:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2011.01.16 15:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2011.01.16 15:35:34 | 000,000,000 | ---D | C] -- C:\Fraps [2011.01.15 02:10:34 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\SKIDROW [2011.01.14 23:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse [2011.01.14 23:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revoltec [2011.01.14 23:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gaming Mouse [2011.01.14 23:26:03 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse [2011.01.14 23:26:02 | 000,000,000 | ---D | C] -- C:\Advanced Wheel Mouse [2011.01.14 21:18:48 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Cross Fire [2011.01.14 21:18:48 | 000,000,000 | ---D | C] -- C:\CFLog [2011.01.14 21:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games [2011.01.14 19:37:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011.01.14 19:34:26 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Free Download Manager [2011.01.14 19:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager [2011.01.14 19:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeDownloadManager.ORG [2011.01.14 19:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Atari [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Atari [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Atari [2011.01.14 13:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2011.01.14 04:59:27 | 000,000,000 | R-SD | C] -- C:\Users\X-RX\Documents\My Stationery [2011.01.13 05:23:54 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.01.13 05:23:54 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.01.11 21:34:51 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\w54 [2011.01.11 21:33:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\VDownloader [2011.01.11 21:33:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\VDownloader [2011.01.11 21:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011.01.11 21:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader [2011.01.11 21:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDownloader [2011.01.11 19:41:04 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\Kings Of Leon - Come Around Sundown (2010)320@BSBT [2011.01.09 17:02:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Games for Windows - LIVE Demos [2011.01.09 12:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.01.09 12:28:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.01.09 12:28:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.01.09 12:28:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.01.08 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Local [2011.01.08 22:50:56 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\DivX [2011.01.08 22:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.01.08 22:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.01.08 22:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.01.08 22:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.01.08 22:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.01.08 21:01:41 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\xbox360cwe [2011.01.08 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BestGameEver [2011.01.08 20:18:05 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Amnesia [2011.01.08 15:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2011.01.08 15:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.01.08 15:58:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.01.08 15:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.01.08 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\kikin [2011.01.08 15:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kikin [2011.01.08 15:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011.01.08 14:51:44 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Ubisoft [2011.01.08 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011.01.08 13:04:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011.01.08 11:53:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Meine empfangenen Dateien [2011.01.08 11:48:59 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Tracing [2011.01.08 11:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2011.01.08 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.01.08 11:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2011.01.08 11:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011.01.08 11:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2011.01.08 11:44:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.01.08 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{DB3FAB4D-7749-407F-89E1-D27DB8CF9BBC} [2011.01.08 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{744334AF-A368-4ADB-A3E8-C7F1DA89C22F} [2011.01.06 21:39:32 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Darksiders [2011.01.06 21:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2011.01.06 21:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ [2011.01.06 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{4AC5916B-D5F6-47A7-AE53-8BC07489220F} [2011.01.06 15:43:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Windows Live Writer [2011.01.06 15:43:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Windows Live Writer [2011.01.05 23:34:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.01.05 23:16:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\ESET [2011.01.05 23:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beat Hazard [2011.01.05 23:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Beat Hazard [2011.01.05 22:09:14 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Beat Hazard [2011.01.05 22:06:23 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2011.01.05 20:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.01.05 20:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2011.01.05 20:22:02 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2011.01.05 20:22:02 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2011.01.05 20:22:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2011.01.05 20:22:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2011.01.05 20:21:09 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.01.05 20:21:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.01.05 20:21:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.01.05 20:21:08 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.01.05 20:21:08 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.01.05 20:21:08 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.01.05 20:21:08 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.01.05 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Windows Live [2011.01.05 20:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2011.01.05 20:11:12 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\GetRightToGo [2011.01.05 20:11:12 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Downloads [2011.01.05 20:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.2 [2011.01.05 20:04:51 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\ICQ [2011.01.05 20:04:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\AOL [2011.01.05 20:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2011.01.05 19:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2011.01.05 09:20:44 | 000,396,152 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.04 10:52:50 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2011.02.04 10:52:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.04 10:52:37 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys [2011.02.04 10:52:03 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.04 10:52:03 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.04 10:26:05 | 326,318,747 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.02.04 10:20:45 | 000,001,076 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\Task Killer.lnk [2011.02.04 10:20:45 | 000,001,052 | ---- | M] () -- C:\Users\X-RX\Desktop\Task Killer.lnk [2011.02.03 16:27:04 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.02.03 16:27:04 | 000,641,468 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.02.03 16:27:04 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.02.03 16:27:04 | 000,125,856 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.02.03 16:27:04 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.02.03 16:23:09 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.02.03 16:20:23 | 000,001,940 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011.02.02 22:57:16 | 000,000,787 | ---- | M] () -- C:\Users\X-RX\Desktop\JustCause2 - Kopie - Verknüpfung.lnk [2011.02.01 22:58:20 | 000,007,601 | ---- | M] () -- C:\Users\X-RX\AppData\Local\Resmon.ResmonCfg [2011.02.01 22:20:45 | 000,002,124 | ---- | M] () -- C:\Users\X-RX\Desktop\W32 Sdbot WARemoval Tool.lnk [2011.02.01 21:49:26 | 048,362,496 | ---- | M] () -- C:\Users\X-RX\Desktop\rrr.avi [2011.02.01 21:46:45 | 000,001,566 | ---- | M] () -- C:\Users\X-RX\Desktop\EASYBOX - Verknüpfung.lnk [2011.02.01 21:42:58 | 000,827,392 | ---- | M] () -- C:\Users\X-RX\Desktop\ff.avi [2011.02.01 21:41:53 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk [2011.02.01 21:41:21 | 004,073,472 | ---- | M] () -- C:\Users\X-RX\Desktop\Camstudio-2-0.exe [2011.02.01 17:08:05 | 000,420,801 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2011.01.31 20:53:44 | 000,000,507 | ---- | M] () -- C:\Windows\ICCLR.INF [2011.01.31 20:53:44 | 000,000,260 | ---- | M] () -- C:\Windows\Dit.INI [2011.01.31 20:53:43 | 000,266,240 | ---- | M] (ICSI) -- C:\Windows\Dit.DLL [2011.01.30 21:34:01 | 000,288,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.01.30 21:28:50 | 001,407,286 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.01.30 19:26:07 | 000,630,986 | ---- | M] () -- C:\Users\X-RX\Desktop\Unbenannt.jpg [2011.01.30 19:23:40 | 000,001,089 | ---- | M] () -- C:\Users\X-RX\Desktop\Directory Size 2.4.lnk [2011.01.30 18:41:12 | 000,001,359 | ---- | M] () -- C:\Users\X-RX\Desktop\TheUndergarden - Verknüpfung.lnk [2011.01.30 18:41:11 | 000,000,691 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2011.01.30 01:38:41 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.01.30 01:33:56 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.01.30 00:54:54 | 000,002,064 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2011.01.30 00:43:07 | 000,511,968 | ---- | M] () -- C:\Users\X-RX\Desktop\sdsetup2011.exe [2011.01.29 23:32:22 | 000,001,630 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk [2011.01.29 23:06:27 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2011.01.29 23:06:27 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2011.01.29 21:43:38 | 006,220,854 | ---- | M] () -- C:\Users\X-RX\Desktop\Neue Bitmap.bmp [2011.01.28 19:51:40 | 000,001,399 | ---- | M] () -- C:\Users\X-RX\Desktop\fose_loader - Verknüpfung.lnk [2011.01.28 15:59:03 | 000,001,070 | ---- | M] () -- C:\Users\X-RX\Desktop\ZoneAlarm Security.lnk [2011.01.28 15:59:02 | 000,005,977 | ---- | M] () -- C:\Windows\SysWow64\vsconfig.xml [2011.01.28 14:39:04 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.28 09:25:34 | 000,001,049 | ---- | M] () -- C:\Users\X-RX\Desktop\Graphic Equalizer Studio 2010.lnk [2011.01.26 05:24:46 | 000,028,161 | ---- | M] () -- C:\Users\X-RX\Documents\xrx pc.3dr [2011.01.24 22:42:59 | 000,001,694 | ---- | M] () -- C:\Users\X-RX\Desktop\DevilMayCry4_DX10 - Verknüpfung.lnk [2011.01.24 16:53:38 | 000,000,628 | ---- | M] () -- C:\Users\X-RX\Desktop\Beat Hazard.lnk [2011.01.23 12:00:21 | 000,001,839 | ---- | M] () -- C:\Users\X-RX\Desktop\ICQ 7 Multi Starter.lnk [2011.01.23 11:57:32 | 002,114,306 | ---- | M] (murb.com ) -- C:\Users\X-RX\Desktop\Multi-ICQ 1.4 Setup.exe [2011.01.21 11:42:10 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.18 04:53:21 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk [2011.01.16 17:59:14 | 000,000,217 | ---- | M] () -- C:\Users\X-RX\Desktop\ICQ Spiele.url [2011.01.16 15:35:35 | 000,000,566 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2011.01.15 02:15:59 | 000,001,042 | ---- | M] () -- C:\Users\X-RX\Desktop\BeatHazard - Verknüpfung.lnk [2011.01.14 23:36:35 | 000,000,039 | ---- | M] () -- C:\Users\X-RX\Documents\rzhxf.gpr [2011.01.14 23:31:44 | 000,000,030 | ---- | M] () -- C:\Users\X-RX\Documents\3 kilck.gpr [2011.01.14 23:26:48 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\FightMouse Pro.lnk [2011.01.14 19:34:22 | 000,000,981 | ---- | M] () -- C:\Users\X-RX\Desktop\Free Download Manager.lnk [2011.01.14 13:12:39 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.01.14 13:12:39 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.01.13 21:58:14 | 000,000,220 | ---- | M] () -- C:\Users\X-RX\Desktop\The Chronicles of Riddick Assault on Dark Athena.url [2011.01.11 21:33:41 | 000,001,891 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk [2011.01.11 21:33:41 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\xfbxb.lnk [2011.01.08 22:51:12 | 000,001,611 | ---- | M] () -- C:\Users\X-RX\Desktop\DivX Movies.lnk [2011.01.08 22:50:52 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011.01.08 22:50:35 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.01.08 20:42:13 | 000,000,219 | ---- | M] () -- C:\Users\X-RX\Desktop\Counter-Strike Source.url [2011.01.08 15:59:10 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.01.06 21:38:48 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk [2011.01.05 23:26:29 | 000,000,173 | ---- | M] () -- C:\Users\X-RX\Desktop\ttzxz86663344.sav [2011.01.05 23:26:29 | 000,000,173 | ---- | M] () -- C:\Users\X-RX\Desktop\savegame4.sav [2011.01.05 20:05:17 | 000,001,852 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.2.lnk [2011.01.05 20:05:17 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2011.01.05 19:01:17 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\st.lnk [2011.01.05 18:38:16 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.04 10:20:45 | 000,001,076 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\Task Killer.lnk [2011.02.04 10:20:45 | 000,001,052 | ---- | C] () -- C:\Users\X-RX\Desktop\Task Killer.lnk [2011.02.03 16:23:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.02.03 16:23:09 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.02.03 16:20:23 | 000,001,940 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011.02.02 22:57:16 | 000,000,787 | ---- | C] () -- C:\Users\X-RX\Desktop\JustCause2 - Kopie - Verknüpfung.lnk [2011.02.01 22:20:45 | 000,002,124 | ---- | C] () -- C:\Users\X-RX\Desktop\W32 Sdbot WARemoval Tool.lnk [2011.02.01 21:50:03 | 048,362,496 | ---- | C] () -- C:\Users\X-RX\Desktop\rrr.avi [2011.02.01 21:43:16 | 000,827,392 | ---- | C] () -- C:\Users\X-RX\Desktop\ff.avi [2011.02.01 21:41:53 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk [2011.02.01 21:41:00 | 004,073,472 | ---- | C] () -- C:\Users\X-RX\Desktop\Camstudio-2-0.exe [2011.01.31 20:56:45 | 000,000,260 | ---- | C] () -- C:\Windows\Dit.INI [2011.01.31 20:54:48 | 000,000,507 | ---- | C] () -- C:\Windows\ICCLR.INF [2011.01.30 19:23:40 | 000,001,089 | ---- | C] () -- C:\Users\X-RX\Desktop\Directory Size 2.4.lnk [2011.01.30 18:45:36 | 000,630,986 | ---- | C] () -- C:\Users\X-RX\Desktop\Unbenannt.jpg [2011.01.30 01:33:56 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.01.30 00:54:59 | 001,407,286 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.01.30 00:54:54 | 000,002,064 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2011.01.30 00:44:18 | 000,511,968 | ---- | C] () -- C:\Users\X-RX\Desktop\sdsetup2011.exe [2011.01.29 23:32:22 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk [2011.01.29 20:18:52 | 006,220,854 | ---- | C] () -- C:\Users\X-RX\Desktop\Neue Bitmap.bmp [2011.01.29 19:48:13 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2011.01.28 19:51:40 | 000,001,399 | ---- | C] () -- C:\Users\X-RX\Desktop\fose_loader - Verknüpfung.lnk [2011.01.28 15:59:03 | 000,001,070 | ---- | C] () -- C:\Users\X-RX\Desktop\ZoneAlarm Security.lnk [2011.01.28 15:59:02 | 000,005,977 | ---- | C] () -- C:\Windows\SysWow64\vsconfig.xml [2011.01.28 15:57:57 | 000,420,801 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2011.01.28 14:39:04 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.28 09:25:34 | 000,001,049 | ---- | C] () -- C:\Users\X-RX\Desktop\Graphic Equalizer Studio 2010.lnk [2011.01.26 05:24:46 | 000,028,161 | ---- | C] () -- C:\Users\X-RX\Documents\xrx pc.3dr [2011.01.24 22:42:59 | 000,001,694 | ---- | C] () -- C:\Users\X-RX\Desktop\DevilMayCry4_DX10 - Verknüpfung.lnk [2011.01.24 22:32:35 | 000,001,359 | ---- | C] () -- C:\Users\X-RX\Desktop\TheUndergarden - Verknüpfung.lnk [2011.01.24 18:50:00 | 415,734,816 | ---- | C] () -- C:\Users\X-RX\Desktop\asrym-dtn.bin [2011.01.24 16:53:38 | 000,000,628 | ---- | C] () -- C:\Users\X-RX\Desktop\Beat Hazard.lnk [2011.01.23 12:00:21 | 000,001,839 | ---- | C] () -- C:\Users\X-RX\Desktop\ICQ 7 Multi Starter.lnk [2011.01.21 11:42:10 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.18 04:53:21 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk [2011.01.16 18:23:58 | 000,007,601 | ---- | C] () -- C:\Users\X-RX\AppData\Local\Resmon.ResmonCfg [2011.01.16 17:59:14 | 000,000,217 | ---- | C] () -- C:\Users\X-RX\Desktop\ICQ Spiele.url [2011.01.16 15:35:35 | 000,000,566 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2011.01.15 02:44:49 | 000,001,566 | ---- | C] () -- C:\Users\X-RX\Desktop\EASYBOX - Verknüpfung.lnk [2011.01.15 02:15:59 | 000,001,042 | ---- | C] () -- C:\Users\X-RX\Desktop\BeatHazard - Verknüpfung.lnk [2011.01.14 23:36:34 | 000,000,039 | ---- | C] () -- C:\Users\X-RX\Documents\rzhxf.gpr [2011.01.14 23:31:43 | 000,000,030 | ---- | C] () -- C:\Users\X-RX\Documents\3 kilck.gpr [2011.01.14 23:26:48 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\FightMouse Pro.lnk [2011.01.14 23:17:49 | 000,009,600 | ---- | C] () -- C:\Windows\SysNative\drivers\whfltr2k.sys [2011.01.14 19:34:22 | 000,000,981 | ---- | C] () -- C:\Users\X-RX\Desktop\Free Download Manager.lnk [2011.01.14 13:12:39 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.01.14 13:12:39 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.01.13 21:58:14 | 000,000,220 | ---- | C] () -- C:\Users\X-RX\Desktop\The Chronicles of Riddick Assault on Dark Athena.url [2011.01.11 21:33:41 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2011.01.11 21:33:41 | 000,001,891 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk [2011.01.11 21:33:41 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\xfbxb.lnk [2011.01.09 17:02:28 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011.01.08 22:51:12 | 000,001,611 | ---- | C] () -- C:\Users\X-RX\Desktop\DivX Movies.lnk [2011.01.08 22:50:52 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011.01.08 22:50:35 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.01.08 20:42:12 | 000,000,219 | ---- | C] () -- C:\Users\X-RX\Desktop\Counter-Strike Source.url [2011.01.08 15:59:10 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.01.06 21:38:48 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk [2011.01.05 23:26:29 | 000,000,173 | ---- | C] () -- C:\Users\X-RX\Desktop\ttzxz86663344.sav [2011.01.05 23:26:29 | 000,000,173 | ---- | C] () -- C:\Users\X-RX\Desktop\savegame4.sav [2011.01.05 20:05:17 | 000,001,852 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.2.lnk [2011.01.05 20:05:17 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.06.23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2005.08.15 14:14:54 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\frapsvid.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:DFC5A2B2 |
OTL logfile created on: 04.02.2011 11:01:14 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\X-RX\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 623,44 Gb Free Space | 66,93% Space Free | Partition Type: NTFS Computer Name: X-RX-PC | User Name: X-RX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.04 10:41:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\X-RX\Downloads\OTL.exe PRC - [2011.01.30 01:38:40 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.2\ICQ.exe PRC - [2011.01.04 22:34:06 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010.12.09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.12.03 20:43:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.12.03 20:43:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.08.02 16:14:12 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010.08.02 16:14:04 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2010.08.02 16:14:03 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2010.08.02 16:14:02 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe PRC - [2010.06.28 12:59:52 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010.04.27 10:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe PRC - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe PRC - [2008.07.04 12:52:14 | 002,072,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe PRC - [2008.02.21 15:58:18 | 000,098,304 | ---- | M] () -- C:\Advanced Wheel Mouse\wh_exec.exe PRC - [2003.12.29 23:33:16 | 000,094,208 | ---- | M] (ICSI Technology Ltd.) -- C:\Windows\Dit.exe PRC - [2003.07.11 10:31:12 | 000,061,440 | ---- | M] (ICSI) -- C:\Windows\DitExp.exe ========== Modules (SafeList) ========== MOD - [2011.02.04 10:41:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\X-RX\Downloads\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010.06.15 16:50:00 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll MOD - [2009.12.29 07:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2009.06.10 22:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll MOD - [2009.06.10 22:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll MOD - [2008.02.21 15:58:18 | 000,036,864 | ---- | M] () -- C:\Advanced Wheel Mouse\wh_hook.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.06.15 16:50:10 | 000,823,288 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.01.30 01:38:40 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.01.12 16:25:15 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.11.29 10:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R) SRV - [2010.11.19 06:57:14 | 001,150,936 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.08.02 16:14:12 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.08.02 16:14:04 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2010.08.02 16:14:03 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2010.03.15 14:02:36 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.01.30 01:38:41 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.01.14 13:12:39 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.01.14 13:12:39 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010.11.25 10:43:26 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore) DRV:64bit: - [2010.09.07 21:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.08.02 16:14:21 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010.07.16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA) DRV:64bit: - [2010.06.29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS) DRV:64bit: - [2010.06.23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.06.15 16:49:48 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV:64bit: - [2010.05.15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:64bit: - [2008.03.17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2007.01.26 09:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k) DRV - [2010.11.03 23:51:56 | 000,014,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64) DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.yahoo.com" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7 FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.08 22:51:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.08 22:51:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.01.30 18:18:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.12 16:33:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.03 16:23:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.12.31 02:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\X-RX\AppData\Roaming\mozilla\Extensions [2011.02.04 10:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions [2011.01.24 05:35:22 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2011.01.09 09:28:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.02.03 16:20:11 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.01.09 09:28:24 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2011.01.30 18:18:50 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Toolbar) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} [2011.01.18 05:39:14 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\X-RX\AppData\Roaming\mozilla\Firefox\Profiles\h6uxwp6r.default\extensions\youtube2mp3@mondayx.de [2011.01.05 19:43:44 | 000,004,140 | ---- | M] () -- C:\Users\X-RX\AppData\Roaming\Mozilla\Firefox\Profiles\h6uxwp6r.default\searchplugins\youtube.xml [2011.02.04 10:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.01.08 15:58:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.01.09 12:28:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.01.08 22:51:08 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.08 22:51:09 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.01.30 18:18:51 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\WOW64\TRUSTCHECKER [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dit] C:\Windows\Dit.exe (ICSI Technology Ltd.) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe () O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [KPeerNexonEU] File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{afadf280-17d5-11e0-9b40-6c626d9fecd9}\Shell - "" = AutoRun O33 - MountPoints2\{afadf280-17d5-11e0-9b40-6c626d9fecd9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{afadf286-17d5-11e0-9b40-6c626d9fecd9}\Shell - "" = AutoRun O33 - MountPoints2\{afadf286-17d5-11e0-9b40-6c626d9fecd9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.04 10:51:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011.02.04 10:20:45 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Task Killer [2011.02.04 10:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Task Killer [2011.02.04 10:20:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Task Killer [2011.02.03 16:24:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Adobe [2011.02.03 16:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.02.03 16:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.02.03 16:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.02.03 16:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2011.02.03 16:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.02.03 16:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2011.02.03 16:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2011.02.03 16:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2011.02.03 16:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NOS [2011.02.01 23:04:46 | 000,000,000 | ---D | C] -- C:\TokensBackup [2011.02.01 22:35:11 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\ICQ [2011.02.01 22:20:45 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll [2011.02.01 22:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\W32 Sdbot WARemoval Tool [2011.02.01 22:20:44 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll [2011.02.01 22:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\W32 Sdbot WARemoval Tool [2011.02.01 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio [2011.02.01 21:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CamStudio [2011.01.31 20:56:45 | 000,266,240 | ---- | C] (ICSI) -- C:\Windows\Dit.DLL [2011.01.31 20:56:45 | 000,094,208 | ---- | C] (ICSI Technology Ltd.) -- C:\Windows\Dit.exe [2011.01.31 20:56:45 | 000,061,440 | ---- | C] (ICSI) -- C:\Windows\DitExp.exe [2011.01.31 20:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi-Card Reader & Flash Disk [2011.01.30 21:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2011.01.30 21:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2011.01.30 21:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2011.01.30 19:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moleskinsoft Directory Size 2.4 [2011.01.30 19:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Moleskinsoft Directory Size 2.4 [2011.01.30 01:41:38 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Avira [2011.01.30 01:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.01.30 01:33:19 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.01.30 01:33:19 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.01.30 01:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.01.30 01:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.01.30 00:54:57 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys [2011.01.30 00:54:57 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys [2011.01.30 00:54:57 | 000,331,368 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys [2011.01.30 00:54:57 | 000,136,168 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys [2011.01.30 00:54:54 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys [2011.01.30 00:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security [2011.01.30 00:54:53 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\PC Tools [2011.01.30 00:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2011.01.30 00:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.01.30 00:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2011.01.29 23:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU [2011.01.29 21:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon [2011.01.29 20:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon [2011.01.29 20:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS [2011.01.29 19:48:44 | 000,000,000 | ---D | C] -- C:\Download [2011.01.29 19:48:13 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2011.01.28 18:01:32 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\FOMM [2011.01.28 15:59:48 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\ForceField Shared Files [2011.01.28 15:59:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\CheckPoint [2011.01.28 15:59:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2011.01.28 15:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm-Sicherheit [2011.01.28 15:59:06 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2011.01.28 15:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm [2011.01.28 15:59:01 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\SysWow64\vsutil_loc0407.dll [2011.01.28 15:59:00 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsregexp.dll [2011.01.28 15:58:43 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2011.01.28 15:58:15 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcommdb.dll [2011.01.28 15:58:15 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zlcomm.dll [2011.01.28 15:58:05 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vswmi.dll [2011.01.28 15:58:01 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\zpeng25.dll [2011.01.28 15:58:01 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsxml.dll [2011.01.28 15:58:00 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vspubapi.dll [2011.01.28 15:58:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs [2011.01.28 15:57:59 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsmonapi.dll [2011.01.28 15:57:57 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsdata.dll [2011.01.28 15:57:50 | 000,458,840 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys [2011.01.28 15:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs [2011.01.28 15:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2011.01.28 15:57:22 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsutil.dll [2011.01.28 15:57:22 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysWow64\vsinit.dll [2011.01.28 15:57:22 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.01.28 14:39:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Malwarebytes [2011.01.28 14:39:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.01.28 14:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.01.28 14:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.28 14:39:01 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.01.28 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.01.28 13:55:21 | 000,000,000 | ---D | C] -- C:\test [2011.01.28 12:10:15 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.01.28 09:42:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.01.28 09:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.01.28 09:42:06 | 002,828,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2011.01.28 09:42:06 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.01.28 09:42:06 | 002,328,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2011.01.28 09:42:06 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2011.01.28 09:42:06 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2011.01.28 09:42:06 | 000,626,792 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2011.01.28 09:42:06 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.01.28 09:42:06 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.01.28 09:42:06 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2011.01.28 09:42:06 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2011.01.28 09:42:06 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.01.28 09:42:06 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.01.28 09:42:06 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.01.28 09:42:06 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.01.28 09:42:06 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2011.01.28 09:42:06 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll [2011.01.28 09:42:06 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.01.28 09:42:06 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2011.01.28 09:42:06 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.01.28 09:42:06 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2011.01.28 09:42:06 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2011.01.28 09:42:05 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.01.28 09:42:05 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2011.01.28 09:42:05 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2011.01.28 09:42:05 | 000,608,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2011.01.28 09:42:05 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2011.01.28 09:42:05 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2011.01.28 09:42:05 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2011.01.28 09:42:05 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.01.28 09:42:05 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.01.28 09:42:05 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.01.28 09:42:05 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2011.01.28 09:42:05 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2011.01.28 09:42:05 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2011.01.28 09:42:05 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2011.01.28 09:42:01 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.01.28 09:42:01 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011.01.28 09:42:01 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011.01.28 09:42:01 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011.01.28 09:42:01 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011.01.28 09:42:01 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011.01.28 09:42:01 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011.01.28 09:42:01 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011.01.28 09:42:01 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011.01.28 09:42:01 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011.01.28 09:42:01 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011.01.28 09:42:01 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011.01.28 09:42:01 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011.01.28 09:42:00 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2011.01.28 09:42:00 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2011.01.28 09:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.01.28 09:41:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.01.28 09:41:57 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.01.28 09:25:33 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphic Equalizer Studio 2010 [2011.01.28 09:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PAS-Products [2011.01.24 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\CAPCOM [2011.01.24 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\CAPCOM [2011.01.24 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM [2011.01.24 19:30:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\oundergarden [2011.01.24 16:53:38 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard [2011.01.23 11:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi-ICQ [2011.01.23 11:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multi-ICQ [2011.01.21 11:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.01.21 11:42:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.01.21 11:42:08 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Skype [2011.01.21 11:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.01.18 04:59:06 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\OpenOffice.org [2011.01.18 04:53:21 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 [2011.01.18 04:50:56 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\OpenOffice.org 3.2 (de) Installation Files [2011.01.18 04:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.01.17 12:33:10 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\vlc [2011.01.17 12:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.01.17 12:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2011.01.16 15:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2011.01.16 15:35:34 | 000,000,000 | ---D | C] -- C:\Fraps [2011.01.15 02:10:34 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\SKIDROW [2011.01.14 23:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse [2011.01.14 23:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revoltec [2011.01.14 23:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gaming Mouse [2011.01.14 23:26:03 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced Wheel Mouse [2011.01.14 23:26:02 | 000,000,000 | ---D | C] -- C:\Advanced Wheel Mouse [2011.01.14 21:18:48 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Cross Fire [2011.01.14 21:18:48 | 000,000,000 | ---D | C] -- C:\CFLog [2011.01.14 21:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games [2011.01.14 19:37:16 | 000,000,000 | ---D | C] -- C:\Downloads [2011.01.14 19:34:26 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Free Download Manager [2011.01.14 19:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager [2011.01.14 19:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeDownloadManager.ORG [2011.01.14 19:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Atari [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Atari [2011.01.14 13:13:35 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Atari [2011.01.14 13:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2011.01.14 04:59:27 | 000,000,000 | R-SD | C] -- C:\Users\X-RX\Documents\My Stationery [2011.01.13 05:23:54 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.01.13 05:23:54 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.01.11 21:34:51 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\w54 [2011.01.11 21:33:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\VDownloader [2011.01.11 21:33:46 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\VDownloader [2011.01.11 21:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2011.01.11 21:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader [2011.01.11 21:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDownloader [2011.01.11 19:41:04 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\Kings Of Leon - Come Around Sundown (2010)320@BSBT [2011.01.09 17:02:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Games for Windows - LIVE Demos [2011.01.09 12:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.01.09 12:28:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.01.09 12:28:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.01.09 12:28:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.01.08 22:51:11 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Local [2011.01.08 22:50:56 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\DivX [2011.01.08 22:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.01.08 22:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.01.08 22:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.01.08 22:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.01.08 22:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.01.08 21:01:41 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Desktop\xbox360cwe [2011.01.08 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BestGameEver [2011.01.08 20:18:05 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Amnesia [2011.01.08 15:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2011.01.08 15:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.01.08 15:58:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.01.08 15:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.01.08 15:57:25 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\kikin [2011.01.08 15:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kikin [2011.01.08 15:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011.01.08 14:51:44 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Ubisoft [2011.01.08 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011.01.08 13:04:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011.01.08 11:53:16 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Meine empfangenen Dateien [2011.01.08 11:48:59 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Tracing [2011.01.08 11:45:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2011.01.08 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.01.08 11:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2011.01.08 11:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011.01.08 11:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2011.01.08 11:44:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.01.08 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{DB3FAB4D-7749-407F-89E1-D27DB8CF9BBC} [2011.01.08 11:20:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{744334AF-A368-4ADB-A3E8-C7F1DA89C22F} [2011.01.06 21:39:32 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Darksiders [2011.01.06 21:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2011.01.06 21:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ [2011.01.06 15:43:45 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\{4AC5916B-D5F6-47A7-AE53-8BC07489220F} [2011.01.06 15:43:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Windows Live Writer [2011.01.06 15:43:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Windows Live Writer [2011.01.05 23:34:07 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.01.05 23:16:30 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\ESET [2011.01.05 23:14:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beat Hazard [2011.01.05 23:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Beat Hazard [2011.01.05 22:09:14 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Beat Hazard [2011.01.05 22:06:23 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2011.01.05 20:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.01.05 20:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2011.01.05 20:22:02 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2011.01.05 20:22:02 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2011.01.05 20:22:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2011.01.05 20:22:02 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2011.01.05 20:21:09 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.01.05 20:21:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.01.05 20:21:09 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.01.05 20:21:08 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.01.05 20:21:08 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.01.05 20:21:08 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.01.05 20:21:08 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.01.05 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\Windows Live [2011.01.05 20:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2011.01.05 20:11:12 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\GetRightToGo [2011.01.05 20:11:12 | 000,000,000 | ---D | C] -- C:\Users\X-RX\Documents\Downloads [2011.01.05 20:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.2 [2011.01.05 20:04:51 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Roaming\ICQ [2011.01.05 20:04:50 | 000,000,000 | ---D | C] -- C:\Users\X-RX\AppData\Local\AOL [2011.01.05 20:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2011.01.05 19:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2011.01.05 09:20:44 | 000,396,152 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent.exe [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.04 10:52:50 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2011.02.04 10:52:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.04 10:52:37 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys [2011.02.04 10:52:03 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.04 10:52:03 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.04 10:26:05 | 326,318,747 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.02.04 10:20:45 | 000,001,076 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\Task Killer.lnk [2011.02.04 10:20:45 | 000,001,052 | ---- | M] () -- C:\Users\X-RX\Desktop\Task Killer.lnk [2011.02.03 16:27:04 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.02.03 16:27:04 | 000,641,468 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.02.03 16:27:04 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.02.03 16:27:04 | 000,125,856 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.02.03 16:27:04 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.02.03 16:23:09 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.02.03 16:20:23 | 000,001,940 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011.02.02 22:57:16 | 000,000,787 | ---- | M] () -- C:\Users\X-RX\Desktop\JustCause2 - Kopie - Verknüpfung.lnk [2011.02.01 22:58:20 | 000,007,601 | ---- | M] () -- C:\Users\X-RX\AppData\Local\Resmon.ResmonCfg [2011.02.01 22:20:45 | 000,002,124 | ---- | M] () -- C:\Users\X-RX\Desktop\W32 Sdbot WARemoval Tool.lnk [2011.02.01 21:49:26 | 048,362,496 | ---- | M] () -- C:\Users\X-RX\Desktop\rrr.avi [2011.02.01 21:46:45 | 000,001,566 | ---- | M] () -- C:\Users\X-RX\Desktop\EASYBOX - Verknüpfung.lnk [2011.02.01 21:42:58 | 000,827,392 | ---- | M] () -- C:\Users\X-RX\Desktop\ff.avi [2011.02.01 21:41:53 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk [2011.02.01 21:41:21 | 004,073,472 | ---- | M] () -- C:\Users\X-RX\Desktop\Camstudio-2-0.exe [2011.02.01 17:08:05 | 000,420,801 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2011.01.31 20:53:44 | 000,000,507 | ---- | M] () -- C:\Windows\ICCLR.INF [2011.01.31 20:53:44 | 000,000,260 | ---- | M] () -- C:\Windows\Dit.INI [2011.01.31 20:53:43 | 000,266,240 | ---- | M] (ICSI) -- C:\Windows\Dit.DLL [2011.01.30 21:34:01 | 000,288,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.01.30 21:28:50 | 001,407,286 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.01.30 19:26:07 | 000,630,986 | ---- | M] () -- C:\Users\X-RX\Desktop\Unbenannt.jpg [2011.01.30 19:23:40 | 000,001,089 | ---- | M] () -- C:\Users\X-RX\Desktop\Directory Size 2.4.lnk [2011.01.30 18:41:12 | 000,001,359 | ---- | M] () -- C:\Users\X-RX\Desktop\TheUndergarden - Verknüpfung.lnk [2011.01.30 18:41:11 | 000,000,691 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2011.01.30 01:38:41 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.01.30 01:33:56 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.01.30 00:54:54 | 000,002,064 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2011.01.30 00:43:07 | 000,511,968 | ---- | M] () -- C:\Users\X-RX\Desktop\sdsetup2011.exe [2011.01.29 23:32:22 | 000,001,630 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk [2011.01.29 23:06:27 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2011.01.29 23:06:27 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2011.01.29 21:43:38 | 006,220,854 | ---- | M] () -- C:\Users\X-RX\Desktop\Neue Bitmap.bmp [2011.01.28 19:51:40 | 000,001,399 | ---- | M] () -- C:\Users\X-RX\Desktop\fose_loader - Verknüpfung.lnk [2011.01.28 15:59:03 | 000,001,070 | ---- | M] () -- C:\Users\X-RX\Desktop\ZoneAlarm Security.lnk [2011.01.28 15:59:02 | 000,005,977 | ---- | M] () -- C:\Windows\SysWow64\vsconfig.xml [2011.01.28 14:39:04 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.28 09:25:34 | 000,001,049 | ---- | M] () -- C:\Users\X-RX\Desktop\Graphic Equalizer Studio 2010.lnk [2011.01.26 05:24:46 | 000,028,161 | ---- | M] () -- C:\Users\X-RX\Documents\xrx pc.3dr [2011.01.24 22:42:59 | 000,001,694 | ---- | M] () -- C:\Users\X-RX\Desktop\DevilMayCry4_DX10 - Verknüpfung.lnk [2011.01.24 16:53:38 | 000,000,628 | ---- | M] () -- C:\Users\X-RX\Desktop\Beat Hazard.lnk [2011.01.23 12:00:21 | 000,001,839 | ---- | M] () -- C:\Users\X-RX\Desktop\ICQ 7 Multi Starter.lnk [2011.01.23 11:57:32 | 002,114,306 | ---- | M] (murb.com ) -- C:\Users\X-RX\Desktop\Multi-ICQ 1.4 Setup.exe [2011.01.21 11:42:10 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.18 04:53:21 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk [2011.01.16 17:59:14 | 000,000,217 | ---- | M] () -- C:\Users\X-RX\Desktop\ICQ Spiele.url [2011.01.16 15:35:35 | 000,000,566 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2011.01.15 02:15:59 | 000,001,042 | ---- | M] () -- C:\Users\X-RX\Desktop\BeatHazard - Verknüpfung.lnk [2011.01.14 23:36:35 | 000,000,039 | ---- | M] () -- C:\Users\X-RX\Documents\rzhxf.gpr [2011.01.14 23:31:44 | 000,000,030 | ---- | M] () -- C:\Users\X-RX\Documents\3 kilck.gpr [2011.01.14 23:26:48 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\FightMouse Pro.lnk [2011.01.14 19:34:22 | 000,000,981 | ---- | M] () -- C:\Users\X-RX\Desktop\Free Download Manager.lnk [2011.01.14 13:12:39 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.01.14 13:12:39 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.01.13 21:58:14 | 000,000,220 | ---- | M] () -- C:\Users\X-RX\Desktop\The Chronicles of Riddick Assault on Dark Athena.url [2011.01.11 21:33:41 | 000,001,891 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk [2011.01.11 21:33:41 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\xfbxb.lnk [2011.01.08 22:51:12 | 000,001,611 | ---- | M] () -- C:\Users\X-RX\Desktop\DivX Movies.lnk [2011.01.08 22:50:52 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011.01.08 22:50:35 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.01.08 20:42:13 | 000,000,219 | ---- | M] () -- C:\Users\X-RX\Desktop\Counter-Strike Source.url [2011.01.08 15:59:10 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.01.06 21:38:48 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk [2011.01.05 23:26:29 | 000,000,173 | ---- | M] () -- C:\Users\X-RX\Desktop\ttzxz86663344.sav [2011.01.05 23:26:29 | 000,000,173 | ---- | M] () -- C:\Users\X-RX\Desktop\savegame4.sav [2011.01.05 20:05:17 | 000,001,852 | ---- | M] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.2.lnk [2011.01.05 20:05:17 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2011.01.05 19:01:17 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\st.lnk [2011.01.05 18:38:16 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.04 10:20:45 | 000,001,076 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\Task Killer.lnk [2011.02.04 10:20:45 | 000,001,052 | ---- | C] () -- C:\Users\X-RX\Desktop\Task Killer.lnk [2011.02.03 16:23:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.02.03 16:23:09 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.02.03 16:20:23 | 000,001,940 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011.02.02 22:57:16 | 000,000,787 | ---- | C] () -- C:\Users\X-RX\Desktop\JustCause2 - Kopie - Verknüpfung.lnk [2011.02.01 22:20:45 | 000,002,124 | ---- | C] () -- C:\Users\X-RX\Desktop\W32 Sdbot WARemoval Tool.lnk [2011.02.01 21:50:03 | 048,362,496 | ---- | C] () -- C:\Users\X-RX\Desktop\rrr.avi [2011.02.01 21:43:16 | 000,827,392 | ---- | C] () -- C:\Users\X-RX\Desktop\ff.avi [2011.02.01 21:41:53 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk [2011.02.01 21:41:00 | 004,073,472 | ---- | C] () -- C:\Users\X-RX\Desktop\Camstudio-2-0.exe [2011.01.31 20:56:45 | 000,000,260 | ---- | C] () -- C:\Windows\Dit.INI [2011.01.31 20:54:48 | 000,000,507 | ---- | C] () -- C:\Windows\ICCLR.INF [2011.01.30 19:23:40 | 000,001,089 | ---- | C] () -- C:\Users\X-RX\Desktop\Directory Size 2.4.lnk [2011.01.30 18:45:36 | 000,630,986 | ---- | C] () -- C:\Users\X-RX\Desktop\Unbenannt.jpg [2011.01.30 01:33:56 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.01.30 00:54:59 | 001,407,286 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.01.30 00:54:54 | 000,002,064 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2011.01.30 00:44:18 | 000,511,968 | ---- | C] () -- C:\Users\X-RX\Desktop\sdsetup2011.exe [2011.01.29 23:32:22 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk [2011.01.29 20:18:52 | 006,220,854 | ---- | C] () -- C:\Users\X-RX\Desktop\Neue Bitmap.bmp [2011.01.29 19:48:13 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat [2011.01.28 19:51:40 | 000,001,399 | ---- | C] () -- C:\Users\X-RX\Desktop\fose_loader - Verknüpfung.lnk [2011.01.28 15:59:03 | 000,001,070 | ---- | C] () -- C:\Users\X-RX\Desktop\ZoneAlarm Security.lnk [2011.01.28 15:59:02 | 000,005,977 | ---- | C] () -- C:\Windows\SysWow64\vsconfig.xml [2011.01.28 15:57:57 | 000,420,801 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2011.01.28 14:39:04 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.28 09:25:34 | 000,001,049 | ---- | C] () -- C:\Users\X-RX\Desktop\Graphic Equalizer Studio 2010.lnk [2011.01.26 05:24:46 | 000,028,161 | ---- | C] () -- C:\Users\X-RX\Documents\xrx pc.3dr [2011.01.24 22:42:59 | 000,001,694 | ---- | C] () -- C:\Users\X-RX\Desktop\DevilMayCry4_DX10 - Verknüpfung.lnk [2011.01.24 22:32:35 | 000,001,359 | ---- | C] () -- C:\Users\X-RX\Desktop\TheUndergarden - Verknüpfung.lnk [2011.01.24 18:50:00 | 415,734,816 | ---- | C] () -- C:\Users\X-RX\Desktop\asrym-dtn.bin [2011.01.24 16:53:38 | 000,000,628 | ---- | C] () -- C:\Users\X-RX\Desktop\Beat Hazard.lnk [2011.01.23 12:00:21 | 000,001,839 | ---- | C] () -- C:\Users\X-RX\Desktop\ICQ 7 Multi Starter.lnk [2011.01.21 11:42:10 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.01.18 04:53:21 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk [2011.01.16 18:23:58 | 000,007,601 | ---- | C] () -- C:\Users\X-RX\AppData\Local\Resmon.ResmonCfg [2011.01.16 17:59:14 | 000,000,217 | ---- | C] () -- C:\Users\X-RX\Desktop\ICQ Spiele.url [2011.01.16 15:35:35 | 000,000,566 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2011.01.15 02:44:49 | 000,001,566 | ---- | C] () -- C:\Users\X-RX\Desktop\EASYBOX - Verknüpfung.lnk [2011.01.15 02:15:59 | 000,001,042 | ---- | C] () -- C:\Users\X-RX\Desktop\BeatHazard - Verknüpfung.lnk [2011.01.14 23:36:34 | 000,000,039 | ---- | C] () -- C:\Users\X-RX\Documents\rzhxf.gpr [2011.01.14 23:31:43 | 000,000,030 | ---- | C] () -- C:\Users\X-RX\Documents\3 kilck.gpr [2011.01.14 23:26:48 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\FightMouse Pro.lnk [2011.01.14 23:17:49 | 000,009,600 | ---- | C] () -- C:\Windows\SysNative\drivers\whfltr2k.sys [2011.01.14 19:34:22 | 000,000,981 | ---- | C] () -- C:\Users\X-RX\Desktop\Free Download Manager.lnk [2011.01.14 13:12:39 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.01.14 13:12:39 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.01.13 21:58:14 | 000,000,220 | ---- | C] () -- C:\Users\X-RX\Desktop\The Chronicles of Riddick Assault on Dark Athena.url [2011.01.11 21:33:41 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2011.01.11 21:33:41 | 000,001,891 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk [2011.01.11 21:33:41 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\xfbxb.lnk [2011.01.09 17:02:28 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011.01.08 22:51:12 | 000,001,611 | ---- | C] () -- C:\Users\X-RX\Desktop\DivX Movies.lnk [2011.01.08 22:50:52 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2011.01.08 22:50:35 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.01.08 20:42:12 | 000,000,219 | ---- | C] () -- C:\Users\X-RX\Desktop\Counter-Strike Source.url [2011.01.08 15:59:10 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.01.06 21:38:48 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders Comic.lnk [2011.01.05 23:26:29 | 000,000,173 | ---- | C] () -- C:\Users\X-RX\Desktop\ttzxz86663344.sav [2011.01.05 23:26:29 | 000,000,173 | ---- | C] () -- C:\Users\X-RX\Desktop\savegame4.sav [2011.01.05 20:05:17 | 000,001,852 | ---- | C] () -- C:\Users\X-RX\Application Data\Microsoft\Internet Explorer\Quick Launch\ICQ7.2.lnk [2011.01.05 20:05:17 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008.06.23 13:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 17:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml [2005.08.15 14:14:54 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\frapsvid.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:DFC5A2B2 |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:41 Uhr. |
Copyright ©2000-2025, Trojaner-Board