Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: BKA Trojaner auf Win 7 64bit - bitte um Unterstützung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.04.2014, 12:09   #1
jf007
 
BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



Hallo Forum,

ich habe einen Win 7 64bit Rechner mit aktuellem BKA Trojaner.
Das Booten in den abgesicherten Modus geht nicht.

Habe daher einen Scan mit dem FRST Tool gemacht und dem Post angehängt.

Bitte um Eure Unterstützung !
Danke im voraus.

Alt 19.04.2014, 12:16   #2
schrauber
/// the machine
/// TB-Ausbilder
 

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 19.04.2014, 12:18   #3
jf007
 
BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



Sorry, wollte ich eigentlich auch machen.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by SYSTEM on MININT-KQM8646 on 19-04-2014 12:53:40
Running from J:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [362952 2010-03-27] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5141512 2010-03-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Willi\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\Willi\...\Run: [Google Update] => C:\Users\Willi\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-18] (Google Inc.)
Startup: C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\odgrbg1.lnk
ShortcutTarget: odgrbg1.lnk -> C:\ProgramData\2992199F9A\1gbrgdo.cpp (Krumbad, Inc)

==================== Services (Whitelisted) =================

S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1055288 2010-03-27] ()
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 Winmgmt; C:\ProgramData\2992199F9A\odgrbg1.faa [332020 2014-04-18] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-08-18] ()
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [246224 2009-12-07] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-08-18] ()
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology)
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2011-08-19] (Acronis)
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\acedrv11.sys A3769020F7E8A70FD3E824C050F33306
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\afcdp.sys D9A76E6E541E2E61C78140B65DB63E6A
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atksgt.sys B4BDE3F758A34658A37DFED3D9783CD8
C:\Windows\System32\DRIVERS\avgdiska.sys BE5047191368D2C014202AB2775768B7
C:\Windows\System32\DRIVERS\avgfwd6a.sys CA10D51653068DB6A0ADEEDDC4946C47
C:\Windows\System32\DRIVERS\avgidsdrivera.sys EE48CA8AB25E2B0EE3D3E5A463C5A37E
C:\Windows\System32\DRIVERS\avgidsha.sys 494D668B4CB866A1D6835E5F01B13EF1
C:\Windows\System32\DRIVERS\avgldx64.sys 4BE8BB177B4C2BC3564845EF6D1073F1
C:\Windows\System32\DRIVERS\avgloga.sys D3772CC086FB81F76B5A82C85E1C7C8E
C:\Windows\System32\DRIVERS\avgmfx64.sys A0BCE5DC2C1F1EE5C1CA19A33375AC23
C:\Windows\System32\DRIVERS\avgrkx64.sys 12FAAF366975B2BF2E93F1866C0E480D
C:\Windows\System32\DRIVERS\avgtdia.sys 4E364FABBD147F59E5D524C9EA86D772
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\System32\DRIVERS\e1c62x64.sys 60633132A929C09FE78FAB16541F9E71
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbnet.sys 8ADACFFAD67394C711698EA074CE3BAB
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys D969D0E26C5B1E813B17066A8318D5D4
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbdev.sys B45B3647BA32749B94FA689175EC8C26
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D1753C06EE17E29352B065EACF3F10D0
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys ACACD1B925D448558C1C9D0258749451
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys ED7EC050CD6C20E1A93A4DAFB7EFD14D
C:\Windows\System32\DRIVERS\LHidEqd.Sys 3267BC698E29474A8381E68904EB0390
C:\Windows\System32\DRIVERS\LHidFilt.Sys 241F2648ADF090E2A10095BD6D6F5DCB
C:\Windows\System32\DRIVERS\lirsgt.sys 955982BF4421B77722196552B62E8DC2
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys 342ED5A4B3326014438F36D22D803737
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 830708A5CC0A19196C1DC205BED5A3A8
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 01266516E6E88D183A2B58722EEB4443
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5EC04F55CC5F165F21752712437DF638
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys 757ACE4D4C9FF0571F86AA5D586B45E8
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys 939C0FAE9CC0CDD69E6508BDE4C11FE5
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\prohlp02.sys 150307B52807D0C493C605AB913038AD
C:\Windows\SysWOW64\drivers\prosync1.sys F3471E7971EE62420451D958DA635064
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8192su.sys B3F36B4B3F192EA87DDC119F3A0B3E45
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\sfhlp01.sys 462AEE0EA0481EA8BD45CAC876A4CCC4
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys 0775CB5147953CCE129BC3414740D109
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdrpm258.sys BF7AC81DF6FBE09438D9DC7188178EA9
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\timntr.sys 2C1CAF5563548A15515EAB07D2A069C6
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 12:52 - 2014-04-19 12:53 - 00000000 ____D () C:\FRST
2014-04-18 04:57 - 2014-04-18 04:57 - 00266320 _____ () C:\Windows\Minidump\041814-73741-01.dmp
2014-04-18 03:19 - 2014-04-19 01:32 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-18 00:55 - 2014-04-18 00:55 - 00266320 _____ () C:\Windows\Minidump\041814-64210-01.dmp
2014-04-18 00:50 - 2014-04-18 00:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-18 00:50 - 2014-04-18 00:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-18 00:44 - 2014-04-18 00:44 - 00000000 __SHD () C:\Users\Willi\AppData\Local\EmieUserList
2014-04-18 00:44 - 2014-04-18 00:44 - 00000000 __SHD () C:\Users\Willi\AppData\Local\EmieSiteList
2014-04-17 09:52 - 2014-04-17 09:52 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-04-17 09:52 - 2014-04-17 09:52 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\AVG2014
2014-04-17 09:50 - 2014-04-17 09:52 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-17 09:50 - 2014-04-17 09:50 - 00000000 ___HD () C:\$AVG
2014-04-17 09:49 - 2014-04-17 09:49 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-17 09:48 - 2014-04-18 21:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-17 09:48 - 2014-04-17 10:02 - 00000000 ____D () C:\Users\Willi\AppData\Local\Avg2014
2014-04-17 09:48 - 2014-04-17 09:48 - 00000000 ____D () C:\Users\Willi\AppData\Local\MFAData
2014-04-17 09:46 - 2014-04-17 09:46 - 00865928 _____ () C:\Users\Willi\Downloads\drivedetect (1).exe
2014-04-17 09:29 - 2014-04-17 09:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-17 09:28 - 2014-04-17 09:28 - 26771088 _____ () C:\Users\Willi\Downloads\SeaToolsforWindowsSetup.exe
2014-04-17 09:15 - 2014-04-17 09:15 - 00523576 _____ () C:\Windows\Minidump\041714-40997-01.dmp
2014-04-17 06:26 - 2014-04-17 06:26 - 00663992 _____ () C:\Windows\Minidump\041714-25958-01.dmp
2014-04-17 01:46 - 2014-03-06 02:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-17 01:46 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-17 01:46 - 2014-03-06 01:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-04-17 01:46 - 2014-03-06 01:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 01:46 - 2014-03-06 00:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-04-17 01:46 - 2014-03-06 00:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-04-17 01:46 - 2014-03-06 00:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-04-17 01:46 - 2014-03-06 00:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-17 01:46 - 2014-03-06 00:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-04-17 01:46 - 2014-03-06 00:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-04-17 01:46 - 2014-03-06 00:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 01:46 - 2014-03-06 00:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-04-17 01:46 - 2014-03-06 00:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-04-17 01:46 - 2014-03-06 00:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-04-17 01:46 - 2014-03-06 00:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-04-17 01:46 - 2014-03-06 00:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-04-17 01:46 - 2014-03-06 00:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-04-17 01:46 - 2014-03-06 00:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-04-17 01:46 - 2014-03-06 00:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-04-17 01:46 - 2014-03-06 00:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 01:46 - 2014-03-06 00:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 01:46 - 2014-03-06 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 01:46 - 2014-03-05 23:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-04-17 01:46 - 2014-03-05 23:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-04-17 01:46 - 2014-03-05 23:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 01:46 - 2014-03-05 23:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 01:46 - 2014-03-05 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 01:46 - 2014-03-05 23:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 01:46 - 2014-03-05 23:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-04-17 01:46 - 2014-03-05 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 01:46 - 2014-03-05 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 01:46 - 2014-03-05 23:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 01:46 - 2014-03-05 23:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 01:46 - 2014-03-05 23:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-04-17 01:46 - 2014-03-05 23:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 01:46 - 2014-03-05 23:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-04-17 01:46 - 2014-03-05 23:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 01:46 - 2014-03-05 23:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 01:46 - 2014-03-05 22:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-04-17 01:46 - 2014-03-05 22:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 01:46 - 2014-03-05 22:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 01:46 - 2014-03-05 22:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 01:46 - 2014-03-05 22:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-17 01:46 - 2014-03-05 21:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-17 01:46 - 2014-03-05 21:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-04-17 01:46 - 2014-03-05 21:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 01:46 - 2014-03-05 21:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 01:46 - 2014-03-05 21:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-17 01:41 - 2014-04-17 01:41 - 00747896 _____ () C:\Windows\Minidump\041714-29983-01.dmp
2014-04-16 09:58 - 2014-04-16 09:58 - 00000000 ____D () C:\Users\Willi\AppData\Local\NVIDIA Corporation
2014-04-16 09:56 - 2014-04-16 09:58 - 00000000 ____D () C:\Users\Willi\AppData\Local\NVIDIA
2014-04-16 09:56 - 2014-02-05 01:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-16 09:56 - 2014-02-05 01:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2014-04-16 09:55 - 2014-04-16 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-16 09:54 - 2014-03-04 03:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-16 09:51 - 2014-03-04 06:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-04-16 09:51 - 2014-03-04 06:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433523.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433523.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2014-04-16 09:51 - 2014-03-04 06:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-16 09:51 - 2013-12-27 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2014-04-16 09:51 - 2013-12-27 10:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2014-04-16 09:51 - 2013-12-27 10:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-16 09:51 - 2013-11-28 05:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-04-16 09:51 - 2013-11-28 05:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2014-04-16 09:49 - 2014-04-16 09:49 - 00000000 ____D () C:\NVIDIA
2014-04-16 09:13 - 2014-04-16 09:13 - 00714248 _____ () C:\Windows\Minidump\041614-24320-01.dmp
2014-04-15 13:09 - 2014-04-15 13:09 - 00476984 _____ () C:\Windows\Minidump\041514-24164-01.dmp
2014-04-14 02:56 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-14 02:56 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-04-14 02:56 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-04-14 02:56 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-04-14 02:56 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-04-14 02:56 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 02:56 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 02:56 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 02:56 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 02:56 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 02:56 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 02:56 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-04-14 02:56 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-04-14 02:56 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-04-14 02:56 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-04-14 02:56 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 02:56 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-04-14 02:52 - 2014-04-14 02:52 - 01071360 _____ (Solid State Networks) C:\Users\Willi\Downloads\install_flashplayer13x32axau_mssa_aaa_aih.exe
2014-04-05 08:03 - 2014-04-05 08:03 - 00618856 _____ () C:\Windows\Minidump\040514-28719-01.dmp
2014-04-05 07:39 - 2014-04-05 07:39 - 00627888 _____ () C:\Windows\Minidump\040514-24164-01.dmp
2014-04-03 11:21 - 2014-04-05 08:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-03 09:34 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-03 09:34 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-04-03 09:23 - 2014-04-18 21:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 09:23 - 2014-04-03 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-03 09:22 - 2014-04-03 09:22 - 00266320 _____ () C:\Windows\Minidump\040314-24866-01.dmp
2014-03-29 11:49 - 2013-10-01 18:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2014-03-29 11:49 - 2013-10-01 18:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-29 11:49 - 2013-10-01 18:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-29 11:49 - 2013-10-01 17:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2014-03-29 11:49 - 2013-10-01 17:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2014-03-29 11:49 - 2013-10-01 17:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-03-29 11:49 - 2013-10-01 17:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-03-29 11:49 - 2013-10-01 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2014-03-29 11:49 - 2013-10-01 16:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-29 11:49 - 2013-10-01 16:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-29 11:49 - 2013-10-01 16:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-03-29 11:49 - 2013-10-01 16:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2014-03-29 11:49 - 2013-10-01 15:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-29 11:49 - 2013-10-01 15:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-03-29 11:49 - 2013-10-01 15:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-29 11:49 - 2013-10-01 14:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-29 11:49 - 2012-08-23 06:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2014-03-29 11:49 - 2012-08-23 05:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-03-29 11:48 - 2012-08-23 06:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2014-03-29 11:48 - 2012-08-23 03:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-29 11:48 - 2012-08-23 02:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2014-03-29 11:48 - 2012-08-23 01:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2014-03-29 11:44 - 2013-09-24 18:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-03-29 11:44 - 2013-09-24 17:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-29 11:44 - 2012-05-04 03:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2014-03-29 11:44 - 2012-05-04 01:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-29 11:37 - 2013-10-14 09:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2014-03-29 11:33 - 2014-03-29 11:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-29 11:33 - 2014-03-29 11:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-03-29 11:33 - 2014-03-29 11:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-03-29 11:33 - 2014-03-29 11:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-29 11:33 - 2014-03-29 11:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-03-29 11:33 - 2014-03-29 11:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-29 11:33 - 2014-03-29 11:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2014-04-19 12:53 - 2014-04-19 12:52 - 00000000 ____D () C:\FRST
2014-04-19 01:41 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 01:41 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 01:39 - 2012-03-27 10:10 - 00065542 _____ () C:\Windows\setupact.log
2014-04-19 01:39 - 2011-08-18 08:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-19 01:39 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 01:34 - 2011-08-18 08:32 - 01145281 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 01:32 - 2014-04-18 03:19 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-04-19 01:32 - 2014-02-17 02:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-19 01:32 - 2011-08-18 13:04 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-04-19 01:32 - 2011-08-18 13:04 - 00002216 _____ () C:\Windows\LkmdfCoInst.log
2014-04-18 21:08 - 2014-04-17 09:48 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-18 21:08 - 2014-04-03 09:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 04:57 - 2014-04-18 04:57 - 00266320 _____ () C:\Windows\Minidump\041814-73741-01.dmp
2014-04-18 04:57 - 2011-09-01 06:25 - 00000000 ____D () C:\Windows\Minidump
2014-04-18 04:56 - 2012-03-30 00:56 - 214228414 _____ () C:\Windows\MEMORY.DMP
2014-04-18 03:57 - 2011-08-18 22:27 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2464191078-3577542780-1301157068-1000UA.job
2014-04-18 00:59 - 2010-05-12 00:18 - 00699416 _____ () C:\Windows\System32\perfh007.dat
2014-04-18 00:59 - 2010-05-12 00:18 - 00149556 _____ () C:\Windows\System32\perfc007.dat
2014-04-18 00:59 - 2009-07-13 21:13 - 01620612 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-18 00:55 - 2014-04-18 00:55 - 00266320 _____ () C:\Windows\Minidump\041814-64210-01.dmp
2014-04-18 00:50 - 2014-04-18 00:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-18 00:50 - 2014-04-18 00:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-18 00:44 - 2014-04-18 00:44 - 00000000 __SHD () C:\Users\Willi\AppData\Local\EmieUserList
2014-04-18 00:44 - 2014-04-18 00:44 - 00000000 __SHD () C:\Users\Willi\AppData\Local\EmieSiteList
2014-04-18 00:44 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-04-17 17:49 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-04-17 10:38 - 2011-08-18 23:06 - 00007599 _____ () C:\Users\Willi\AppData\Local\Resmon.ResmonCfg
2014-04-17 10:37 - 2011-08-18 09:11 - 00000000 ____D () C:\Install
2014-04-17 10:19 - 2011-08-18 10:16 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-17 10:02 - 2014-04-17 09:48 - 00000000 ____D () C:\Users\Willi\AppData\Local\Avg2014
2014-04-17 09:52 - 2014-04-17 09:52 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-04-17 09:52 - 2014-04-17 09:52 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\AVG2014
2014-04-17 09:52 - 2014-04-17 09:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-17 09:50 - 2014-04-17 09:50 - 00000000 ___HD () C:\$AVG
2014-04-17 09:49 - 2014-04-17 09:49 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-17 09:48 - 2014-04-17 09:48 - 00000000 ____D () C:\Users\Willi\AppData\Local\MFAData
2014-04-17 09:46 - 2014-04-17 09:46 - 00865928 _____ () C:\Users\Willi\Downloads\drivedetect (1).exe
2014-04-17 09:29 - 2014-04-17 09:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-17 09:28 - 2014-04-17 09:28 - 26771088 _____ () C:\Users\Willi\Downloads\SeaToolsforWindowsSetup.exe
2014-04-17 09:24 - 2012-06-11 01:47 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2012
2014-04-17 09:15 - 2014-04-17 09:15 - 00523576 _____ () C:\Windows\Minidump\041714-40997-01.dmp
2014-04-17 06:26 - 2014-04-17 06:26 - 00663992 _____ () C:\Windows\Minidump\041714-25958-01.dmp
2014-04-17 01:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-17 01:41 - 2014-04-17 01:41 - 00747896 _____ () C:\Windows\Minidump\041714-29983-01.dmp
2014-04-17 01:41 - 2011-08-18 21:17 - 00028568 _____ () C:\Windows\PFRO.log
2014-04-16 09:58 - 2014-04-16 09:58 - 00000000 ____D () C:\Users\Willi\AppData\Local\NVIDIA Corporation
2014-04-16 09:58 - 2014-04-16 09:56 - 00000000 ____D () C:\Users\Willi\AppData\Local\NVIDIA
2014-04-16 09:58 - 2011-08-18 08:50 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-16 09:56 - 2011-08-18 08:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-16 09:56 - 2011-08-18 08:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-16 09:55 - 2014-04-16 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-16 09:49 - 2014-04-16 09:49 - 00000000 ____D () C:\NVIDIA
2014-04-16 09:13 - 2014-04-16 09:13 - 00714248 _____ () C:\Windows\Minidump\041614-24320-01.dmp
2014-04-15 13:09 - 2014-04-15 13:09 - 00476984 _____ () C:\Windows\Minidump\041514-24164-01.dmp
2014-04-14 02:59 - 2014-03-02 06:46 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-14 02:57 - 2011-08-18 11:54 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-14 02:52 - 2014-04-14 02:52 - 01071360 _____ (Solid State Networks) C:\Users\Willi\Downloads\install_flashplayer13x32axau_mssa_aaa_aih.exe
2014-04-13 08:48 - 2014-03-02 07:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-05 08:14 - 2014-04-03 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-05 08:03 - 2014-04-05 08:03 - 00618856 _____ () C:\Windows\Minidump\040514-28719-01.dmp
2014-04-05 07:44 - 2013-12-06 07:32 - 00004096 _____ () C:\Users\Public\Documents\00001726.LCS
2014-04-05 07:44 - 2013-12-06 07:32 - 00000000 ____D () C:\Users\Willi\AppData\Roaming\ProtectDISC
2014-04-05 07:44 - 2013-12-06 07:29 - 00002102 _____ () C:\Users\Public\Desktop\Patrizier IV.lnk
2014-04-05 07:39 - 2014-04-05 07:39 - 00627888 _____ () C:\Windows\Minidump\040514-24164-01.dmp
2014-04-04 05:57 - 2011-08-18 22:27 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2464191078-3577542780-1301157068-1000Core.job
2014-04-04 05:42 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-03 09:23 - 2014-04-03 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-03 09:23 - 2012-06-09 00:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-03 09:23 - 2011-08-18 09:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-03 09:22 - 2014-04-03 09:22 - 00266320 _____ () C:\Windows\Minidump\040314-24866-01.dmp
2014-03-30 05:52 - 2011-08-18 22:27 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2464191078-3577542780-1301157068-1000UA
2014-03-30 05:52 - 2011-08-18 22:27 - 00003698 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2464191078-3577542780-1301157068-1000Core
2014-03-29 11:48 - 2011-08-18 10:16 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-29 11:37 - 2014-03-02 06:19 - 00016808 _____ () C:\Windows\IE11_main.log
2014-03-29 11:33 - 2014-03-29 11:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-29 11:33 - 2014-03-29 11:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-03-29 11:33 - 2014-03-29 11:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-03-29 11:33 - 2014-03-29 11:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-29 11:33 - 2014-03-29 11:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-03-29 11:33 - 2014-03-29 11:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-29 11:33 - 2014-03-29 11:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-29 11:33 - 2014-03-29 11:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-03-29 11:33 - 2014-03-29 11:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-22 01:08 - 2011-08-18 11:58 - 00000000 ____D () C:\Users\Willi\AppData\Local\Thunderbird

Some content of TEMP:
====================
C:\Users\Willi\AppData\Local\Temp\nvStInst.exe
C:\Users\Willi\AppData\Local\Temp\~+JF1085106264378137296.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2012-08-01 01:57:11
Restore point made on: 2012-08-21 06:54:37
Restore point made on: 2012-08-22 07:06:40
Restore point made on: 2012-08-22 07:16:17
Restore point made on: 2012-08-26 07:38:12
Restore point made on: 2012-10-05 23:57:42
Restore point made on: 2012-11-13 10:14:06
Restore point made on: 2013-01-07 01:24:37
Restore point made on: 2013-01-19 03:55:43
Restore point made on: 2013-03-16 02:52:16
Restore point made on: 2013-03-29 07:09:40
Restore point made on: 2013-06-28 07:50:05
Restore point made on: 2013-07-06 04:23:41
Restore point made on: 2013-11-02 02:58:31
Restore point made on: 2013-11-22 07:50:26
Restore point made on: 2013-12-06 07:16:54
Restore point made on: 2013-12-06 07:18:43
Restore point made on: 2013-12-16 03:58:07
Restore point made on: 2013-12-24 02:43:37
Restore point made on: 2013-12-30 23:48:06
Restore point made on: 2013-12-30 23:51:23
Restore point made on: 2013-12-30 23:53:38
Restore point made on: 2013-12-30 23:55:52
Restore point made on: 2013-12-30 23:58:40
Restore point made on: 2014-01-16 10:06:14
Restore point made on: 2014-02-13 20:52:15
Restore point made on: 2014-02-17 02:13:19
Restore point made on: 2014-02-17 02:59:40
Restore point made on: 2014-02-17 07:04:11
Restore point made on: 2014-02-27 11:33:47
Restore point made on: 2014-02-28 03:37:46
Restore point made on: 2014-02-28 03:40:10
Restore point made on: 2014-02-28 03:57:14
Restore point made on: 2014-02-28 04:04:10
Restore point made on: 2014-03-02 05:11:03
Restore point made on: 2014-03-05 10:27:38
Restore point made on: 2014-03-06 22:15:30
Restore point made on: 2014-03-07 22:59:07
Restore point made on: 2014-03-14 07:45:12
Restore point made on: 2014-03-15 04:58:08
Restore point made on: 2014-03-15 23:56:38
Restore point made on: 2014-03-20 11:01:13
Restore point made on: 2014-03-26 09:03:38
Restore point made on: 2014-03-29 11:30:14
Restore point made on: 2014-03-29 11:45:58
Restore point made on: 2014-04-03 05:11:55
Restore point made on: 2014-04-03 09:35:30
Restore point made on: 2014-04-13 09:00:10
Restore point made on: 2014-04-14 02:57:12
Restore point made on: 2014-04-16 09:56:48
Restore point made on: 2014-04-17 01:46:02
Restore point made on: 2014-04-17 09:24:01
Restore point made on: 2014-04-17 09:25:15
Restore point made on: 2014-04-17 09:29:46
Restore point made on: 2014-04-17 09:49:41
Restore point made on: 2014-04-17 09:50:18
Restore point made on: 2014-04-17 10:31:02
Restore point made on: 2014-04-17 18:03:25
Restore point made on: 2014-04-17 18:03:28
Restore point made on: 2014-04-17 18:03:30
Restore point made on: 2014-04-17 18:03:34
Restore point made on: 2014-04-17 18:03:41

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {6c8c50d4-221d-11d7-a5be-f46f4567ea35}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {6c8c50d2-221d-11d7-a5be-f46f4567ea35}
device                  ramdisk=[C:]\Recovery\6c8c50d2-221d-11d7-a5be-f46f4567ea35\Winre.wim,{6c8c50d3-221d-11d7-a5be-f46f4567ea35}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\6c8c50d2-221d-11d7-a5be-f46f4567ea35\Winre.wim,{6c8c50d3-221d-11d7-a5be-f46f4567ea35}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {6c8c50d4-221d-11d7-a5be-f46f4567ea35}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\6c8c50d6-221d-11d7-a5be-f46f4567ea35\Winre.wim,{6c8c50d7-221d-11d7-a5be-f46f4567ea35}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\6c8c50d6-221d-11d7-a5be-f46f4567ea35\Winre.wim,{6c8c50d7-221d-11d7-a5be-f46f4567ea35}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {6c8c50d4-221d-11d7-a5be-f46f4567ea35}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {6c8c50d7-221d-11d7-a5be-f46f4567ea35}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\6c8c50d6-221d-11d7-a5be-f46f4567ea35\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 4077.64 MB
Available physical RAM: 3375.11 MB
Total Pagefile: 4075.79 MB
Available Pagefile: 3354.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1831.92 GB) (Free:1588.67 GB) NTFS
Drive e: (Recover) (Fixed) (Total:30 GB) (Free:9.14 GB) NTFS
Drive j: (PNYUSB_16GB) (Removable) (Total:14.62 GB) (Free:14.62 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-232017362944) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 6E652072)
No partition Table on disk 4.


LastRegBack: 2014-04-17 17:42

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 19.04.2014, 19:43   #4
schrauber
/// the machine
/// TB-Ausbilder
 

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



hi,

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Startup: C:\Users\Willi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\odgrbg1.lnk
ShortcutTarget: odgrbg1.lnk -> C:\ProgramData\2992199F9A\1gbrgdo.cpp (Krumbad, Inc)
S2 Winmgmt; C:\ProgramData\2992199F9A\odgrbg1.faa [332020 2014-04-18] (Microsoft Corporation)
2014-04-18 03:19 - 2014-04-19 01:32 - 00000000 ____D () C:\ProgramData\2992199F9A
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


Rechner normal starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.04.2014, 07:34   #5
jf007
 
BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



Guten Morgen Schrauber,

ich habe gestern noch in einem anderen Board Hilfe gefunden.
Der Rechner läuft soweit wieder.

Sorry, aber es war wirklich dringend.
Schliesslich soll ja heute jeder Ostereier suchen können.

Trotzdem nochmal recht herzlichen Dank !

jf007


Alt 20.04.2014, 18:21   #6
schrauber
/// the machine
/// TB-Ausbilder
 

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Standard

BKA Trojaner auf Win 7 64bit - bitte um Unterstützung



ok.
__________________
--> BKA Trojaner auf Win 7 64bit - bitte um Unterstützung

Antwort

Themen zu BKA Trojaner auf Win 7 64bit - bitte um Unterstützung
64bit, abgesicherte, abgesicherten, abgesicherten modus, aktuellem, bka trojaner, booten, forum, modus, rechner, scan, tool, troja, trojaner, unterstützung, win, win 7, win 7 64bit



Ähnliche Themen: BKA Trojaner auf Win 7 64bit - bitte um Unterstützung


  1. Weißer Bildschirm, bitte um Profi Unterstützung.
    Log-Analyse und Auswertung - 13.05.2013 (11)
  2. Trojaner-Schnäppchen mit Windows-8-Unterstützung
    Nachrichten - 31.10.2012 (0)
  3. Trojaner AT/ATRAPS.GEN2, Unterstützung beim entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (39)
  4. GVU-Trojaner mit Webcam - Bitte um Unterstützung
    Plagegeister aller Art und deren Bekämpfung - 02.08.2012 (12)
  5. SMART HDD Trojaner .... benötige Unterstützung ...
    Plagegeister aller Art und deren Bekämpfung - 16.06.2012 (33)
  6. verdacht auf virenbefall bitte um unterstützung
    Log-Analyse und Auswertung - 06.06.2012 (5)
  7. Bitte um ein wenig Unterstützung!Danke im Vorraus.
    Mülltonne - 15.02.2008 (1)
  8. BAT/Fake.Privdanger Bitte um eure Unterstützung
    Plagegeister aller Art und deren Bekämpfung - 14.01.2008 (11)
  9. Bitte um Unterstützung / CoolWWWSearch
    Log-Analyse und Auswertung - 13.01.2008 (55)
  10. Bitte um Auswertung - Vista 64BIT
    Log-Analyse und Auswertung - 13.12.2007 (5)
  11. Bitte um Auswertung und Unterstützung
    Log-Analyse und Auswertung - 01.02.2007 (7)
  12. Bitte um Unterstützung -
    Log-Analyse und Auswertung - 03.01.2006 (3)
  13. Bitte um Unterstützung bei Systemreinigung
    Log-Analyse und Auswertung - 30.09.2005 (3)
  14. bitte um unterstützung - auswertung
    Log-Analyse und Auswertung - 08.08.2005 (7)
  15. bitte um unterstützung TR/Dldr.small.alr.1
    Log-Analyse und Auswertung - 02.08.2005 (2)
  16. Bitte um Unterstützung !!!
    Log-Analyse und Auswertung - 22.04.2005 (6)
  17. Bitte um Unterstützung
    Log-Analyse und Auswertung - 22.04.2005 (1)

Zum Thema BKA Trojaner auf Win 7 64bit - bitte um Unterstützung - Hallo Forum, ich habe einen Win 7 64bit Rechner mit aktuellem BKA Trojaner. Das Booten in den abgesicherten Modus geht nicht. Habe daher einen Scan mit dem FRST Tool gemacht - BKA Trojaner auf Win 7 64bit - bitte um Unterstützung...
Archiv
Du betrachtest: BKA Trojaner auf Win 7 64bit - bitte um Unterstützung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.