|
Log-Analyse und Auswertung: Windows 7 startet nicht mehr (bluescreen)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.06.2014, 19:53 | #1 |
| Windows 7 startet nicht mehr (bluescreen) hallo, meine Freundin hat heute Mittag eine (mir unbekannte) Viruswarung (avira) bekommen und entfernen geklickt. Einige Dinge waren im BIOS verstellt (Bootreihenfolge z.B.). Beim Windowsstart kommt dann der Bluescreen. FRSTLOG: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014 Ran by SYSTEM on MININT-LQ3R5EG on 17-06-2014 20:16:37 Running from G:\ Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG) HKU\Default\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\Sina\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Sina\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\Sina\...\Policies\Explorer: [NoInternetOpenWith] 1 IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () ==================== Services (Whitelisted) ================= S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG) S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG) S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG) S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2013-11-06] (DT Soft Ltd) S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () S4 SR; S3 VGPU; System32\drivers\rdvgkmd.sys [X] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\avgntflt.sys 46552023B54E374C887A3A9AAF1279F2 C:\Windows\System32\DRIVERS\avipbb.sys 8902AEC2382A37E9E99A4E0D52DBD42B C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\drivers\RTKVHD64.sys 07E34A18AB9DAD1F680B1066D9782BFB C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\iusb3hcs.sys 78D369F8A81A341109FBA1DB64B4C512 C:\Windows\System32\DRIVERS\iusb3hub.sys 5B632ABA038CE2E2D5D2D1115C6B26D1 C:\Windows\System32\DRIVERS\iusb3xhc.sys EA841584EF59528D11F20355770E427E C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415 C:\Windows\System32\DRIVERS\nvlddmkm.sys 0AC797F70F2F3E5B69A34FF2F63496F3 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 8C6532BCB5A97D6E2836315FA7B41CA7 C:\Windows\System32\drivers\nvvad64v.sys 75034A4D7C02327D150B617571D4196A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys B358C047E081AC70035017BD1D7ED818 C:\Windows\System32\DRIVERS\RtNdPt60.sys E16B7C030A05EF649B18FAB0A93D871F C:\Windows\System32\DRIVERS\RtTeam620.sys 66B7587714BC9BD850D0A49041B90CA0 C:\Windows\System32\DRIVERS\RtVlan620.sys C74798D1A2743C102154BD7871D92833 C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78 C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07 C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\t_mouse.sys A070ABB9D85582B2BECADBE6FCD12350 C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24 C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-17 20:15 - 2014-06-17 20:16 - 00000000 ____D () C:\FRST 2014-06-17 18:15 - 2014-06-17 20:21 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-06-13 17:28 - 2014-05-20 00:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-06-13 17:22 - 2014-05-20 03:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2014-06-13 17:22 - 2014-05-20 03:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll 2014-06-13 17:22 - 2014-05-20 03:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-06-13 17:07 - 2014-06-13 17:07 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-06-13 17:06 - 2014-06-13 17:08 - 00000000 ____D () C:\Users\Sina\AppData\Local\NVIDIA 2014-06-13 17:06 - 2014-05-30 00:00 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-06-13 17:06 - 2014-05-30 00:00 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-06-13 17:06 - 2014-05-29 23:59 - 01715176 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll 2014-06-13 17:06 - 2014-05-29 23:59 - 01279480 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll 2014-06-13 17:06 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys 2014-06-13 17:06 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll 2014-06-13 17:06 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-06-13 15:15 - 2014-06-13 15:15 - 01057176 _____ (Adobe) C:\Users\Sina\Desktop\install_flashplayer14x32axau_mssa_awb_aih.exe 2014-06-13 09:39 - 2014-06-13 16:54 - 00000604 _____ () C:\Users\Public\Desktop\WildStar.lnk 2014-06-13 09:39 - 2014-06-13 09:39 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\NCSOFT 2014-06-13 09:39 - 2014-06-13 09:39 - 00000000 ____D () C:\Users\Sina\AppData\Local\NCSOFT 2014-06-11 08:11 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-06-11 08:11 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-06-11 08:11 - 2014-05-30 10:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-06-11 08:11 - 2014-05-30 10:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-06-11 08:11 - 2014-05-30 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-06-11 08:11 - 2014-05-30 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-06-11 08:11 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 08:11 - 2014-05-30 10:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-06-11 08:11 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 08:11 - 2014-05-30 09:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-06-11 08:11 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 08:11 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 08:11 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 08:11 - 2014-05-30 09:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-06-11 08:11 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 08:11 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 08:11 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 08:11 - 2014-05-30 09:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-06-11 08:11 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 08:11 - 2014-05-30 09:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-06-11 08:11 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 08:11 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 08:11 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 08:11 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 08:11 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 08:11 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 08:11 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 08:11 - 2014-05-30 08:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-06-11 08:11 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 08:11 - 2014-05-08 10:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2014-06-11 08:11 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll 2014-06-11 08:11 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll 2014-06-11 08:11 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 08:11 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2014-06-11 08:11 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2014-06-11 08:11 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2014-06-11 08:11 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2014-06-11 08:11 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll 2014-06-11 08:11 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2014-06-11 08:11 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 08:11 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 08:11 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 08:11 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 08:10 - 2014-06-08 10:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-11 08:10 - 2014-06-08 10:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-11 08:10 - 2014-05-30 11:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-06-11 08:10 - 2014-05-30 10:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-06-11 08:10 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-06-11 08:10 - 2014-05-30 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-06-11 08:10 - 2014-05-30 10:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-06-11 08:10 - 2014-05-30 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-06-11 08:10 - 2014-05-30 10:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-06-11 08:10 - 2014-05-30 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-11 08:10 - 2014-05-30 10:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-06-11 08:10 - 2014-05-30 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-06-11 08:10 - 2014-05-30 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-06-11 08:10 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 08:10 - 2014-05-30 09:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-06-11 08:10 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 08:10 - 2014-05-30 09:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-06-11 08:10 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 08:10 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 08:10 - 2014-05-30 08:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-06-11 08:10 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 08:10 - 2014-05-30 08:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-06-11 08:10 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 08:10 - 2014-05-30 08:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-06-11 08:10 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-06 18:37 - 2014-06-06 18:37 - 00000000 ____D () C:\Users\Sina\Documents\RIFT 2014-06-06 14:31 - 2014-06-06 18:39 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\RIFT 2014-06-06 14:31 - 2014-06-06 14:31 - 00000519 _____ () C:\Users\Sina\Desktop\RIFT.lnk 2014-06-03 12:10 - 2014-06-03 12:10 - 00003836 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1383739938 2014-05-27 22:25 - 2014-05-27 22:25 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\NVIDIA 2014-05-27 12:33 - 2014-05-27 12:33 - 00003356 _____ () C:\Windows\PFRO.log 2014-05-27 07:16 - 2014-05-27 07:16 - 00000000 ____D () C:\Users\Sina\Desktop\Basteln 2014-05-27 07:01 - 2014-05-20 03:44 - 00061216 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll 2014-05-27 07:01 - 2014-05-20 03:44 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-05-27 07:01 - 2014-05-20 02:25 - 06769096 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2014-05-27 07:01 - 2014-05-20 02:25 - 03514144 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2014-05-27 07:01 - 2014-05-20 02:25 - 02560968 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2014-05-27 07:01 - 2014-05-20 02:25 - 00927520 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2014-05-27 07:01 - 2014-05-20 02:25 - 00387528 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2014-05-27 07:01 - 2014-05-20 02:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2014-05-27 07:01 - 2014-05-15 00:49 - 03774821 _____ () C:\Windows\System32\nvcoproc.bin 2014-05-27 07:00 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys 2014-05-27 07:00 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll 2014-05-27 07:00 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 03109248 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-05-26 22:59 - 2014-05-20 03:44 - 00952952 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll 2014-05-26 22:59 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433523.dll 2014-05-26 22:59 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433523.dll 2014-05-26 22:41 - 2014-05-20 03:44 - 00026069 _____ () C:\Windows\System32\nvinfo.pb 2014-05-26 21:59 - 2014-05-26 21:59 - 00048174 _____ () C:\cc_20140526_225951.reg 2014-05-26 21:58 - 2014-06-17 08:06 - 00005015 _____ () C:\Windows\setupact.log 2014-05-26 21:58 - 2014-05-26 21:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-26 18:21 - 2014-05-20 03:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433788.dll 2014-05-26 18:21 - 2014-05-20 03:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433788.dll ==================== One Month Modified Files and Folders ======= 2014-06-17 20:21 - 2014-06-17 18:15 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-06-17 20:16 - 2014-06-17 20:15 - 00000000 ____D () C:\FRST 2014-06-17 20:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-06-17 19:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\oobe 2014-06-17 10:06 - 2013-11-06 18:26 - 01742059 _____ () C:\Windows\WindowsUpdate.log 2014-06-17 10:06 - 2013-11-06 11:44 - 00000000 ____D () C:\Users\Sina\AppData\Local\Temp 2014-06-17 10:06 - 2013-11-06 11:44 - 00000000 ____D () C:\users\Sina 2014-06-17 10:05 - 2014-01-08 11:03 - 00000000 ____D () C:\Program Files (x86)\The weDownload Manager 2014-06-17 10:04 - 2014-01-08 11:04 - 00001440 _____ () C:\Windows\Tasks\The weDownload Manager-updater.job 2014-06-17 10:04 - 2014-01-08 11:04 - 00001390 _____ () C:\Windows\Tasks\The weDownload Manager-codedownloader.job 2014-06-17 10:04 - 2014-01-08 11:04 - 00001262 _____ () C:\Windows\Tasks\The weDownload Manager-enabler.job 2014-06-17 10:04 - 2014-01-08 11:03 - 00002368 _____ () C:\Windows\Tasks\The weDownload Manager-firefoxinstaller.job 2014-06-17 10:03 - 2014-01-08 11:03 - 00002246 _____ () C:\Windows\Tasks\The weDownload Manager-chromeinstaller.job 2014-06-17 09:50 - 2013-12-11 19:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-17 09:10 - 2013-11-06 13:27 - 00000000 ____D () C:\Users\Sina\AppData\Local\Deployment 2014-06-17 08:17 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-17 08:17 - 2009-07-14 05:45 - 00021248 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-17 08:07 - 2014-01-08 11:04 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\newnext.me 2014-06-17 08:06 - 2014-05-26 21:58 - 00005015 _____ () C:\Windows\setupact.log 2014-06-17 08:06 - 2013-11-06 12:13 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-17 08:06 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-17 08:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-14 12:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-06-13 17:28 - 2013-11-06 12:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-13 17:08 - 2014-06-13 17:06 - 00000000 ____D () C:\Users\Sina\AppData\Local\NVIDIA 2014-06-13 17:07 - 2014-06-13 17:07 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-06-13 17:07 - 2013-11-06 12:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-13 17:06 - 2013-11-13 13:35 - 00000000 ____D () C:\Users\Sina\AppData\Local\NVIDIA Corporation 2014-06-13 17:06 - 2013-11-06 12:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-13 16:54 - 2014-06-13 09:39 - 00000604 _____ () C:\Users\Public\Desktop\WildStar.lnk 2014-06-13 15:15 - 2014-06-13 15:15 - 01057176 _____ (Adobe) C:\Users\Sina\Desktop\install_flashplayer14x32axau_mssa_awb_aih.exe 2014-06-13 12:24 - 2014-01-05 12:02 - 00000000 ____D () C:\Users\Sina\Desktop\Sonstiges 2014-06-13 09:39 - 2014-06-13 09:39 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\NCSOFT 2014-06-13 09:39 - 2014-06-13 09:39 - 00000000 ____D () C:\Users\Sina\AppData\Local\NCSOFT 2014-06-11 13:47 - 2013-11-06 13:15 - 00000000 ____D () C:\Windows\System32\MRT 2014-06-11 13:45 - 2013-11-06 13:14 - 95414520 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-06-11 13:44 - 2014-05-06 18:16 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-06-08 10:13 - 2014-06-11 08:10 - 00506368 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-08 10:08 - 2014-06-11 08:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-06 18:39 - 2014-06-06 14:31 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\RIFT 2014-06-06 18:37 - 2014-06-06 18:37 - 00000000 ____D () C:\Users\Sina\Documents\RIFT 2014-06-06 14:31 - 2014-06-06 14:31 - 00000519 _____ () C:\Users\Sina\Desktop\RIFT.lnk 2014-06-03 12:11 - 2013-11-06 13:12 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-03 12:10 - 2014-06-03 12:10 - 00003836 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1383739938 2014-05-30 21:55 - 2013-11-06 13:32 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\TS3Client 2014-05-30 11:21 - 2014-06-11 08:10 - 23414784 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-05-30 11:02 - 2014-06-11 08:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-05-30 11:02 - 2014-06-11 08:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-05-30 10:45 - 2014-06-11 08:11 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-05-30 10:39 - 2014-06-11 08:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-05-30 10:39 - 2014-06-11 08:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-05-30 10:38 - 2014-06-11 08:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-05-30 10:28 - 2014-06-11 08:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-05-30 10:27 - 2014-06-11 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-05-30 10:24 - 2014-06-11 08:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-05-30 10:21 - 2014-06-11 08:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-05-30 10:21 - 2014-06-11 08:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-05-30 10:20 - 2014-06-11 08:10 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-05-30 10:18 - 2014-06-11 08:11 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 10:11 - 2014-06-11 08:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-05-30 10:08 - 2014-06-11 08:10 - 05782528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-05-30 10:06 - 2014-06-11 08:11 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-05-30 10:02 - 2014-06-11 08:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 09:55 - 2014-06-11 08:11 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-05-30 09:49 - 2014-06-11 08:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-05-30 09:46 - 2014-06-11 08:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-05-30 09:44 - 2014-06-11 08:10 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 09:44 - 2014-06-11 08:10 - 00295424 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-05-30 09:43 - 2014-06-11 08:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 09:42 - 2014-06-11 08:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 09:38 - 2014-06-11 08:11 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 09:35 - 2014-06-11 08:11 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-05-30 09:34 - 2014-06-11 08:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 09:33 - 2014-06-11 08:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 09:30 - 2014-06-11 08:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 09:29 - 2014-06-11 08:11 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-05-30 09:28 - 2014-06-11 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 09:27 - 2014-06-11 08:11 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 09:24 - 2014-06-11 08:10 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-05-30 09:23 - 2014-06-11 08:11 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-05-30 09:16 - 2014-06-11 08:11 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 09:10 - 2014-06-11 08:11 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 09:06 - 2014-06-11 08:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 09:04 - 2014-06-11 08:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 09:02 - 2014-06-11 08:11 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 08:56 - 2014-06-11 08:10 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 08:56 - 2014-06-11 08:10 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-05-30 08:54 - 2014-06-11 08:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 08:50 - 2014-06-11 08:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 08:49 - 2014-06-11 08:11 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 08:43 - 2014-06-11 08:10 - 13522944 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-05-30 08:40 - 2014-06-11 08:11 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 08:30 - 2014-06-11 08:11 - 01398272 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-05-30 08:21 - 2014-06-11 08:10 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 08:15 - 2014-06-11 08:11 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 08:13 - 2014-06-11 08:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-05-30 08:13 - 2014-06-11 08:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-30 00:00 - 2014-06-13 17:06 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2014-05-30 00:00 - 2014-06-13 17:06 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-05-29 23:59 - 2014-06-13 17:06 - 01715176 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll 2014-05-29 23:59 - 2014-06-13 17:06 - 01279480 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll 2014-05-27 22:25 - 2014-05-27 22:25 - 00000000 ____D () C:\Users\Sina\AppData\Roaming\NVIDIA 2014-05-27 12:33 - 2014-05-27 12:33 - 00003356 _____ () C:\Windows\PFRO.log 2014-05-27 12:28 - 2013-11-06 15:00 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys 2014-05-27 12:28 - 2013-11-06 15:00 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys 2014-05-27 07:16 - 2014-05-27 07:16 - 00000000 ____D () C:\Users\Sina\Desktop\Basteln 2014-05-27 07:15 - 2014-05-09 13:39 - 00000000 ____D () C:\Users\Sina\Desktop\fibro 2014-05-27 07:12 - 2013-11-06 12:03 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Toolbar 2014-05-27 07:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-05-26 21:59 - 2014-05-26 21:59 - 00048174 _____ () C:\cc_20140526_225951.reg 2014-05-26 21:58 - 2014-05-26 21:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-20 03:44 - 2014-06-13 17:22 - 31387936 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 12688328 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2014-05-20 03:44 - 2014-06-13 17:22 - 11644928 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 11599072 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 03141976 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 02785568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00895776 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00892704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00166568 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll 2014-05-20 03:44 - 2014-06-13 17:22 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-20 03:44 - 2014-05-27 07:01 - 00061216 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll 2014-05-20 03:44 - 2014-05-27 07:01 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 18531568 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 17480432 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 03109248 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-05-20 03:44 - 2014-05-26 22:59 - 00952952 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll 2014-05-20 03:44 - 2014-05-26 22:41 - 00026069 _____ () C:\Windows\System32\nvinfo.pb 2014-05-20 03:44 - 2014-05-26 18:21 - 01889112 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433788.dll 2014-05-20 03:44 - 2014-05-26 18:21 - 01541576 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433788.dll 2014-05-20 02:25 - 2014-05-27 07:01 - 06769096 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2014-05-20 02:25 - 2014-05-27 07:01 - 03514144 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2014-05-20 02:25 - 2014-05-27 07:01 - 02560968 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2014-05-20 02:25 - 2014-05-27 07:01 - 00927520 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2014-05-20 02:25 - 2014-05-27 07:01 - 00387528 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2014-05-20 02:25 - 2014-05-27 07:01 - 00062808 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2014-05-20 00:10 - 2014-06-13 17:28 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe Some content of TEMP: ==================== C:\Users\Sina\AppData\Local\Temp\avgnt.exe C:\Users\Sina\AppData\Local\Temp\nstB741.exe C:\Users\Sina\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Sina\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Sina\AppData\Local\Temp\nvStInst.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-06-14 12:30:18 ==================== BCD ================================ Windows-Start-Manager --------------------- Bezeichner {bootmgr} device partition=Y: description Windows Boot Manager locale de-DE inherit {globalsettings} default {default} resumeobject {0b58c657-4708-11e3-b942-cbd5f3884485} displayorder {default} toolsdisplayorder {memdiag} timeout 30 Windows-Startladeprogramm ------------------------- Bezeichner {default} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale de-DE inherit {bootloadersettings} recoverysequence {current} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {0b58c657-4708-11e3-b942-cbd5f3884485} nx OptIn Windows-Startladeprogramm ------------------------- Bezeichner {current} device ramdisk=[C:]\Recovery\0b58c659-4708-11e3-b942-cbd5f3884485\Winre.wim,{0b58c65a-4708-11e3-b942-cbd5f3884485} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\0b58c659-4708-11e3-b942-cbd5f3884485\Winre.wim,{0b58c65a-4708-11e3-b942-cbd5f3884485} systemroot \windows nx OptIn winpe Yes Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {0b58c657-4708-11e3-b942-cbd5f3884485} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale de-DE inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows-Speichertestprogramm ---------------------------- Bezeichner {memdiag} device partition=Y: path \boot\memtest.exe description Windows-Speicherdiagnose locale de-DE inherit {globalsettings} badmemoryaccess Yes EMS-Einstellungen ----------------- Bezeichner {emssettings} bootems Yes Debuggereinstellungen --------------------- Bezeichner {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM-Defekte ----------- Bezeichner {badmemory} Globale Einstellungen --------------------- Bezeichner {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Startladeprogramm-Einstellungen ------------------------------- Bezeichner {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisoreinstellungen ------------------- Bezeichner {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Einstellungen zur Ladeprogrammfortsetzung ----------------------------------------- Bezeichner {resumeloadersettings} inherit {globalsettings} Ger„teoptionen -------------- Bezeichner {0b58c65a-4708-11e3-b942-cbd5f3884485} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\0b58c659-4708-11e3-b942-cbd5f3884485\boot.sdi ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 4041 MB Available physical RAM: 3430.77 MB Total Pagefile: 4039.2 MB Available Pagefile: 3423.34 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:53.61 GB) (Free:9.25 GB) NTFS Drive e: () (Fixed) (Total:95.34 GB) (Free:4.23 GB) NTFS Drive g: (Volume) (Fixed) (Total:14.91 GB) (Free:9.99 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E072E072) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=54 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=95 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 34AA774D) Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS) LastRegBack: 2014-06-10 08:45 ==================== End Of Log ============================ |
18.06.2014, 06:12 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Hi,
__________________Geht einer der abgesicherten Modi?
__________________ |
18.06.2014, 17:16 | #3 |
| Windows 7 startet nicht mehr (bluescreen) Nein, geht leider keiner der 3
__________________ |
19.06.2014, 13:23 | #4 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter LastRegBack: 2014-06-10 08:45
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
19.06.2014, 21:15 | #5 |
| Windows 7 startet nicht mehr (bluescreen)Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014 Ran by SYSTEM at 2014-06-19 22:11:05 Run:1 Running from G:\ Boot Mode: Recovery ============================================== Content of fixlist: ***************** LastRegBack: 2014-06-10 08:45 ***************** DEFAULT hive was successfully copied to System32\config\HiveBackup DEFAULT hive was successfully restored from registry back up. SAM hive was successfully copied to System32\config\HiveBackup SAM hive was successfully restored from registry back up. SECURITY hive was successfully copied to System32\config\HiveBackup SECURITY hive was successfully restored from registry back up. SOFTWARE hive was successfully copied to System32\config\HiveBackup SOFTWARE hive was successfully restored from registry back up. SYSTEM hive was successfully copied to System32\config\HiveBackup SYSTEM hive was successfully restored from registry back up. ==== End of Fixlog ==== |
20.06.2014, 19:54 | #6 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Bootet der Rechner normal?
__________________ --> Windows 7 startet nicht mehr (bluescreen) |
20.06.2014, 20:57 | #7 |
| Windows 7 startet nicht mehr (bluescreen) immernoch bluescreen mit der mledung: virus detected |
21.06.2014, 21:00 | #8 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Screenshot davon bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
23.06.2014, 09:50 | #9 |
| Windows 7 startet nicht mehr (bluescreen) kein screenshot sondern foto.. |
23.06.2014, 18:51 | #10 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Da steht nur dass man unter anderem mal auf VIren checken soll. BlueScreenView - Download - Filepony Das laden, damit den aktuellsten Dump (wird automatisch angezogen) analysieren und Output hier posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
23.06.2014, 21:46 | #11 |
| Windows 7 startet nicht mehr (bluescreen) wie kann ich das programm installieren und starten, wenn ich windows nichtmal abgesichert starten kann? |
24.06.2014, 17:19 | #12 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) doof, mein Fehler Tja, geht letzte als funktionierend bekannte Version? Systemwiederherstellung?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
26.06.2014, 19:45 | #13 |
| Windows 7 startet nicht mehr (bluescreen) die letzte version funktioniert nicht und bei der systemwiederherstellung bekomme ich folgenden fehler: rstui.exe die anweisung in0xfb41584d verweist auf speicher 0x00000008. der vorgang read konnte nicht im speicher duchgeführt werden. |
27.06.2014, 11:25 | #14 |
/// the machine /// TB-Ausbilder | Windows 7 startet nicht mehr (bluescreen) Dann bleibt jetzt erstmal nix anderes wie mit Linux oder ähnlichem Daten zu sichern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.06.2014, 18:51 | #15 |
| Windows 7 startet nicht mehr (bluescreen) hmm hast nen tipp für irgentwas Linux-artiges, was man vom stick starten kann? am besten was mit grafischer oberfläche |
Themen zu Windows 7 startet nicht mehr (bluescreen) |
.dll, adobe, antivir, avg, avira, bluescreen, bootmgr, desktop, entfernen, explorer, flash player, geforce, kaspersky, nvbackend, nvidia, opera, realtek, registry, rundll, scan, services.exe, svchost.exe, system, tcp, usb, vonteera, windows, windows 7 startet nicht mehr, winlogon.exe |