|
Plagegeister aller Art und deren Bekämpfung: Pup wieder daWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.08.2013, 15:25 | #16 | |
/// the machine /// TB-Ausbilder | Pup wieder daZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.08.2013, 15:30 | #17 |
| Pup wieder da Security Check nochmall ausführen oder nur noch die andere Datei? (FRST)
__________________Back Ups wurden gelöscht |
20.08.2013, 15:31 | #18 |
/// the machine /// TB-Ausbilder | Pup wieder da FRST, noch Probleme mit dem Rechner?
__________________
__________________ |
20.08.2013, 15:39 | #19 |
| Pup wieder da FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013 Ran by BoZz (administrator) on 20-08-2013 16:33:53 Running from C:\Users\BoZz\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe () C:\Windows\SysWOW64\XSrvSetup.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] () HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.) HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation) HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] () HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== ProxyServer: 127.0.0.1:8082 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com Chrome: ======= CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] () R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG) S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider) S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-20] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-20] (Windows (R) Server 2003 DDK provider) R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] () R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] () S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] S3 xhunter1; \??\C:\Windows\xhunter1.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt 2013-08-19 18:49 - 2013-08-19 18:50 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe 2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe 2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe 2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt 2013-08-19 13:41 - 2013-08-19 13:51 - 00000000 ____D C:\Qoobox 2013-08-19 13:41 - 2013-08-19 13:49 - 00000000 ____D C:\Windows\erdnt 2013-08-19 13:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-19 13:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-19 13:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST 2013-08-17 20:43 - 2013-08-19 18:55 - 00000000 ____D C:\Windows\ERUNT 2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt 2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia 2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla 2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP 2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp 2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump 2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini 2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile 2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller 2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe 2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip 2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe 2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages 2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos 2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps 2013-08-04 23:32 - 2013-08-20 13:51 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk 2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE 2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment 2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat 2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log 2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats 2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks 2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json 2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries 2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions 2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets 2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç 2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk 2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft 2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe 2013-07-28 00:57 - 2013-08-20 13:51 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi 2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP 2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk 2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables 2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk 2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe 2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe 2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World 2013-07-21 12:46 - 2013-07-21 12:45 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar 2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ____D C:\Windows\SysWOW64\directx ==================== One Month Modified Files and Folders ======= 2013-08-20 16:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-20 16:18 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype 2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe 2013-08-20 16:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-20 15:50 - 2013-07-15 11:33 - 00013891 _____ C:\Windows\setupact.log 2013-08-20 14:00 - 2013-03-29 15:39 - 01423134 _____ C:\Windows\WindowsUpdate.log 2013-08-20 13:54 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-20 13:54 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-20 13:51 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-20 13:51 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi 2013-08-20 13:48 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref 2013-08-20 13:48 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys 2013-08-20 13:48 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2013-08-20 13:46 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-20 13:45 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-20 13:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-19 18:55 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT 2013-08-19 18:52 - 2013-07-15 11:33 - 00050706 _____ C:\Windows\PFRO.log 2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt 2013-08-19 18:50 - 2013-08-19 18:49 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe 2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe 2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe 2013-08-19 18:42 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files 2013-08-19 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-19 13:51 - 2013-08-19 13:41 - 00000000 ____D C:\Qoobox 2013-08-19 13:51 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt 2013-08-19 13:49 - 2013-08-19 13:41 - 00000000 ____D C:\Windows\erdnt 2013-08-19 13:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST 2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt 2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz 2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe 2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla 2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla 2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk 2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP 2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp 2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump 2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents 2013-08-17 15:10 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder 2013-08-16 11:28 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther 2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat 2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat 2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT 2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner 2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini 2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile 2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller 2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip 2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe 2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client 2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages 2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log 2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats 2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat 2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt 2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties 2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos 2013-08-05 00:28 - 2013-07-16 21:03 - 00017836 _____ C:\Windows\DirectX.log 2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps 2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk 2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE 2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment 2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks 2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries 2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions 2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets 2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç 2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai 2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft 2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk 2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO 2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft 2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP 2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe 2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP 2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk 2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient 2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables 2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk 2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe 2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe 2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer 2013-07-21 20:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World 2013-07-21 12:45 - 2013-07-21 12:46 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-12 22:39 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Also ich überprüfe mall was schnell bei mir laggt da ein Spiel namens LoL wo ich die ersten Pups gelöscht habe ... Frames per Seconds laggs die ich "nie" hatte !! Ping stabil auf 27 aber alle 5 Sekunden so ganz kurze FPS-Laggs. Also die FPS Laggs sind immer noch da ! |
20.08.2013, 16:37 | #20 |
/// the machine /// TB-Ausbilder | Pup wieder da Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] S3 xhunter1; \??\C:\Windows\xhunter1.sys [x] 2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.08.2013, 17:00 | #21 |
| Pup wieder daCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013 Ran by BoZz at 2013-08-20 18:00:25 Run:1 Running from C:\Users\BoZz\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] S3 xhunter1; \??\C:\Windows\xhunter1.sys [x] 2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç ***************** CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry. CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key deleted successfully. "C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found. X6va012 => Service deleted successfully. X6va013 => Service deleted successfully. xhunter1 => Service deleted successfully. C:\Program Files (x86)\ÌøÔ¾ÍøÂç => Moved successfully. ==== End of Fixlog ==== |
20.08.2013, 17:03 | #22 |
/// the machine /// TB-Ausbilder | Pup wieder da Windows-Taste +R, schreibe ipconfig /flushdns und drücke Enter. Teste dann nochmal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.08.2013, 18:16 | #23 |
| Pup wieder daCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013 Ran by BoZz at 2013-08-20 18:05:52 Run:2 Running from C:\Users\BoZz\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] S3 xhunter1; \??\C:\Windows\xhunter1.sys [x] 2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç ***************** CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry. CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje => Key not found. "C:\Program Files (x86)\TornTV.com\torn2_10.crx" => File/Directory not found. X6va012 => Service not found. X6va013 => Service not found. xhunter1 => Service not found. "C:\Program Files (x86)\ÌøÔ¾ÍøÂç" => File/Directory not found. ==== End of Fixlog ==== |
21.08.2013, 08:32 | #24 |
/// the machine /// TB-Ausbilder | Pup wieder da Poste mal ein frisches FRST log. Hast Du ipconfig von oben durchgeführt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.08.2013, 12:50 | #25 |
| Pup wieder daFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013 Ran by BoZz (administrator) on 21-08-2013 13:49:08 Running from C:\Users\BoZz\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe () C:\Windows\SysWOW64\XSrvSetup.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe () C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe (Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] () HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.) HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation) HKCU\...\Run: [GameCenterMailRu] - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe [4219416 2013-08-20] () HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation) HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] () HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== ProxyServer: 127.0.0.1:8082 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Winsock: Catalog9 01 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 02 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 06 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 07 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9 15 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex) Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 06 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 07 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll (Mail.Ru) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com Chrome: ======= CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms} CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] () R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG) S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider) S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-21] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-21] (Windows (R) Server 2003 DDK provider) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-20] () S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-20 22:28 - 2013-08-20 22:28 - 00000106 _____ C:\Users\BoZz\Desktop\Cross Fire.url 2013-08-20 21:49 - 2013-08-20 22:28 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru 2013-08-20 21:49 - 2013-08-20 21:49 - 04476512 _____ C:\Users\BoZz\Downloads\CrossfireLoader.exe 2013-08-20 21:49 - 2013-08-20 21:49 - 00002206 _____ C:\Users\BoZz\Desktop\Игровой центр@Mail.Ru.lnk 2013-08-20 21:49 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mail.Ru 2013-08-20 21:11 - 2013-08-21 13:21 - 00000112 _____ C:\Windows\setupact.log 2013-08-20 21:11 - 2013-08-20 21:11 - 00000000 _____ C:\Windows\setuperr.log 2013-08-20 19:27 - 2013-08-20 19:27 - 01475192 _____ (Initex & AAA Internet Publishing ) C:\Users\BoZz\Downloads\WTFastSetup.2.13.2.0.exe 2013-08-20 19:27 - 2013-08-20 19:27 - 00000979 _____ C:\Users\Public\Desktop\WTFast.lnk 2013-08-20 19:27 - 2013-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\WTFast 2013-08-20 19:27 - 2012-07-11 13:12 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll 2013-08-20 19:27 - 2012-07-11 13:12 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll 2013-08-20 19:27 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL 2013-08-20 16:34 - 2013-08-20 16:34 - 00040458 _____ C:\Users\BoZz\Downloads\FRST.txt 2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe 2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt 2013-08-19 18:49 - 2013-08-19 18:50 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe 2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe 2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe 2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt 2013-08-19 13:41 - 2013-08-19 13:51 - 00000000 ____D C:\Qoobox 2013-08-19 13:41 - 2013-08-19 13:49 - 00000000 ____D C:\Windows\erdnt 2013-08-19 13:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-19 13:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-19 13:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-19 13:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Desktop\FRST64.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST 2013-08-17 20:43 - 2013-08-19 18:55 - 00000000 ____D C:\Windows\ERUNT 2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt 2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia 2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla 2013-08-17 18:05 - 2013-08-20 21:04 - 00000000 ____D C:\Windows\Minidump 2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini 2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile 2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller 2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe 2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip 2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe 2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages 2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos 2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps 2013-08-04 23:32 - 2013-08-21 13:22 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk 2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE 2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment 2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat 2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log 2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats 2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks 2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json 2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries 2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions 2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets 2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk 2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft 2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe 2013-07-28 00:57 - 2013-08-21 13:22 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi 2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP 2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk 2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables 2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk 2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe 2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe ==================== One Month Modified Files and Folders ======= 2013-08-21 13:49 - 2013-03-29 16:06 - 00000000 ____D C:\Users\BoZz\AppData\Local\PMB Files 2013-08-21 13:39 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype 2013-08-21 13:30 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-21 13:30 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-21 13:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-21 13:22 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-21 13:22 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi 2013-08-21 13:22 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-21 13:21 - 2013-08-20 21:11 - 00000112 _____ C:\Windows\setupact.log 2013-08-21 13:21 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2013-08-21 13:21 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-21 13:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-20 23:13 - 2013-03-29 15:39 - 01483231 _____ C:\Windows\WindowsUpdate.log 2013-08-20 23:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-20 22:41 - 2013-05-22 19:15 - 00000000 ____D C:\Users\BoZz\Documents\CrossFire 2013-08-20 22:30 - 2013-08-20 22:30 - 00000000 ____D C:\CFLog 2013-08-20 22:28 - 2013-08-20 22:28 - 00000106 _____ C:\Users\BoZz\Desktop\Cross Fire.url 2013-08-20 22:28 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru 2013-08-20 21:49 - 2013-08-20 21:49 - 04476512 _____ C:\Users\BoZz\Downloads\CrossfireLoader.exe 2013-08-20 21:49 - 2013-08-20 21:49 - 00002206 _____ C:\Users\BoZz\Desktop\Игровой центр@Mail.Ru.lnk 2013-08-20 21:49 - 2013-08-20 21:49 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mail.Ru 2013-08-20 21:34 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder 2013-08-20 21:34 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files 2013-08-20 21:31 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref 2013-08-20 21:31 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys 2013-08-20 21:11 - 2013-08-20 21:11 - 00000000 _____ C:\Windows\setuperr.log 2013-08-20 21:04 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump 2013-08-20 21:04 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther 2013-08-20 19:27 - 2013-08-20 19:27 - 01475192 _____ (Initex & AAA Internet Publishing ) C:\Users\BoZz\Downloads\WTFastSetup.2.13.2.0.exe 2013-08-20 19:27 - 2013-08-20 19:27 - 00000979 _____ C:\Users\Public\Desktop\WTFast.lnk 2013-08-20 19:27 - 2013-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\WTFast 2013-08-20 16:34 - 2013-08-20 16:34 - 00040458 _____ C:\Users\BoZz\Downloads\FRST.txt 2013-08-20 16:12 - 2013-08-20 16:12 - 00891115 _____ C:\Users\BoZz\Desktop\SecurityCheck.exe 2013-08-19 18:55 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT 2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt 2013-08-19 18:50 - 2013-08-19 18:49 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe 2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe 2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe 2013-08-19 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-19 13:51 - 2013-08-19 13:41 - 00000000 ____D C:\Qoobox 2013-08-19 13:51 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt 2013-08-19 13:49 - 2013-08-19 13:41 - 00000000 ____D C:\Windows\erdnt 2013-08-19 13:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Desktop\FRST64.exe 2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST 2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3 2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt 2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz 2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe 2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla 2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla 2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla 2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk 2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents 2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat 2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat 2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT 2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner 2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini 2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile 2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller 2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip 2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe 2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client 2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages 2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log 2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats 2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat 2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt 2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties 2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium 2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos 2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps 2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk 2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE 2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment 2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves 2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks 2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries 2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions 2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets 2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai 2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft 2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk 2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO 2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java 2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft 2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP 2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe 2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP 2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk 2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient 2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables 2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk 2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe 2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe 2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk 2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-12 22:39 ==================== End Of Log ============================ Ja hab ich gemacht |
21.08.2013, 13:45 | #26 |
/// the machine /// TB-Ausbilder | Pup wieder da Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyServer: 127.0.0.1:8082 S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.08.2013, 13:52 | #27 |
| Pup wieder daCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2013 Ran by BoZz at 2013-08-21 14:52:28 Run:3 Running from C:\Users\BoZz\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyServer: 127.0.0.1:8082 S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x] ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. EagleX64 => Service deleted successfully. X6va013 => Service deleted successfully. ==== End of Fixlog ==== |
21.08.2013, 16:17 | #28 |
/// the machine /// TB-Ausbilder | Pup wieder da na?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.08.2013, 17:28 | #29 |
| Pup wieder da Das spiel hat trotzdem fps lags vielleicht Treiber oder was weis ich aktuallisieren mit dem Geräte Manager habe ich alles gemacht automatische Updates auch Geändert von Malysch (21.08.2013 um 17:53 Uhr) |
22.08.2013, 07:53 | #30 |
/// the machine /// TB-Ausbilder | Pup wieder da Im Logfile ist aber leider nix mehr was darauf hindeutet.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Pup wieder da |
entferne, entfernen, gefunde, gestartet, log, malware, nichts, viruses |