Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pup wieder da

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.08.2013, 15:25   #16
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Zitat:
D:\BOZZ-PC\Backup Set 2013-05-28 203904\Backup Files 2013-06-16 190010\Backup files 3.zip
D:\BOZZ-PC\Backup Set 2013-06-30 190010\Backup Files 2013-06-30 190010\Backup files 4.zip
D:\BOZZ-PC\Backup Set 2013-07-21 190010\Backup Files 2013-07-21 190010\Backup files 4.zip
D:\BOZZ-PC\Backup Set 2013-08-04 190010\Backup Files 2013-08-04 190010\Backup files 4.zip
Diese auf Laufwerk D einfach manuell löschen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.08.2013, 15:30   #17
Malysch
 
Pup wieder da - Standard

Pup wieder da



Security Check nochmall ausführen oder nur noch die andere Datei? (FRST)

Back Ups wurden gelöscht
__________________


Alt 20.08.2013, 15:31   #18
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



FRST, noch Probleme mit dem Rechner?
__________________
__________________

Alt 20.08.2013, 15:39   #19
Malysch
 
Pup wieder da - Standard

Pup wieder da



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by BoZz (administrator) on 20-08-2013 16:33:53
Running from C:\Users\BoZz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome: 
=======
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-20] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:49 - 2013-08-19 18:50 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:41 - 2013-08-19 13:51 - 00000000 ____D C:\Qoobox
2013-08-19 13:41 - 2013-08-19 13:49 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-19 13:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-19 13:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-17 20:43 - 2013-08-19 18:55 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-20 13:51 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 00:57 - 2013-08-20 13:51 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:46 - 2013-07-21 12:45 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ____D C:\Windows\SysWOW64\directx

==================== One Month Modified Files and Folders =======

2013-08-20 16:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-20 16:18 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype
2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe
2013-08-20 16:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 15:50 - 2013-07-15 11:33 - 00013891 _____ C:\Windows\setupact.log
2013-08-20 14:00 - 2013-03-29 15:39 - 01423134 _____ C:\Windows\WindowsUpdate.log
2013-08-20 13:54 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 13:54 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 13:51 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-20 13:51 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-08-20 13:48 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-20 13:48 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-20 13:48 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-20 13:46 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-20 13:45 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-20 13:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 18:55 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-19 18:52 - 2013-07-15 11:33 - 00050706 _____ C:\Windows\PFRO.log
2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:50 - 2013-08-19 18:49 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 18:42 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-19 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-19 13:51 - 2013-08-19 13:41 - 00000000 ____D C:\Qoobox
2013-08-19 13:51 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:49 - 2013-08-19 13:41 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz
2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla
2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents
2013-08-17 15:10 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder
2013-08-16 11:28 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther
2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-05 00:28 - 2013-07-16 21:03 - 00017836 _____ C:\Windows\DirectX.log
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai
2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft
2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer
2013-07-21 20:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:45 - 2013-07-21 12:46 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-12 22:39

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---



Also ich überprüfe mall was schnell bei mir laggt da ein Spiel namens LoL wo ich die ersten Pups gelöscht habe ...

Frames per Seconds laggs die ich "nie" hatte !!

Ping stabil auf 27 aber alle 5 Sekunden so ganz kurze FPS-Laggs.

Also die FPS Laggs sind immer noch da !

Alt 20.08.2013, 16:37   #20
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.08.2013, 17:00   #21
Malysch
 
Pup wieder da - Standard

Pup wieder da



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013
Ran by BoZz at 2013-08-20 18:00:25 Run:1
Running from C:\Users\BoZz\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
         
*****************

CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key deleted successfully.
"C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found.
X6va012 => Service deleted successfully.
X6va013 => Service deleted successfully.
xhunter1 => Service deleted successfully.
C:\Program Files (x86)\ÌøÔ¾ÍøÂç => Moved successfully.

==== End of Fixlog ====
         

Alt 20.08.2013, 17:03   #22
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Windows-Taste +R, schreibe

ipconfig /flushdns

und drücke Enter. Teste dann nochmal.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.08.2013, 18:16   #23
Malysch
 
Pup wieder da - Standard

Pup wieder da



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013
Ran by BoZz at 2013-08-20 18:05:52 Run:2
Running from C:\Users\BoZz\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
         
*****************

CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key not found.
"C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found.
X6va012 => Service not found.
X6va013 => Service not found.
xhunter1 => Service not found.
"C:\Program Files (x86)\ÌøÔ¾ÍøÂç" => File/Directory not found.

==== End of Fixlog ====
         
Spiel hengt immer noch ..

Alt 21.08.2013, 08:32   #24
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Poste mal ein frisches FRST log. Hast Du ipconfig von oben durchgeführt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.08.2013, 12:50   #25
Malysch
 
Pup wieder da - Standard

Pup wieder da




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by BoZz (administrator) on 21-08-2013 13:49:08
Running from C:\Users\BoZz\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [GameCenterMailRu] - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe [4219416 2013-08-20] ()
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog9 01 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 06 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 07 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 15 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll (Mail.Ru)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome: 
=======
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-21] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-21] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-20 22:28 - 2013-08-20 22:28 - 00000106 _____ C:\Users\BoZz\Desktop\Cross Fire.url
2013-08-20 21:49 - 2013-08-20 22:28 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
2013-08-20 21:49 - 2013-08-20 21:49 - 04476512 _____ C:\Users\BoZz\Downloads\CrossfireLoader.exe
2013-08-20 21:49 - 2013-08-20 21:49 - 00002206 _____ C:\Users\BoZz\Desktop\Игровой центр@Mail.Ru.lnk
2013-08-20 21:49 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mail.Ru
2013-08-20 21:11 - 2013-08-21 13:21 - 00000112 _____ C:\Windows\setupact.log
2013-08-20 21:11 - 2013-08-20 21:11 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 19:27 - 2013-08-20 19:27 - 01475192 _____ (Initex & AAA Internet Publishing                            ) C:\Users\BoZz\Downloads\WTFastSetup.2.13.2.0.exe
2013-08-20 19:27 - 2013-08-20 19:27 - 00000979 _____ C:\Users\Public\Desktop\WTFast.lnk
2013-08-20 19:27 - 2013-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\WTFast
2013-08-20 19:27 - 2012-07-11 13:12 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll
2013-08-20 19:27 - 2012-07-11 13:12 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll
2013-08-20 19:27 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2013-08-20 16:34 - 2013-08-20 16:34 - 00040458 _____ C:\Users\BoZz\Downloads\FRST.txt
2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe
2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:49 - 2013-08-19 18:50 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:41 - 2013-08-19 13:51 - 00000000 ____D C:\Qoobox
2013-08-19 13:41 - 2013-08-19 13:49 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-19 13:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-19 13:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Desktop\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-17 20:43 - 2013-08-19 18:55 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 18:05 - 2013-08-20 21:04 - 00000000 ____D C:\Windows\Minidump
2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-21 13:22 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 00:57 - 2013-08-21 13:22 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe

==================== One Month Modified Files and Folders =======

2013-08-21 13:49 - 2013-03-29 16:06 - 00000000 ____D C:\Users\BoZz\AppData\Local\PMB Files
2013-08-21 13:39 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype
2013-08-21 13:30 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-21 13:30 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-21 13:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-21 13:22 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-21 13:22 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-08-21 13:22 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-21 13:21 - 2013-08-20 21:11 - 00000112 _____ C:\Windows\setupact.log
2013-08-21 13:21 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-21 13:21 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-21 13:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-20 23:13 - 2013-03-29 15:39 - 01483231 _____ C:\Windows\WindowsUpdate.log
2013-08-20 23:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-20 22:41 - 2013-05-22 19:15 - 00000000 ____D C:\Users\BoZz\Documents\CrossFire
2013-08-20 22:30 - 2013-08-20 22:30 - 00000000 ____D C:\CFLog
2013-08-20 22:28 - 2013-08-20 22:28 - 00000106 _____ C:\Users\BoZz\Desktop\Cross Fire.url
2013-08-20 22:28 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
2013-08-20 21:49 - 2013-08-20 21:49 - 04476512 _____ C:\Users\BoZz\Downloads\CrossfireLoader.exe
2013-08-20 21:49 - 2013-08-20 21:49 - 00002206 _____ C:\Users\BoZz\Desktop\Игровой центр@Mail.Ru.lnk
2013-08-20 21:49 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mail.Ru
2013-08-20 21:34 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder
2013-08-20 21:34 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-20 21:31 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-20 21:31 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-20 21:11 - 2013-08-20 21:11 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 21:04 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-20 21:04 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther
2013-08-20 19:27 - 2013-08-20 19:27 - 01475192 _____ (Initex & AAA Internet Publishing                            ) C:\Users\BoZz\Downloads\WTFastSetup.2.13.2.0.exe
2013-08-20 19:27 - 2013-08-20 19:27 - 00000979 _____ C:\Users\Public\Desktop\WTFast.lnk
2013-08-20 19:27 - 2013-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\WTFast
2013-08-20 16:34 - 2013-08-20 16:34 - 00040458 _____ C:\Users\BoZz\Downloads\FRST.txt
2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe
2013-08-19 18:55 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:50 - 2013-08-19 18:49 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-19 13:51 - 2013-08-19 13:41 - 00000000 ____D C:\Qoobox
2013-08-19 13:51 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:49 - 2013-08-19 13:41 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Desktop\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz
2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla
2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents
2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai
2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft
2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-12 22:39

==================== End Of Log ============================
         
--- --- ---



Ja hab ich gemacht

Alt 21.08.2013, 13:45   #26
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ProxyServer: 127.0.0.1:8082
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.08.2013, 13:52   #27
Malysch
 
Pup wieder da - Standard

Pup wieder da



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013
Ran by BoZz at 2013-08-21 14:52:28 Run:3
Running from C:\Users\BoZz\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: 127.0.0.1:8082
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
         
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
EagleX64 => Service deleted successfully.
X6va013 => Service deleted successfully.

==== End of Fixlog ====
         
)

Alt 21.08.2013, 16:17   #28
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



na?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.08.2013, 17:28   #29
Malysch
 
Pup wieder da - Standard

Pup wieder da



Das spiel hat trotzdem fps lags vielleicht Treiber oder was weis ich aktuallisieren mit dem Geräte Manager habe ich alles gemacht automatische Updates auch

Geändert von Malysch (21.08.2013 um 17:53 Uhr)

Alt 22.08.2013, 07:53   #30
schrauber
/// the machine
/// TB-Ausbilder
 

Pup wieder da - Standard

Pup wieder da



Im Logfile ist aber leider nix mehr was darauf hindeutet.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Pup wieder da
entferne, entfernen, gefunde, gestartet, log, malware, nichts, viruses



Ähnliche Themen: Pup wieder da


  1. Leider wieder mal was bzw. schon wieder eingefangen
    Plagegeister aller Art und deren Bekämpfung - 06.04.2015 (9)
  2. your phone is infected install antivirus to delete - Nachricht erscheint wieder und wieder mit Weiterleitung in den play store
    Smartphone, Tablet & Handy Security - 12.03.2015 (9)
  3. Windows 7: Avira meldet immer wieder ADWARE/Adware.Gen4 bzw. .Gen7, zudem taucht Optimizer Pro immer wieder auf
    Log-Analyse und Auswertung - 14.12.2014 (9)
  4. Pc wieder sehr langsam, Firefox stürzt immer wieder ab.
    Log-Analyse und Auswertung - 21.08.2013 (9)
  5. PC fährt immer wieder von alleine runter und wieder hoch
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (13)
  6. und wieder BKA
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (14)
  7. GUV mal wieder
    Log-Analyse und Auswertung - 04.09.2012 (17)
  8. Internet immer wieder langsam, dann wieder normal usw.
    Log-Analyse und Auswertung - 20.10.2010 (1)
  9. IE öffnet immer wieder werbefenster sowie geht immer wieder der ton aus
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (2)
  10. Windows Vista startet nicht, fährt sofort wieder runter und gleich wieder hoch...
    Alles rund um Windows - 03.04.2010 (3)
  11. externe festplatte wieder unter xp wieder herstellen
    Alles rund um Windows - 15.01.2009 (3)
  12. trojaner meldet sich wieder und wieder
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (4)
  13. Imer wieder Trojan.small hin und wieder werbe pop-ups..
    Log-Analyse und Auswertung - 30.05.2006 (4)
  14. Mal wieder ....[help me please!]
    Plagegeister aller Art und deren Bekämpfung - 22.05.2006 (6)
  15. wieder mal ich
    Log-Analyse und Auswertung - 21.06.2005 (1)
  16. ich mal wieder
    Log-Analyse und Auswertung - 31.12.2004 (13)
  17. RAM....mal wieder
    Netzwerk und Hardware - 09.04.2003 (7)

Zum Thema Pup wieder da - Zitat: D:\BOZZ-PC\Backup Set 2013-05-28 203904\Backup Files 2013-06-16 190010\Backup files 3.zip D:\BOZZ-PC\Backup Set 2013-06-30 190010\Backup Files 2013-06-30 190010\Backup files 4.zip D:\BOZZ-PC\Backup Set 2013-07-21 190010\Backup Files 2013-07-21 190010\Backup files 4.zip D:\BOZZ-PC\Backup Set - Pup wieder da...
Archiv
Du betrachtest: Pup wieder da auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.