| |
| |||||||
Log-Analyse und Auswertung: Virus: Win64/Patched.A in c:\windows\system32\services.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.07.2014, 08:16
| #1 |
 |  Virus: Win64/Patched.A in c:\windows\system32\services.exe Hi! Ich habe meinen Virenschutz (AVG free) deaktiviert und versehentlich erst ein paar Tage später (gestern) wieder aktiviert. Sofort nach der Aktivierung hat AVG den Virus festgestellt. Seitdem erkennt mein Antivirus auch ständig neue infizierte Dateien wie zB: Trojaner: Generic36.GFX Objektname: c:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\U\80000064.@ Prozessname: c:\Windows\System32\services.exe oder Trojaner: Generic35.ATTI Sogar wenn ich zum Beispiel das Programm "Raidcall" (ähnlich wie Teamspeak) starte, teilt mir AVG mit, dass der Virus "Luhe.Sirefef.A" im Prozess "\raidcall.exe" läuft. Bis auf die "services.exe" lassen sich die Infizierungen mit AVG beheben, werden aber immer wieder neu infiziert und alle paar Minuten wird mir eine neue Virusmeldung angezeigt. mfg Defendor Gmer.txt: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-22 08:04:42
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\00000077 ST3000DM rev.CC29 2794,52GB
Running: Gmer-19357.exe; Driver: C:\Users\Jinoru\AppData\Local\Temp\kfdiqpog.sys
---- User code sections - GMER 2.1 ----
.reloc C:\Windows\system32\services.exe [576] section is executable [0x4A8, 0xA0000020] 0000000100052000
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075741465 2 bytes [74, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000757414bb 2 bytes [74, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\services.exe [576:944] 00000000001a1e58
Thread [1360:1424] 0000000075067587
Thread [1360:1436] 00000000749b79e0
Thread [1360:1440] 0000000074cc4e50
Thread [1360:1504] 0000000074cc4c30
Thread [1360:1508] 0000000074adb470
Thread [1360:1524] 0000000074ae0850
Thread [1360:1528] 0000000074adf810
Thread [1360:2800] 0000000077312e65
Thread [1360:4052] 000000006f1cef8b
Thread [1360:4036] 000000006f1cef8b
Thread [1360:6712] 00000000741c62ee
Thread [1360:5892] 0000000077313e85
Thread [1360:6124] 0000000077313e85
---- Processes - GMER 2.1 ----
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\wininit.exe [1008] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1188] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [1312] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1548] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1856] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [2208] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2828] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 00000000741c0000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2932] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [3564] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [3720] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 000007fefbd20000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\iSafe\ipcdl.exe [4056] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 00000000741c0000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5012] (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation SIGNED)(2014-06-05 01:50:31) 00000000741c0000
---- EOF - GMER 2.1 ----
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Jinoru at 2014-07-22 07:43:16
Running from C:\Users\Jinoru\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\QWdlb2ZNeXRob2xvZ3lFeHRlbmRlZEVkaXRpb24=_is1) (Version: 1 - )
AGEIA PhysX v7.03.21 (HKLM-x32\...\{85EBB283-65AF-4C53-9EBE-7C0A232762F7}) (Version: 7.03.21 - AGEIA Technologies, Inc.)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{CE42CFF5-F477-D440-6CFB-6CBAE0008B91}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2011.1109.2212.39826 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.61109.2218 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.1109.2212.39826 - Ihr Firmenname) Hidden
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1109.2211.39826 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CorsixTH 0.30 (HKLM-x32\...\CorsixTH) (Version: 0.30 - CorsixTH Team)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.6 - Echobit, LLC)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
IsoBuster 3.3 (HKLM-x32\...\IsoBuster_is1) (Version: 3.3 - Smart Projects)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Livestreamer 1.8.2 (HKLM-x32\...\Livestreamer) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Microsoft .NET Framework 4.5.2 (DEU) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office15.Click2Run) (Version: 15.0.2621.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 15.0.2621.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PSPdisp v0.6 (HKLM-x32\...\PSPdisp) (Version: v0.6 - JJS)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Steamless Half-Life 2 Stand-Alone (HKLM-x32\...\Steamless Half-Life 2 Stand-Alone) (Version: 1.0 - Steamless)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V - Skyrim (HKLM-x32\...\The Elder Scrolls V - Skyrim_is1) (Version: - )
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (HKLM-x32\...\VGhlIEVsZGVyIFNjcm9sbHMgViBTa3lyaW0gRHJhZ29uYm9y~2F14EC6B_is1) (Version: 1 - )
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version: 1.0 - ENiGMA)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.2 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Vegas Pro 11.0 (64-bit) (HKLM\...\{44A79F1E-8DF7-11E1-80E3-F04DA23A5C58}) (Version: 11.0.683 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wecker für Windows 6.5 (HKLM-x32\...\{FFDC4005-E968-498D-93C8-CC148742167D}}_is1) (Version: 6.5 - Christoph Bünger Software)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
Yet Another Cleaner! (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {78ED405F-7CFC-41B8-93C7-6AE270D17CA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {82330C32-C463-4E71-9BE7-01A85134ECD2} - System32\Tasks\Speedial => C:\Users\Jinoru\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {9CD4E5A3-32E7-451F-B9A7-780A950B7BD0} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
Task: {BD57F15A-C6F9-47A0-8BFF-DB2CB91AC60C} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {E9AD3578-18C0-4A17-9007-30E48B2FE266} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {EB5FE1C0-B0B0-436D-B526-58627F26EEED} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: C:\Windows\Tasks\Speedial.job => C:\Users\Jinoru\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-06-05 03:50 - 2014-06-05 03:50 - 00327168 _____ () C:\Windows\system32\mswsock.dll
2014-06-05 03:50 - 2014-06-05 03:50 - 00327168 _____ () C:\Windows\system32\MSWSOCK.dll
2011-11-09 22:09 - 2011-11-09 22:09 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-08-07 10:06 - 2011-08-07 10:06 - 00624128 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-08-07 10:06 - 2011-08-07 10:06 - 03641344 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-22 05:34 - 2014-07-16 11:34 - 02228896 _____ () C:\Program Files (x86)\iSafe\ipcdl.exe
2014-07-22 05:34 - 2014-07-16 11:34 - 00065696 _____ () C:\Program Files (x86)\iSafe\zlib1.dll
2014-07-22 05:34 - 2014-07-16 11:34 - 00092320 _____ () C:\Program Files (x86)\iSafe\curlpp.dll
2014-07-22 05:34 - 2014-07-16 11:34 - 00427168 _____ () C:\Program Files (x86)\iSafe\ipcproxy.dll
2014-07-22 05:34 - 2014-07-09 14:48 - 00176976 _____ () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-07-22 05:34 - 2014-07-09 14:48 - 00068432 _____ () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-07-22 05:34 - 2014-07-09 14:48 - 00087744 _____ () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-07-22 05:34 - 2014-07-16 11:34 - 00185640 _____ () C:\Program Files (x86)\iSafe\libpng.dll
2014-07-22 03:44 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-07-22 03:44 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-07-22 03:44 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-07-22 03:44 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-07-22 03:44 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-07-22 03:44 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-07-22 03:44 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-06-18 10:10 - 2014-06-18 10:10 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-14 18:01 - 2014-07-14 18:01 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2013-03-05 16:30 - 2013-03-05 16:30 - 00090112 _____ () C:\Program Files (x86)\RaidCall\crashreport.dll
2014-05-27 16:46 - 2014-05-27 16:46 - 00221184 _____ () C:\Program Files (x86)\RaidCall\skin.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^Users^Jinoru^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PSPdisp.lnk => C:\Windows\pss\PSPdisp.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jinoru^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wecker für Windows 6.lnk => C:\Windows\pss\Wecker für Windows 6.lnk.Startup
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: EvolveClient => C:\Program Files\Echobit\Evolve\EvolveClient.exe -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2014 07:43:17 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (07/22/2014 07:43:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (07/22/2014 07:01:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 05:39:15 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Files (x86)\IObit\Driver Booster\DriverBooster.exe"; Beschreibung = Driver Booster : AMD High Definition Audio Device; Fehler = 0x80042302).
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Anbieterverwaltungsschnittstelle wird abgerufen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {00000000-0000-0000-0000-000000000000}
Snapshotkontext: -1
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Anbieterverwaltungsschnittstelle wird abgerufen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {00000000-0000-0000-0000-000000000000}
Snapshotkontext: -1
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Error: (07/22/2014 05:26:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 04:15:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 03:40:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/22/2014 07:02:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UrlFilter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1753
Error: (07/22/2014 07:01:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/22/2014 07:01:29 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (07/22/2014 07:01:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/22/2014 07:01:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (07/22/2014 07:01:24 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/22/2014 07:01:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (07/22/2014 07:01:17 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (07/22/2014 05:42:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (07/22/2014 05:42:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (07/22/2014 07:43:17 AM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (07/22/2014 07:43:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (07/22/2014 07:01:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 05:39:15 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Files (x86)\IObit\Driver Booster\DriverBooster.exe"Driver Booster : AMD High Definition Audio Device0x80042302
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Anbieterverwaltungsschnittstelle wird abgerufen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {00000000-0000-0000-0000-000000000000}
Snapshotkontext: -1
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Error: (07/22/2014 05:39:15 AM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Anbieterverwaltungsschnittstelle wird abgerufen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {00000000-0000-0000-0000-000000000000}
Snapshotkontext: -1
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Error: (07/22/2014 05:26:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 04:15:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/22/2014 03:40:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-07-22 07:00:56.957
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 07:00:56.926
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 05:25:33.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 05:25:33.600
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 04:14:26.240
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 04:14:26.208
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 03:39:26.678
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 03:39:26.647
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 02:59:30.594
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 02:59:30.547
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pspdisp_x64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 8138.44 MB
Available physical RAM: 5047.89 MB
Total Pagefile: 16275.05 MB
Available Pagefile: 12935.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:2047.9 GB) (Free:1792.38 GB) NTFS
Drive f: () (Fixed) (Total:931.06 GB) (Free:173.08 GB) FAT32
Drive h: () (Removable) (Total:3.73 GB) (Free:1 GB) FAT32
Drive q: (App Virt) (Fixed) (Total:6 GB) (Free:6 GB) App Virt AppFS
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2795 GB) (Disk ID: 03BD3C37)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-105906176) - (Type=07 NTFS)
==================== End Of Log ============================
defogger_disable.txt: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 07:41 on 22/07/2014 (Jinoru)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Jinoru (administrator) on JINORU-PC on 22-07-2014 07:42:37
Running from C:\Users\Jinoru\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\iSafe\ipcdl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(RAIDCALL.COM) C:\Program Files (x86)\RaidCall\raidcall.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856 2014-06-23] (IObit)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-578131232-4241386587-3927081175-1000\...\MountPoints2: {dbee3c66-eb46-11e3-8fe8-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://speedial.com/?f=1&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x93B16629587FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://speedial.com/?f=1&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://speedial.com/?f=1&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
FireFox:
========
FF ProfilePath: C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default
FF NewTab: google.at
FF DefaultSearchEngine: Speedial
FF SelectedSearchEngine: Speedial
FF Homepage: hxxp://speedial.com/?f=1&a=spd_ir_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDtCyEzyzztD0E0F0A0A0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtCyBtC0ByByCtG0E0A0AzztG0A0FtDyCtG0B0AtBzytGtB0DtC0F0Ezy0DyEzyzy0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0D0ByEyD0F0C0FtGzzzz0DzytGtB0DyDyEtGyDyCtCtBtGtC0C0FyDtCyBtC0DtAtAyEzy2Q&cr=282083095&ir=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Jinoru\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default\user.js
FF SearchPlugin: C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default\searchplugins\Speedial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ads Removal - C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default\Extensions\adremoveext@adremoveext.net [2014-07-22]
FF Extension: DownloadHelper - C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-15]
FF Extension: Adblock Plus - C:\Users\Jinoru\AppData\Roaming\Mozilla\Firefox\Profiles\0v7l5evl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-03]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-11-09] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [345984 2014-07-07] ()
R2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [1132032 2011-02-24] (Microsoft Corporation) [File not signed]
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1579936 2014-07-21] (Echobit LLC)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-07-16] (Elex do Brasil Participações Ltda)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-14] (LogMeIn, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
==================== Drivers (Whitelisted) ====================
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-07-03] (Echobit, LLC)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-07-16] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45248 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-07-16] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [48640 2014-07-09] (Elex do Brasil Participações Ltda)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2010-10-02] (hxxp://libusb-win32.sourceforge.net)
S3 pspdisp; C:\Windows\System32\DRIVERS\pspdisp_x64.sys [4608 2011-01-18] (JJS) [File not signed]
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [760168 2011-02-23] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-02-23] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-02-23] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-02-23] (Microsoft Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-22 07:42 - 2014-07-22 07:42 - 00015644 _____ () C:\Users\Jinoru\Downloads\FRST.txt
2014-07-22 07:42 - 2014-07-22 07:42 - 00000000 ____D () C:\FRST
2014-07-22 07:41 - 2014-07-22 07:42 - 02090496 _____ (Farbar) C:\Users\Jinoru\Downloads\FRST64.exe
2014-07-22 07:41 - 2014-07-22 07:41 - 00000474 _____ () C:\Users\Jinoru\Downloads\defogger_disable.log
2014-07-22 07:41 - 2014-07-22 07:41 - 00000000 _____ () C:\Users\Jinoru\defogger_reenable
2014-07-22 07:40 - 2014-07-22 07:40 - 00050477 _____ () C:\Users\Jinoru\Downloads\Defogger.exe
2014-07-22 07:06 - 2014-07-22 07:06 - 00000000 __SHD () C:\Users\Jinoru\AppData\Local\EmieUserList
2014-07-22 07:06 - 2014-07-22 07:06 - 00000000 __SHD () C:\Users\Jinoru\AppData\Local\EmieSiteList
2014-07-22 07:01 - 2014-07-22 07:01 - 00000344 _____ () C:\Windows\PFRO.log
2014-07-22 06:01 - 2014-07-22 06:01 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-07-22 05:41 - 2014-07-22 05:41 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-07-22 05:41 - 2014-07-22 05:41 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-07-22 05:41 - 2014-07-22 05:41 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-22 05:40 - 2014-07-22 05:40 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-07-22 05:40 - 2014-07-22 05:40 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-07-22 05:40 - 2014-07-22 05:40 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-07-22 05:40 - 2014-07-22 05:40 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-07-22 05:40 - 2014-07-22 05:40 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-07-22 05:40 - 2014-07-22 05:40 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-07-22 05:39 - 2014-07-22 07:01 - 00000374 _____ () C:\Windows\setupact.log
2014-07-22 05:39 - 2014-07-22 05:39 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2014-07-22 05:39 - 2014-07-22 05:39 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-07-22 05:39 - 2014-07-22 05:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-22 05:38 - 2014-07-22 05:38 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-07-22 05:38 - 2014-07-22 05:38 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-07-22 05:38 - 2014-07-22 05:38 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-07-22 05:38 - 2014-07-22 05:38 - 00001098 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-07-22 05:38 - 2014-07-22 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-07-22 05:34 - 2014-07-22 07:07 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-07-22 05:34 - 2014-07-22 05:34 - 00001780 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\Windows\system32\log
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\eCyber
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-07-22 05:34 - 2014-07-16 11:39 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-22 05:33 - 2014-07-22 05:34 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\iSafe
2014-07-22 05:33 - 2014-07-22 05:33 - 12787224 _____ (Elex do Brasil Participações Ltda) C:\Users\Jinoru\Downloads\yet_another_cleaner_sk.exe
2014-07-22 05:22 - 2014-07-22 05:22 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-22 05:22 - 2014-07-22 05:22 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-22 05:22 - 2014-07-22 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-22 05:22 - 2014-07-22 05:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-22 05:21 - 2014-07-22 05:21 - 03736040 _____ (Piriform Ltd) C:\Users\Jinoru\Downloads\ccsetup415_slim.exe
2014-07-22 03:44 - 2014-07-22 05:38 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\IObit
2014-07-22 03:44 - 2014-07-22 05:38 - 00000000 ____D () C:\ProgramData\IObit
2014-07-22 03:44 - 2014-07-22 05:38 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-22 03:44 - 2014-07-22 03:44 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-07-22 03:44 - 2014-07-22 03:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-07-22 03:42 - 2014-07-22 03:43 - 26163624 _____ (IObit ) C:\Users\Jinoru\Downloads\IObit-Malware-Figher-Setup2.4.1.16.exe
2014-07-22 03:42 - 2014-07-22 03:42 - 00961360 _____ (Chip Digital GmbH) C:\Users\Jinoru\Downloads\IObit Malware Fighter - CHIP-Installer.exe
2014-07-22 03:35 - 2009-07-13 18:39 - 00328704 _____ (Microsoft Corporation) C:\Users\Jinoru\Downloads\services.exe
2014-07-22 03:25 - 2014-07-22 03:25 - 00158058 _____ () C:\Users\Jinoru\Downloads\services64.zip
2014-07-21 09:50 - 2014-07-21 09:50 - 00042003 _____ () C:\Users\Jinoru\Downloads\TwitchTV App.zip
2014-07-21 09:31 - 2014-07-21 09:49 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\livestreamer
2014-07-21 09:31 - 2014-07-21 09:42 - 00000000 ____D () C:\Program Files (x86)\Livestreamer
2014-07-21 09:30 - 2014-07-21 09:31 - 04071155 _____ () C:\Users\Jinoru\Downloads\livestreamer-v1.8.2-win32-setup.exe
2014-07-21 09:13 - 2014-07-21 09:13 - 24677393 _____ () C:\Users\Jinoru\Downloads\vlc-2.1.3-win32.exe
2014-07-21 08:59 - 2014-07-22 06:54 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\vlc
2014-07-21 08:58 - 2014-07-21 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-21 08:57 - 2014-07-21 08:57 - 19985265 _____ () C:\Users\Jinoru\Downloads\vlc-1.1.5-win32.exe
2014-07-21 08:05 - 2014-07-21 08:05 - 00000000 ____D () C:\Windows\pss
2014-07-21 08:00 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-07-21 07:59 - 2014-07-21 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-21 07:59 - 2014-07-21 07:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-21 06:46 - 2014-07-21 06:46 - 00000000 ____D () C:\Users\Jinoru\Documents\Rockstar Games
2014-07-21 06:46 - 2014-07-21 06:46 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Chromium
2014-07-21 06:01 - 2014-07-21 06:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-07-21 05:33 - 2014-07-21 06:07 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-07-21 05:33 - 2014-07-21 05:33 - 00000000 ____D () C:\ProgramData\Rockstar Games
2014-07-21 04:55 - 2014-07-21 04:56 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\CorsixTH
2014-07-21 04:55 - 2014-07-21 04:55 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CorsixTH
2014-07-21 04:55 - 2014-07-21 04:55 - 00000000 ____D () C:\Program Files\CorsixTH
2014-07-19 03:46 - 2014-07-19 03:46 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology Extended Edition.lnk
2014-07-19 03:43 - 2014-07-19 03:52 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition
2014-07-16 16:23 - 2014-07-16 16:23 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 16:23 - 2014-07-16 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-16 16:23 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-16 16:23 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-16 16:23 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-16 16:23 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-07 17:44 - 2014-07-17 18:17 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\ArmA 2 OA
2014-07-07 17:44 - 2014-07-07 17:44 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-07-07 16:49 - 2014-07-07 18:02 - 00000000 ____D () C:\Users\Jinoru\Documents\ArmA 2
2014-07-07 16:49 - 2014-07-07 17:43 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-07-07 16:49 - 2014-07-07 16:50 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\ArmA 2
2014-07-07 16:49 - 2014-07-07 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-07-07 14:30 - 2014-07-07 14:31 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Sniper3
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\DayZCommander
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-06 21:12 - 2014-07-08 14:58 - 00000000 ____D () C:\Users\Jinoru\Documents\Xenonauts
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\PlayFirst
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-07-06 21:08 - 2014-07-06 21:08 - 00000000 ____D () C:\GOG Games
2014-07-06 19:59 - 2014-07-06 20:09 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\BetterDS3
2014-07-05 15:47 - 2014-07-22 07:03 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\LogMeIn Hamachi
2014-07-05 15:47 - 2014-07-05 15:47 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\LogMeIn
2014-07-05 15:47 - 2014-07-05 15:47 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-04 15:12 - 2014-07-04 15:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-04 15:12 - 2014-07-04 15:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-04 15:10 - 2014-07-04 15:10 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\MotioninJoy
2014-07-04 15:10 - 2014-07-04 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-07-04 15:10 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-07-04 15:10 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2014-07-04 15:10 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb21.sys
2014-07-04 15:09 - 2014-07-04 15:09 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-07-04 15:09 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2014-07-03 20:50 - 2014-07-03 20:50 - 00001000 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3.lnk
2014-07-03 20:23 - 2014-07-03 20:53 - 00000000 ____D () C:\Program Files (x86)\Sniper Elite 3
2014-07-03 19:57 - 2014-07-03 19:57 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-07-03 19:18 - 2014-07-03 19:18 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-03 18:18 - 2014-07-03 18:18 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2014-07-03 18:18 - 2014-07-03 18:18 - 00002019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2014-07-03 18:18 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files\Echobit
2014-07-03 18:17 - 2014-07-03 18:17 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Echobit
2014-07-03 18:17 - 2014-07-03 18:17 - 00000000 ____D () C:\ProgramData\Echobit
2014-07-03 17:53 - 2014-07-06 17:32 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Tunngle
2014-07-03 17:53 - 2014-07-06 17:32 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-03 17:53 - 2014-07-03 17:54 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\Users\Jinoru\Documents\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-03 17:53 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-06-30 19:18 - 2014-06-30 19:24 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\TeamViewer
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2014-06-30 12:16 - 2014-06-30 12:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PSPdispSideShow_x64_01_00_00.Wdf
2014-06-30 12:15 - 2014-06-30 12:18 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\PSPdisp
2014-06-30 12:15 - 2014-06-30 12:17 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PSPdisp
2014-06-30 12:15 - 2014-06-30 12:17 - 00000000 ____D () C:\Program Files (x86)\PSPdisp
2014-06-27 16:52 - 2014-06-28 12:23 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-24 08:07 - 2014-06-24 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-06-24 08:07 - 2014-06-24 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-06-23 10:58 - 2014-07-22 05:28 - 00000000 ____D () C:\Windows\Minidump
==================== One Month Modified Files and Folders =======
2014-07-22 07:42 - 2014-07-22 07:42 - 00015644 _____ () C:\Users\Jinoru\Downloads\FRST.txt
2014-07-22 07:42 - 2014-07-22 07:42 - 00000000 ____D () C:\FRST
2014-07-22 07:42 - 2014-07-22 07:41 - 02090496 _____ (Farbar) C:\Users\Jinoru\Downloads\FRST64.exe
2014-07-22 07:41 - 2014-07-22 07:41 - 00000474 _____ () C:\Users\Jinoru\Downloads\defogger_disable.log
2014-07-22 07:41 - 2014-07-22 07:41 - 00000000 _____ () C:\Users\Jinoru\defogger_reenable
2014-07-22 07:41 - 2014-06-03 19:52 - 00000000 ____D () C:\Users\Jinoru
2014-07-22 07:40 - 2014-07-22 07:40 - 00050477 _____ () C:\Users\Jinoru\Downloads\Defogger.exe
2014-07-22 07:29 - 2014-06-07 05:15 - 00000000 ____D () C:\Netzwrk
2014-07-22 07:08 - 2014-06-03 20:22 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-22 07:08 - 2014-06-03 20:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-22 07:08 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 07:08 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 07:07 - 2014-07-22 05:34 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-07-22 07:06 - 2014-07-22 07:06 - 00000000 __SHD () C:\Users\Jinoru\AppData\Local\EmieUserList
2014-07-22 07:06 - 2014-07-22 07:06 - 00000000 __SHD () C:\Users\Jinoru\AppData\Local\EmieSiteList
2014-07-22 07:05 - 2011-04-12 09:43 - 00699230 _____ () C:\Windows\system32\perfh007.dat
2014-07-22 07:05 - 2011-04-12 09:43 - 00149112 _____ () C:\Windows\system32\perfc007.dat
2014-07-22 07:05 - 2009-07-14 07:13 - 01619832 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 07:04 - 2014-06-03 19:51 - 01876137 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 07:03 - 2014-07-05 15:47 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\LogMeIn Hamachi
2014-07-22 07:01 - 2014-07-22 07:01 - 00000344 _____ () C:\Windows\PFRO.log
2014-07-22 07:01 - 2014-07-22 05:39 - 00000374 _____ () C:\Windows\setupact.log
2014-07-22 07:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 06:58 - 2014-06-05 16:40 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-22 06:54 - 2014-07-21 08:59 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\vlc
2014-07-22 06:52 - 2014-06-20 10:52 - 00000296 _____ () C:\Windows\Tasks\Speedial.job
2014-07-22 06:01 - 2014-07-22 06:01 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-07-22 05:41 - 2014-07-22 05:41 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-07-22 05:41 - 2014-07-22 05:41 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-07-22 05:41 - 2014-07-22 05:41 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-22 05:41 - 2014-06-03 20:02 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-07-22 05:40 - 2014-07-22 05:40 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-07-22 05:40 - 2014-07-22 05:40 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-07-22 05:40 - 2014-07-22 05:40 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-07-22 05:40 - 2014-07-22 05:40 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-07-22 05:40 - 2014-07-22 05:40 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-07-22 05:40 - 2014-07-22 05:40 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-07-22 05:40 - 2014-06-03 19:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-07-22 05:39 - 2014-07-22 05:39 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2014-07-22 05:39 - 2014-07-22 05:39 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-07-22 05:39 - 2014-07-22 05:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-22 05:38 - 2014-07-22 05:38 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-07-22 05:38 - 2014-07-22 05:38 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-07-22 05:38 - 2014-07-22 05:38 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-07-22 05:38 - 2014-07-22 05:38 - 00001098 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-07-22 05:38 - 2014-07-22 05:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-07-22 05:38 - 2014-07-22 03:44 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\IObit
2014-07-22 05:38 - 2014-07-22 03:44 - 00000000 ____D () C:\ProgramData\IObit
2014-07-22 05:38 - 2014-07-22 03:44 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-22 05:34 - 2014-07-22 05:34 - 00001780 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\Windows\system32\log
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\eCyber
2014-07-22 05:34 - 2014-07-22 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-07-22 05:34 - 2014-07-22 05:33 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\iSafe
2014-07-22 05:33 - 2014-07-22 05:33 - 12787224 _____ (Elex do Brasil Participações Ltda) C:\Users\Jinoru\Downloads\yet_another_cleaner_sk.exe
2014-07-22 05:28 - 2014-06-23 10:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-22 05:28 - 2014-06-19 13:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-22 05:28 - 2014-06-05 16:40 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\TS3Client
2014-07-22 05:28 - 2012-05-09 12:46 - 00000000 ____D () C:\Windows\Panther
2014-07-22 05:22 - 2014-07-22 05:22 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-22 05:22 - 2014-07-22 05:22 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-22 05:22 - 2014-07-22 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-22 05:22 - 2014-07-22 05:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-22 05:21 - 2014-07-22 05:21 - 03736040 _____ (Piriform Ltd) C:\Users\Jinoru\Downloads\ccsetup415_slim.exe
2014-07-22 04:08 - 2014-06-03 22:07 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Avg2014
2014-07-22 03:58 - 2014-06-03 22:11 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-22 03:44 - 2014-07-22 03:44 - 00001173 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-07-22 03:44 - 2014-07-22 03:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-07-22 03:43 - 2014-07-22 03:42 - 26163624 _____ (IObit ) C:\Users\Jinoru\Downloads\IObit-Malware-Figher-Setup2.4.1.16.exe
2014-07-22 03:42 - 2014-07-22 03:42 - 00961360 _____ (Chip Digital GmbH) C:\Users\Jinoru\Downloads\IObit Malware Fighter - CHIP-Installer.exe
2014-07-22 03:25 - 2014-07-22 03:25 - 00158058 _____ () C:\Users\Jinoru\Downloads\services64.zip
2014-07-22 01:58 - 2014-06-04 17:13 - 00000000 ____D () C:\Users\Jinoru\Desktop\GAMES
2014-07-21 18:14 - 2014-06-03 22:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-21 10:24 - 2014-06-03 21:17 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Battle.net
2014-07-21 09:52 - 2014-06-04 17:13 - 00000000 ___RD () C:\Users\Jinoru\Desktop\Programme
2014-07-21 09:50 - 2014-07-21 09:50 - 00042003 _____ () C:\Users\Jinoru\Downloads\TwitchTV App.zip
2014-07-21 09:49 - 2014-07-21 09:31 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\livestreamer
2014-07-21 09:42 - 2014-07-21 09:31 - 00000000 ____D () C:\Program Files (x86)\Livestreamer
2014-07-21 09:31 - 2014-07-21 09:30 - 04071155 _____ () C:\Users\Jinoru\Downloads\livestreamer-v1.8.2-win32-setup.exe
2014-07-21 09:14 - 2014-07-21 08:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-21 09:13 - 2014-07-21 09:13 - 24677393 _____ () C:\Users\Jinoru\Downloads\vlc-2.1.3-win32.exe
2014-07-21 08:57 - 2014-07-21 08:57 - 19985265 _____ () C:\Users\Jinoru\Downloads\vlc-1.1.5-win32.exe
2014-07-21 08:05 - 2014-07-21 08:05 - 00000000 ____D () C:\Windows\pss
2014-07-21 07:59 - 2014-07-21 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-21 07:59 - 2014-07-21 07:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-21 06:46 - 2014-07-21 06:46 - 00000000 ____D () C:\Users\Jinoru\Documents\Rockstar Games
2014-07-21 06:46 - 2014-07-21 06:46 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Chromium
2014-07-21 06:07 - 2014-07-21 05:33 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-07-21 06:01 - 2014-07-21 06:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-07-21 06:01 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-21 05:33 - 2014-07-21 05:33 - 00000000 ____D () C:\ProgramData\Rockstar Games
2014-07-21 05:33 - 2014-06-03 19:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-21 04:56 - 2014-07-21 04:55 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\CorsixTH
2014-07-21 04:55 - 2014-07-21 04:55 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CorsixTH
2014-07-21 04:55 - 2014-07-21 04:55 - 00000000 ____D () C:\Program Files\CorsixTH
2014-07-19 03:52 - 2014-07-19 03:43 - 00000000 ____D () C:\Program Files (x86)\Age of Mythology Extended Edition
2014-07-19 03:46 - 2014-07-19 03:46 - 00000956 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology Extended Edition.lnk
2014-07-19 00:53 - 2014-06-20 11:52 - 00000094 _____ () C:\Users\Jinoru\AppData\Roaming\WB.CFG
2014-07-17 18:17 - 2014-07-07 17:44 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\ArmA 2 OA
2014-07-16 16:23 - 2014-07-16 16:23 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 16:23 - 2014-07-16 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-16 16:23 - 2014-06-20 10:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 16:23 - 2014-06-20 10:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-16 11:39 - 2014-07-22 05:34 - 00045248 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-07-14 15:29 - 2014-06-15 02:19 - 00000000 ____D () C:\Users\Jinoru\dwhelper
2014-07-11 03:02 - 2014-07-16 16:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-16 16:23 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-16 16:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-16 16:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 10:26 - 2014-06-03 21:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-09 11:18 - 2014-06-03 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-08 14:58 - 2014-07-06 21:12 - 00000000 ____D () C:\Users\Jinoru\Documents\Xenonauts
2014-07-07 18:02 - 2014-07-07 16:49 - 00000000 ____D () C:\Users\Jinoru\Documents\ArmA 2
2014-07-07 17:44 - 2014-07-07 17:44 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-07-07 17:43 - 2014-07-07 16:49 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-07-07 16:50 - 2014-07-07 16:49 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\ArmA 2
2014-07-07 16:49 - 2014-07-07 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-07-07 14:31 - 2014-07-07 14:30 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Sniper3
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\DayZCommander
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
2014-07-07 14:23 - 2014-07-07 14:23 - 00000000 ____D () C:\Program Files (x86)\Dotjosh Studios
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-06 23:19 - 2014-07-06 23:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-07-06 23:19 - 2014-06-20 13:52 - 01645874 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-06 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\PlayFirst
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-07-06 21:12 - 2014-07-06 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-07-06 21:08 - 2014-07-06 21:08 - 00000000 ____D () C:\GOG Games
2014-07-06 20:09 - 2014-07-06 19:59 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\BetterDS3
2014-07-06 17:32 - 2014-07-03 17:53 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Tunngle
2014-07-06 17:32 - 2014-07-03 17:53 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-05 21:40 - 2014-06-17 11:53 - 00000000 ____D () C:\Users\Jinoru\Documents\Diablo III
2014-07-05 15:47 - 2014-07-05 15:47 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\LogMeIn
2014-07-05 15:47 - 2014-07-05 15:47 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-04 15:12 - 2014-07-04 15:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-04 15:12 - 2014-07-04 15:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-04 15:10 - 2014-07-04 15:10 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\MotioninJoy
2014-07-04 15:10 - 2014-07-04 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-07-04 15:09 - 2014-07-04 15:09 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-07-03 21:00 - 2014-06-03 20:15 - 00058336 _____ () C:\Users\Jinoru\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-03 20:53 - 2014-07-03 20:23 - 00000000 ____D () C:\Program Files (x86)\Sniper Elite 3
2014-07-03 20:50 - 2014-07-03 20:50 - 00001000 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3.lnk
2014-07-03 19:57 - 2014-07-03 19:57 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-07-03 19:18 - 2014-07-03 19:18 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-03 19:17 - 2009-07-14 06:45 - 00267704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-03 18:18 - 2014-07-03 18:18 - 00021656 _____ (Echobit, LLC) C:\Windows\system32\Drivers\evolve.sys
2014-07-03 18:18 - 2014-07-03 18:18 - 00002019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evolve.lnk
2014-07-03 18:18 - 2014-07-03 18:18 - 00000000 ____D () C:\Program Files\Echobit
2014-07-03 18:17 - 2014-07-03 18:17 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Echobit
2014-07-03 18:17 - 2014-07-03 18:17 - 00000000 ____D () C:\ProgramData\Echobit
2014-07-03 17:54 - 2014-07-03 17:53 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\Users\Jinoru\Documents\Tunngle
2014-07-03 17:53 - 2014-07-03 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-01 16:49 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-30 20:15 - 2014-06-14 13:34 - 00000000 ____D () C:\Users\Jinoru\Documents\StarCraft II
2014-06-30 19:24 - 2014-06-30 19:18 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\TeamViewer
2014-06-30 12:28 - 2014-06-30 12:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2014-06-30 12:18 - 2014-06-30 12:15 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\PSPdisp
2014-06-30 12:17 - 2014-06-30 12:15 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PSPdisp
2014-06-30 12:17 - 2014-06-30 12:15 - 00000000 ____D () C:\Program Files (x86)\PSPdisp
2014-06-30 12:16 - 2014-06-30 12:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PSPdispSideShow_x64_01_00_00.Wdf
2014-06-28 12:23 - 2014-06-27 16:52 - 00000000 ____D () C:\Users\Jinoru\AppData\Roaming\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\Users\Jinoru\AppData\Local\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 16:52 - 2014-06-27 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-25 23:25 - 2014-06-04 21:49 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-24 08:07 - 2014-06-24 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-06-24 08:07 - 2014-06-24 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-06-23 11:07 - 2014-06-03 20:21 - 00000000 ____D () C:\Program Files (x86)\RaidCall
2014-06-23 10:57 - 2014-06-03 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
ZeroAccess:
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\@
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\U\00000004.@
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\U\00000008.@
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\U\000000cb.@
C:\Windows\Installer\{8c8e8ca7-9ea5-7a5c-b169-9a2e877fd82b}\U\80000032.@
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-21 23:50
==================== End Of Log ============================
|
| Themen zu Virus: Win64/Patched.A in c:\windows\system32\services.exe |
| 0x8007042, 4d36e972-e325-11ce-bfc1-08002be10318, avg antivirus, branding, ccsetup, newtab, pc speed maximizer, pum.hijack.startmenu, pup.optional.crossrider.a, pup.optional.speedial, pup.optional.speedial.a, speedial, win32/adware.adon, win32/downloadsponsor.a, win32/hacktool.crack.bl, win32/hacktool.winactivator.i, win32/packed.vmprotect.aah, win32/sirefef.gc, win32/toolbar.conduit, win32/toolbar.conduit.b, win64/patched.a, win64/sirefef.ax, win64/sirefef.bk |
Baum-Darstellung