| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach Virensuche Kaspersky nicht mehr startbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.04.2011, 18:05
| #1 |
| |  Nach Virensuche Kaspersky nicht mehr startbar Hallo Leute, ich habe vor ein paar Stunden Kaspersky installiert (habe seit einiger Zeit das Gefühl, dass der PC verseucht ist, Avira hat nichts gefunden, deshalb habe ich mir Kaspersky gekauft). Gleich nach der Installation ist mir aufgefallen, dass eine Datei mit dem Namen "Hacktool..." (den vollständigen Namen habe ich nicht mehr im Kopf) in der Ausnahmeliste aufgelistet war. Habe natürlich die Datei aus der Ausnahmeliste entfernt --- schon wegen diesem komischen Namen. So, gleich danach habe ich eine vollständige Durchsuchung laufengelassen. Nach ein paar Minuten meldete Kaspersky einen Fund --- die mysteriöse Datei, die ich vorhin erwähnt habe, "Hacktool...". Ich wollte den Virus löschen --- jedoch forderte Kaspersky mich auf den PC neuzustarten um den Virus zu löschen. Nach dem Neustart konnte ich Kaspersky nicht öffnen. Das Wartungscenter meldet mir auch keinen eingeschalteten Virenschutz. Wenn ich auf "Einschalten" klicke passiert nichts. Ich weiß ab jetzt nicht mehr weiter...  Hoffe ihr könnt mir weiterhelfen, wär euch total dankbar, der PC war nicht billig für mich . Der PC ist 1 Tag alt und es ist Win 7 Home Premium 64-bit drauf.Danke und Gruß Hinzufügung: Ich lass gerade Emsisoft Emergency Kit laufen... mal sehen ob das was bringt. Update: Emergency KIT hat leider nichts gefunden Geändert von salamandabik (13.04.2011 um 18:34 Uhr) |
|
14.04.2011, 10:44
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach Virensuche Kaspersky nicht mehr startbarZitat:
Zitat:
__________________ |
|
14.04.2011, 14:22
| #3 |
| | Nach Virensuche Kaspersky nicht mehr startbar Nein, nachdem Avira nichts gefunden hat, habe ich es deinstalliert und Kaspersky gleich danach installiert.
__________________Mit welchem Programm kann man gute Logs erstellen? |
|
14.04.2011, 14:34
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Virensuche Kaspersky nicht mehr startbar Schau mal nach ob die Logs noch hier zu sehen sind => C:\ProgramData\Avira\AntiVir Desktop\LOGFILES Wenn ja diesen ganzen Ordner mal zippen und hier anhängen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.04.2011, 17:42
| #5 |
| | Nach Virensuche Kaspersky nicht mehr startbar ***Edit* Bitte wegen Doppelpost löschen Geändert von salamandabik (14.04.2011 um 18:04 Uhr) |
|
14.04.2011, 17:59
| #6 |
| | Nach Virensuche Kaspersky nicht mehr startbar Ich habe vor den PC zurückzusenden. Ist das denn noch möglich wenn ich schon ein Benutzerkonto mit meinem Namen erstellt habe? Verpackung und das ganze andere Zeug sind noch da... Edit: Ich habe zufällig ein Rootkit gefunden! Habe es in der Ausnahmeliste gefunden.  PS: sämtliche Rootkitscanner werden geblockt .Update: Der Log ist zu lang... Geändert von salamandabik (14.04.2011 um 18:09 Uhr) |
|
14.04.2011, 18:04
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Virensuche Kaspersky nicht mehr startbar Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2011, 18:11
| #8 |
| | Nach Virensuche Kaspersky nicht mehr startbar Alle Rootkitscanner werden geblockt. Habe ein Log gefunden, der ist aber zu lang. |
|
14.04.2011, 18:21
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Virensuche Kaspersky nicht mehr startbar Malwarebytes ist kein Rootkitscanner. Wenn Logs zu groß sind diese in eine ZIP verpacken und hier hoachladen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2011, 18:29
| #10 |
| | Nach Virensuche Kaspersky nicht mehr startbar Ich meinte andere Scanner wie BlackLight und Anti-Rootkit. Malwarebytes wird nicht geblockt. Hier der OTL-Log: Code:
ATTFilter OTL logfile created on: 14.04.2011 19:13:42 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Duc Khan\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 77,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 912,36 Gb Total Space | 867,75 Gb Free Space | 95,11% Space Free | Partition Type: NTFS Computer Name: DUCKHAN-PC | User Name: Duc Khan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Duc Khan\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\EXPERTool\TBPANEL.exe (Gainward Co.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe (Realtek) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Duc Khan\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) SRV - (Realtek87B) -- C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe (Realtek) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\rtl8187B.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01 IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13" FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=2&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.13 19:39:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.14 18:53:14 | 000,000,000 | ---D | M] [2011.04.13 19:39:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duc Khan\AppData\Roaming\mozilla\Extensions [2011.04.13 19:40:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duc Khan\AppData\Roaming\mozilla\Firefox\Profiles\d35bokpr.default\extensions [2011.04.13 19:40:52 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Duc Khan\AppData\Roaming\mozilla\Firefox\Profiles\d35bokpr.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} [2011.03.23 21:42:12 | 000,000,943 | ---- | M] () -- C:\Users\Duc Khan\AppData\Roaming\Mozilla\Firefox\Profiles\d35bokpr.default\searchplugins\conduit.xml [2011.04.14 18:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.04.14 18:53:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.14 15:49:26 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2011.04.14 15:49:25 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru File not found (No name found) -- [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.07.14 17:37:07 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe (VIA) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.14 18:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.04.14 18:53:14 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.04.14 18:53:14 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.04.14 18:53:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.04.14 18:53:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.04.14 15:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2011 [2011.04.14 15:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2011.04.14 15:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2011.04.14 15:46:06 | 000,556,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2011.04.14 15:43:22 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.04.14 15:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011.04.13 20:19:56 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Malwarebytes [2011.04.13 20:19:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.04.13 20:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.13 20:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.13 20:19:47 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.04.13 20:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.04.13 19:39:18 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.04.13 19:39:18 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.04.13 19:39:11 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.04.13 19:39:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.04.13 19:39:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.04.13 19:39:05 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011.04.13 19:39:05 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011.04.13 19:39:05 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011.04.13 19:39:05 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011.04.13 19:39:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.04.13 19:39:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.04.13 19:39:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.04.13 19:39:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.04.13 19:38:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.04.13 19:38:54 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.04.13 19:38:54 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.04.13 19:38:54 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.04.13 19:38:54 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.04.13 19:38:54 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.04.13 19:38:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.04.13 19:38:54 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.04.13 19:38:54 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.04.13 19:38:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.04.13 19:38:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.04.13 19:38:54 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.04.13 19:38:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.04.13 19:38:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.04.13 19:38:16 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011.04.13 19:38:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011.04.13 19:38:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011.04.13 19:38:14 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011.04.13 19:38:14 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011.04.13 19:38:14 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011.04.13 19:38:14 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011.04.13 19:38:13 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011.04.13 19:38:13 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011.04.13 19:38:13 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011.04.13 19:38:13 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011.04.13 18:25:12 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Diagnostics [2011.04.13 17:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.04.13 17:19:46 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.04.13 17:19:16 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\Desktop\Neuer Ordner (2) [2011.04.13 16:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.04.12 20:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187B Wireless LAN Utility [2011.04.12 20:22:21 | 000,446,976 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\SysNative\drivers\rtl8187B.sys [2011.04.12 20:22:20 | 000,614,400 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\Rtlihvs.dll [2011.04.12 20:22:20 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe [2011.04.12 20:22:20 | 000,188,416 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\RTLExtUI.dll [2011.04.12 20:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REALTEK [2011.04.12 20:19:26 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\WinRAR [2011.04.12 20:18:33 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\Desktop\Neuer Ordner [2011.04.12 20:01:49 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Mozilla [2011.04.12 20:01:49 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Mozilla [2011.04.12 19:58:25 | 000,403,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvraiins.dll [2011.04.12 19:58:25 | 000,403,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvraidco.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoPtb.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoIt.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoFr.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEsm.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEs.dll [2011.04.12 19:58:25 | 000,019,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoDe.dll [2011.04.12 19:58:25 | 000,018,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoSv.dll [2011.04.12 19:58:25 | 000,018,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoRu.dll [2011.04.12 19:58:25 | 000,018,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoNo.dll [2011.04.12 19:58:25 | 000,018,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoNl.dll [2011.04.12 19:58:25 | 000,018,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoFi.dll [2011.04.12 19:58:25 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoENU.dll [2011.04.12 19:58:25 | 000,018,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoEng.dll [2011.04.12 19:58:25 | 000,016,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoKo.dll [2011.04.12 19:58:25 | 000,016,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoJa.dll [2011.04.12 19:58:25 | 000,015,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoZht.dll [2011.04.12 19:58:25 | 000,015,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRCoZhc.dll [2011.04.12 19:58:19 | 000,758,272 | R--- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\cohelper.dll [2011.04.12 19:58:17 | 000,953,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\fdco2.dll [2011.04.12 19:58:17 | 000,349,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvmf6264.sys [2011.04.12 19:58:17 | 000,229,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvconrm.dll [2011.04.12 19:57:25 | 001,327,520 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys [2011.04.12 19:57:25 | 000,985,504 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll [2011.04.12 19:57:25 | 000,541,088 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll [2011.04.12 19:57:25 | 000,246,688 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll [2011.04.12 19:57:25 | 000,197,024 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll [2011.04.12 19:57:25 | 000,089,504 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll [2011.04.12 19:57:25 | 000,080,800 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll [2011.04.12 19:53:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LoiLoScope FREE trial [2011.04.12 19:49:16 | 000,015,648 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\SysWow64\drivers\TBPanelx64.sys [2011.04.12 19:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool [2011.04.12 19:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EXPERTool [2011.04.12 19:45:37 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.04.12 19:45:37 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Searches [2011.04.12 19:45:37 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.04.12 19:45:28 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Identities [2011.04.12 19:45:25 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Contacts [2011.04.12 19:45:23 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\VirtualStore [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Vorlagen [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\AppData\Local\Verlauf [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\AppData\Local\Temporary Internet Files [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Startmenü [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\SendTo [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Recent [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Netzwerkumgebung [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Lokale Einstellungen [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Documents\Eigene Videos [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Documents\Eigene Musik [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Eigene Dateien [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Documents\Eigene Bilder [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Druckumgebung [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Cookies [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\AppData\Local\Anwendungsdaten [2011.04.12 19:45:11 | 000,000,000 | -HSD | C] -- C:\Users\Duc Khan\Anwendungsdaten [2011.04.12 19:45:10 | 000,000,000 | --SD | C] -- C:\Users\Duc Khan\AppData\Roaming\Microsoft [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Videos [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Saved Games [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Pictures [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Music [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Links [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Favorites [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Downloads [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Documents [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\Desktop [2011.04.12 19:45:10 | 000,000,000 | R--D | C] -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.04.12 19:45:10 | 000,000,000 | -H-D | C] -- C:\Users\Duc Khan\AppData [2011.04.12 19:45:10 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Temp [2011.04.12 19:45:10 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Microsoft [2011.04.12 19:45:10 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Media Center Programs [2011.04.12 19:40:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.04.12 17:03:44 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\NVIDIA [2011.04.12 16:24:49 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll [2011.04.12 16:24:49 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2011.04.12 16:24:49 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2011.04.12 16:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011.04.12 16:24:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.04.12 16:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.04.12 16:23:08 | 001,500,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642050.dll [2011.04.12 16:23:08 | 001,308,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642030.dll [2011.04.12 16:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.04.12 16:22:52 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.04.12 16:22:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.04.12 16:22:51 | 007,491,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011.04.12 16:22:50 | 005,474,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011.04.12 16:22:48 | 020,295,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011.04.12 16:22:47 | 014,903,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011.04.12 16:22:44 | 000,386,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2011.04.12 16:22:44 | 000,319,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2011.04.12 16:22:43 | 012,790,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011.04.12 16:22:41 | 010,024,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011.04.12 16:22:41 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011.04.12 16:22:40 | 003,112,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011.04.12 16:22:40 | 002,934,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011.04.12 16:22:40 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011.04.12 16:22:39 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011.04.12 16:22:38 | 006,471,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011.04.12 16:22:25 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011.04.12 16:22:23 | 018,597,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011.04.12 16:22:23 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2011.04.12 16:21:41 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Macromedia [2011.04.12 16:21:41 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Adobe [2011.04.12 16:21:02 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\Documents\My Games [2011.04.12 16:20:55 | 000,000,000 | RH-D | C] -- C:\Users\Duc Khan\AppData\Roaming\SecuROM [2011.04.12 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Electronic Arts [2011.04.12 15:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011.04.12 15:50:55 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\Documents\Simply Super Software [2011.04.12 15:50:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2011.04.12 15:50:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll [2011.04.12 15:50:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2011.04.12 15:50:46 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\Simply Super Software [2011.04.12 15:50:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2011.04.12 15:45:28 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.04.12 15:44:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6} [2011.04.12 15:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2011.04.12 15:31:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.04.12 15:30:44 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Local\Downloaded Installations [2011.04.12 15:30:33 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\Documents\ForceField Shared Files [2011.04.12 15:30:33 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\CheckPoint [2011.04.12 15:29:34 | 000,000,000 | ---D | C] -- C:\Programme\CheckPoint [2011.04.12 15:29:28 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\SysWow64\vsutil_loc0407.dll [2011.04.12 15:28:50 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2011.04.12 15:28:41 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2011.04.12 15:28:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2011.04.12 15:28:41 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2011.04.12 15:28:41 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2011.04.12 15:28:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2011.04.12 15:28:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2011.04.12 15:28:39 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2011.04.12 15:28:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2011.04.12 15:28:29 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2011.04.12 15:28:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2011.04.12 15:28:29 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2011.04.12 15:28:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2011.04.12 15:28:28 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2011.04.12 15:28:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2011.04.12 15:28:27 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2011.04.12 15:28:27 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2011.04.12 15:28:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2011.04.12 15:28:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2011.04.12 15:28:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2011.04.12 15:28:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2011.04.12 15:28:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2011.04.12 15:28:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2011.04.12 15:28:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2011.04.12 15:28:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2011.04.12 15:28:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2011.04.12 15:28:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2011.04.12 15:28:23 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2011.04.12 15:28:23 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2011.04.12 15:28:21 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2011.04.12 15:28:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2011.04.12 15:28:21 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2011.04.12 15:28:21 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2011.04.12 15:28:21 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2011.04.12 15:28:21 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2011.04.12 15:28:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2011.04.12 15:28:21 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2011.04.12 15:28:21 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2011.04.12 15:28:21 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2011.04.12 15:28:20 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2011.04.12 15:28:20 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2011.04.12 15:28:20 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2011.04.12 15:28:20 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2011.04.12 15:28:20 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2011.04.12 15:28:20 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2011.04.12 15:28:20 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2011.04.12 15:28:20 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2011.04.12 15:28:19 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2011.04.12 15:28:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2011.04.12 15:28:19 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2011.04.12 15:28:19 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2011.04.12 15:28:19 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2011.04.12 15:28:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2011.04.12 15:28:19 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2011.04.12 15:28:19 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2011.04.12 15:28:18 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2011.04.12 15:28:18 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2011.04.12 15:28:18 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2011.04.12 15:28:18 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2011.04.12 15:28:18 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2011.04.12 15:28:18 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2011.04.12 15:28:17 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2011.04.12 15:28:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2011.04.12 15:28:17 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2011.04.12 15:28:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2011.04.12 15:28:16 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2011.04.12 15:28:16 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2011.04.12 15:28:16 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2011.04.12 15:28:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2011.04.12 15:28:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2011.04.12 15:28:15 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2011.04.12 15:28:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2011.04.12 15:28:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2011.04.12 15:28:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2011.04.12 15:28:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2011.04.12 15:28:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2011.04.12 15:28:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2011.04.12 15:28:14 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2011.04.12 15:28:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2011.04.12 15:28:13 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2011.04.12 15:28:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2011.04.12 15:28:13 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2011.04.12 15:28:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2011.04.12 15:28:12 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2011.04.12 15:28:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2011.04.12 15:28:11 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2011.04.12 15:28:11 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2011.04.12 15:28:01 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2011.04.12 15:28:01 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2011.04.12 15:28:01 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2011.04.12 15:28:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2011.04.12 15:28:01 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2011.04.12 15:28:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2011.04.12 15:28:00 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2011.04.12 15:28:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2011.04.12 15:27:59 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2011.04.12 15:27:59 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2011.04.12 15:27:59 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2011.04.12 15:27:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2011.04.12 15:27:58 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2011.04.12 15:27:58 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2011.04.12 15:27:58 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2011.04.12 15:27:58 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2011.04.12 15:27:57 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2011.04.12 15:27:57 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2011.04.12 15:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2011.04.12 15:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp [2011.04.12 15:19:23 | 000,000,000 | ---D | C] -- C:\Programme\Core Temp [2011.04.12 15:01:57 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011.04.12 15:01:57 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011.04.12 15:01:57 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011.04.12 15:01:57 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011.04.12 15:01:57 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011.04.12 15:01:57 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011.04.12 15:01:57 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011.04.12 15:01:57 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011.04.12 14:55:32 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.04.12 14:55:32 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.04.12 14:55:31 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.04.12 14:55:31 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.04.12 14:55:31 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.04.12 14:55:31 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.04.12 14:55:31 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.04.12 14:55:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.04.12 14:53:58 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2011.04.12 14:53:58 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2011.04.12 14:53:57 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2011.04.12 14:53:56 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll [2011.04.12 14:53:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2011.04.12 14:53:56 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2011.04.12 14:53:56 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2011.04.12 14:53:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2011.04.12 14:53:50 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.04.12 14:53:49 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.04.12 14:53:49 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.04.12 14:53:49 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.04.12 14:53:49 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.04.12 14:53:49 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.04.12 14:53:48 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.04.12 14:53:48 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.04.12 14:53:48 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.04.12 14:53:46 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.04.12 14:53:45 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.04.12 14:53:45 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.04.12 14:53:44 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.04.12 14:53:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.04.12 14:53:44 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.04.12 14:53:44 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.04.12 14:53:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.04.12 14:53:43 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.04.12 14:53:42 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.04.12 14:53:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.04.12 14:53:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.04.12 14:53:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.04.12 14:53:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.04.12 14:48:34 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2011.04.12 14:48:01 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2011.04.12 14:47:47 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2011.04.12 14:47:47 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2011.04.12 14:47:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2011.04.12 14:47:46 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.04.12 14:47:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.04.12 14:47:30 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2011.04.12 14:47:30 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011.04.12 14:47:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2011.04.12 14:47:29 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2011.04.12 14:47:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2011.04.12 14:47:28 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2011.04.12 14:47:27 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.04.12 14:47:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2011.04.12 14:47:26 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2011.04.12 14:47:20 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2011.04.12 14:47:18 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2011.04.12 14:47:17 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2011.04.12 14:47:17 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2011.04.12 14:47:16 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011.04.12 14:47:16 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011.04.12 14:47:14 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.04.12 14:47:14 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2011.04.12 14:47:13 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.04.12 14:47:13 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.04.12 14:47:13 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011.04.12 14:44:29 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.04.12 14:44:29 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.04.12 14:43:47 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2011.04.12 14:43:47 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2011.04.12 14:43:33 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.04.12 14:43:33 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.04.12 14:43:33 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.04.12 14:43:33 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.04.12 14:43:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2011.04.12 14:43:16 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011.04.12 14:43:15 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.04.12 14:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011.04.12 14:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011.04.12 14:37:18 | 000,000,000 | ---D | C] -- C:\Users\Duc Khan\AppData\Roaming\DeviceVm [2011.04.12 14:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DeviceVm [2011.04.12 14:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM [2011.04.12 14:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [2011.04.12 14:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.14 18:43:18 | 000,151,619 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2011.04.14 18:43:18 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2011.04.14 18:34:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.14 15:51:54 | 000,018,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.14 15:51:54 | 000,018,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.14 15:50:07 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.14 15:50:07 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.14 15:50:07 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.14 15:50:07 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.14 15:50:07 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.14 15:46:06 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2011.04.14 15:42:55 | 2146,873,343 | -HS- | M] () -- C:\hiberfil.sys [2011.04.14 15:37:52 | 000,017,298 | ---- | M] () -- C:\Users\Duc Khan\Documents\virenbekämpfung.rtf [2011.04.13 20:19:50 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.13 20:10:12 | 000,289,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.13 19:39:21 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.13 18:24:44 | 000,001,106 | ---- | M] () -- C:\Users\Duc Khan\Desktop\Kaspersky Internet Security 2011.lnk [2011.04.13 17:19:48 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.12 20:22:37 | 000,002,297 | ---- | M] () -- C:\Users\Public\Desktop\REALTEK RTL8187B Wireless LAN Utility.lnk [2011.04.12 20:17:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf [2011.04.12 19:57:48 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk [2011.04.12 19:44:23 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.04.12 19:44:23 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.04.12 15:50:50 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.12 15:45:28 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.04.12 15:31:04 | 000,000,662 | ---- | M] () -- C:\Windows\SysWow64\ealregsnapshot1.reg [2011.04.12 15:19:26 | 000,000,067 | ---- | M] () -- C:\Users\Duc Khan\Desktop\Core Temp Gadget & Addons.url [2011.04.12 15:19:25 | 000,000,824 | ---- | M] () -- C:\Users\Duc Khan\Desktop\Core Temp.lnk [2011.04.12 14:47:32 | 000,000,193 | ---- | M] () -- C:\Users\Duc Khan\Documents\Dokument.rtf [2011.04.12 14:40:51 | 000,031,178 | ---- | M] () -- C:\Windows\Ascd_log.ini [2011.04.12 14:36:14 | 000,000,674 | ---- | M] () -- C:\Windows\setup.iss [2011.04.12 14:36:02 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2011.04.12 14:35:24 | 000,023,465 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.14 15:37:52 | 000,017,298 | ---- | C] () -- C:\Users\Duc Khan\Documents\virenbekämpfung.rtf [2011.04.13 20:19:50 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.13 19:39:21 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.04.13 19:39:21 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.13 18:24:44 | 000,001,106 | ---- | C] () -- C:\Users\Duc Khan\Desktop\Kaspersky Internet Security 2011.lnk [2011.04.13 17:58:13 | 000,151,619 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2011.04.13 17:58:13 | 000,107,075 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2011.04.13 17:19:48 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.12 20:22:37 | 000,002,297 | ---- | C] () -- C:\Users\Public\Desktop\REALTEK RTL8187B Wireless LAN Utility.lnk [2011.04.12 20:22:20 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011.04.12 20:17:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf [2011.04.12 19:58:18 | 000,010,084 | R--- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin [2011.04.12 19:56:40 | 000,031,178 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011.04.12 19:56:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.04.12 19:56:09 | 000,023,465 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.04.12 19:53:49 | 000,131,072 | ---- | C] () -- C:\Users\Duc Khan\Desktop\LoiLoScope FREE trial.exe [2011.04.12 19:45:44 | 000,001,409 | ---- | C] () -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.04.12 19:45:40 | 000,001,443 | ---- | C] () -- C:\Users\Duc Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.04.12 15:50:50 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2011.04.12 15:50:48 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll [2011.04.12 15:50:48 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll [2011.04.12 15:50:48 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll [2011.04.12 15:50:47 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll [2011.04.12 15:31:03 | 000,000,662 | ---- | C] () -- C:\Windows\SysWow64\ealregsnapshot1.reg [2011.04.12 15:19:26 | 000,000,067 | ---- | C] () -- C:\Users\Duc Khan\Desktop\Core Temp Gadget & Addons.url [2011.04.12 15:19:25 | 000,000,824 | ---- | C] () -- C:\Users\Duc Khan\Desktop\Core Temp.lnk [2011.04.12 14:47:32 | 000,000,193 | ---- | C] () -- C:\Users\Duc Khan\Documents\Dokument.rtf [2011.04.12 14:36:36 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2011.04.12 14:36:36 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011.04.12 14:36:31 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2011.04.12 14:36:31 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2011.04.12 14:36:14 | 000,000,674 | ---- | C] () -- C:\Windows\setup.iss [2010.12.23 07:56:49 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS ========== Alternate Data Streams ========== @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
14.04.2011, 19:09
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Virensuche Kaspersky nicht mehr startbar Wo sind denn die Logs von malwarebytes?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 13:37
| #12 |
| | Nach Virensuche Kaspersky nicht mehr startbar Ich gebe den PC zurück. |
|
15.04.2011, 13:56
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach Virensuche Kaspersky nicht mehr startbarZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Nach Virensuche Kaspersky nicht mehr startbar |
| 64-bit, avira, datei, emsisoft, emsisoft emergency kit, entfernt, gekauft, hack, home, installation, installiert, kaspersky, klicke, komische, leute, löschen, melde, minuten, namen, natürlich, neustart, nicht mehr, nichts, suche, total, verseucht, virus, wartungscenter, win |
Linear-Darstellung
