Pup wieder da

Malysch · 17.08.2013, 23:08

Neueröffnung 1 Pup hat es wieder geschafft.

Ich hatte nach Orfolgreichem Entfernen des Pup Viruses einen Malware gestartet (nichts gefunden).

Jetzt gerade noch mall durchgeführt und jetzt ist er wieder da.

Hier unten der Log.

schrauber · 17.08.2013, 23:25

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Malysch · 17.08.2013, 23:30

Hier

schrauber · 17.08.2013, 23:48

Bitte die logs immer in Codetags posten

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Malysch · 18.08.2013, 19:12

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by BoZz (administrator) on 18-08-2013 00:27:26
Running from C:\Users\BoZz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [GameCenterMailRu] - "C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ad4you] - C:\Users\BoZz\AppData\Roaming\ds.exe [369664 2013-06-09] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
MountPoints2: {e7312862-c1f9-11e2-aac6-6cf049eff7f5} - K:\Startme.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome: 
=======
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-17] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-17] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-17] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-17] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:43 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 17:52 - 2013-08-17 17:52 - 00017746 _____ C:\Users\BoZz\Desktop\Gmer.txt
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:35 - 2013-08-10 17:36 - 09304408 _____ (Wargaming.net                                               ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-17 23:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:31 - 2013-08-04 23:32 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:18 - 2013-08-04 23:19 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:02 - 2013-08-03 01:31 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 02:54 - 2013-07-30 02:55 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 00:19 - 2013-07-30 01:23 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:57 - 2013-08-17 23:00 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 18:59 - 2013-07-26 19:00 - 02404568 _____ (Tim Witschel Serververmietung                               ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:46 - 2013-07-21 12:45 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW

==================== One Month Modified Files and Folders =======

2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-18 00:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-18 00:22 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype
2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-18 00:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-17 23:12 - 2013-03-29 16:06 - 00000000 ____D C:\Users\BoZz\AppData\Local\PMB Files
2013-08-17 23:12 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-17 23:06 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-17 23:06 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-17 23:02 - 2013-03-29 15:39 - 01376753 _____ C:\Windows\WindowsUpdate.log
2013-08-17 23:01 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 23:00 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-08-17 23:00 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-17 23:00 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-17 23:00 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-17 22:58 - 2013-07-15 11:33 - 00013555 _____ C:\Windows\setupact.log
2013-08-17 22:58 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-17 22:58 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-17 22:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:43 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz
2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-17 17:52 - 2013-08-17 17:52 - 00017746 _____ C:\Users\BoZz\Desktop\Gmer.txt
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:22 - 2013-07-15 11:33 - 00049568 _____ C:\Windows\PFRO.log
2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents
2013-08-17 15:10 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder
2013-08-16 11:28 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther
2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-10 17:36 - 2013-08-10 17:35 - 09304408 _____ (Wargaming.net                                               ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-05 00:28 - 2013-07-16 21:03 - 00017836 _____ C:\Windows\DirectX.log
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:32 - 2013-08-04 23:31 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:19 - 2013-08-04 23:18 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 18:22 - 2013-06-16 12:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:31 - 2013-08-03 01:02 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai
2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-30 02:55 - 2013-07-30 02:54 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO
2013-07-30 01:23 - 2013-07-30 00:19 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 19:00 - 2013-07-26 18:59 - 02404568 _____ (Tim Witschel Serververmietung                               ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer
2013-07-21 20:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:45 - 2013-07-21 12:46 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW
2013-07-19 03:58 - 2013-08-15 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-15 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-12 22:39

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2013
Ran by BoZz at 2013-08-18 00:28:44
Running from C:\Users\BoZz\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
??????? ?????@Mail.Ru (HKCU Version: 2.315)
@BIOS Ver.2.06 (x32 Version: 2.06)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Akamai NetSession Interface (HKCU)
AnotherLife Client Version 1.1 (x32 Version: 1.1)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Bandicam (x32 Version: 1.8.9.371)
Bandisoft MPEG-1 Decoder (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
Cheat Engine 6.3 (x32)
Cross Fire (HKCU)
Cross Fire (x32 Version: 1.0.0.66)
DES 2.0 (x32 Version: 1.00.0000)
eaner (Version: 4.00)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
League of Legends (x32 Version: 1.3)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Loong - Dragonblood (x32 Version: 2.04.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Minecraft 1.2.0_02 (x32)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
ON_OFF Charge B10.0422.2 (x32 Version: 1.00.0001)
Pando Media Booster (x32 Version: 2.6.0.9)
Pflanzen gegen Zombies (x32)
Plants vs. Zombies (x32)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)
Skype™ 6.5 (x32 Version: 6.5.158)
Smart 6 B10.0422.1 (x32 Version: 1.00.0000)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.18051)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

17-08-2013 21:29:25 Automatic creation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {25F5C9A1-5A17-40B5-9478-A2F1D9FC5230} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {3568E6A4-15A8-4017-9C6D-7228C359779B} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {4FF2355D-F93F-4243-AAC5-454A8C026FC6} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {7712AD88-7807-4584-9ADE-A3840040C5FE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {85DF2C1E-A0C0-4EA9-834D-BEA365EB2F37} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {A6710A2D-53BF-4FA2-8276-F0ABD3B45A5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {ABA7CA19-A5E6-4C8D-9632-C78F8C1114AC} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {AE9DF882-EDBB-4936-859A-F66F96D7AB58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.)
Task: {CDEFE3D6-34B5-43E1-B30D-32DF7DA8464E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.)
Task: {E2198939-939E-4986-B5EA-2114EB1FE553} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {E36E283C-7A9F-4612-9466-6D25BEAC026D} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {F4398ECE-B4BC-4C6A-BEC8-76C7F34A4B99} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2013 00:01:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 11:29:14 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a7f978e5-ede4-492b-bb91-4c00fedd97aa}

Error: (08/17/2013 11:01:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xfe4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 10:01:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x1314
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 09:26:34 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {14e0f5af-5564-4d38-bf6e-cd8173a8dd79}

Error: (08/17/2013 09:01:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x1320
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 08:45:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUI70.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000394e
ID des fehlerhaften Prozesses: 0x640
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/17/2013 08:01:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x111c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 07:01:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xa38
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (08/17/2013 06:45:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a32a2d77-e5e8-4498-9803-7bf9715d2b5d}


System errors:
=============
Error: (08/17/2013 11:01:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/17/2013 11:01:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/17/2013 08:59:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/17/2013 08:59:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/17/2013 08:57:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 8" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/17/2013 08:57:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 8 erreicht.

Error: (08/17/2013 08:43:32 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.

Error: (08/17/2013 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/17/2013 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/17/2013 07:59:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office Sessions:
=========================
Error: (08/18/2013 00:01:02 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243d6c01ce9b95420b6142C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll81352b80-0788-11e3-847d-6cf049eff7f5

Error: (08/17/2013 11:29:14 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a7f978e5-ede4-492b-bb91-4c00fedd97aa}

Error: (08/17/2013 11:01:03 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243fe401ce9b8ce0442950C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll1ffa018c-0780-11e3-847d-6cf049eff7f5

Error: (08/17/2013 10:01:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243131401ce9b847e76af78C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dllbd5b5963-0777-11e3-94a7-6cf049eff7f5

Error: (08/17/2013 09:26:34 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {14e0f5af-5564-4d38-bf6e-cd8173a8dd79}

Error: (08/17/2013 09:01:04 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243132001ce9b7c1cb83327C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll5d1e79a7-076f-11e3-94a7-6cf049eff7f5

Error: (08/17/2013 08:45:47 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DUI70.dll6.1.7600.163854a5bdf25c0000005000000000000394e64001ce9b75aa034acaC:\Windows\Explorer.EXEC:\Windows\system32\DUI70.dll3a3f624f-076d-11e3-a109-6cf049eff7f5

Error: (08/17/2013 08:01:03 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243111c01ce9b73bb03376eC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dllfa993292-0766-11e3-bf57-6cf049eff7f5

Error: (08/17/2013 07:01:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243a3801ce9b6b592ae636C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll9822a339-075e-11e3-b2d2-6cf049eff7f5

Error: (08/17/2013 06:45:09 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a32a2d77-e5e8-4498-9803-7bf9715d2b5d}


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 16382.49 MB
Available physical RAM: 13317.33 MB
Total Pagefile: 32763.17 MB
Available Pagefile: 29441.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:382.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:201.13 GB) NTFS
Drive e: () (Fixed) (Total:74.53 GB) (Free:74.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9F9167C3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 9F9167C2)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 75 GB) (Disk ID: 446EFE9D)
Partition 1: (Not Active) - (Size=75 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Ich bin Off wir machen später weiter :/

Können wir weiter machen?

Bin wieder da und würde gerne weiter machen die Logs wurden gepostet

Diesen Pup hab ich jetzt entfernt kommt dieser wieder da ich es schon mall versucht hatte und dieser wieder kam.

Ich weis jetzt net weiter

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.17.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
BoZz :: BOZZ-PC [Administrator]

18.08.2013 19:12:15
mbam-log-2013-08-18 (19-12-15).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 388963
Laufzeit: 53 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\BoZz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1KNMQF1\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

schrauber · 19.08.2013, 07:54

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Malysch · 19.08.2013, 12:52

Ich habe keinen Neustart gemacht oder es wurde auch keinen Neustart gemacht von Combofix oder so keine Ahnung aber hier der Combofix Log !

Code:

ATTFilter

ComboFix 13-08-19.01 - BoZz 19.08.2013  13:44:31.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16382.13946 [GMT 2:00]
ausgeführt von:: c:\users\BoZz\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\users\BoZz\AppData\Roaming\ds.exe
c:\users\BoZz\AppData\Roaming\install_flashplayer.exe
c:\users\BoZz\AppData\Roaming\load_winupd.exe
c:\users\BoZz\AppData\Roaming\Uninstal.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-19 bis 2013-08-19  ))))))))))))))))))))))))))))))
.
.
2013-08-19 11:49 . 2013-08-19 11:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-08-19 11:49 . 2013-08-19 11:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-17 22:27 . 2013-08-17 22:27	--------	d-----w-	C:\FRST
2013-08-17 18:43 . 2013-08-17 18:43	--------	d-----w-	c:\windows\ERUNT
2013-08-17 18:39 . 2013-08-17 18:39	--------	d-----w-	c:\users\BoZz\AppData\Local\Macromedia
2013-08-17 18:39 . 2013-08-17 18:40	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-17 18:38 . 2013-08-17 18:38	--------	d-----w-	c:\users\BoZz\AppData\Local\Mozilla
2013-08-17 18:38 . 2013-08-17 18:40	--------	d-----w-	c:\users\BoZz\AppData\Local\Adobe
2013-08-15 22:37 . 2013-08-15 22:38	--------	d-----w-	c:\windows\system32\MRT
2013-08-10 17:13 . 2013-08-10 17:34	407589449	----a-w-	C:\POD-19902_setup.exe
2013-08-05 14:25 . 2013-08-05 14:25	--------	d-----w-	c:\users\BoZz\AppData\Local\Chromium
2013-08-05 14:25 . 2013-08-05 14:25	--------	d-----w-	c:\users\BoZz\AppData\Local\CrashRpt
2013-08-05 14:25 . 2013-08-05 14:25	--------	d-----w-	c:\users\BoZz\AppData\Local\Arktos
2013-08-04 22:29 . 2013-08-04 22:29	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-08-04 21:34 . 2013-08-04 21:34	--------	d-----w-	c:\program files (x86)\dumps
2013-08-04 21:32 . 2013-08-17 18:57	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2013-08-04 21:32 . 2013-08-19 11:41	--------	d-----w-	c:\program files (x86)\Steam
2013-08-04 21:21 . 2013-08-04 21:21	--------	d-----w-	c:\users\BoZz\AppData\Local\SCE
2013-08-04 21:19 . 2013-08-04 21:19	--------	d-----w-	c:\users\Public\Sony Online Entertainment
2013-08-02 23:47 . 2013-08-02 23:47	--------	d-----w-	c:\program files (x86)\ÌøÔ¾ÍøÂç
2013-07-29 19:14 . 2013-07-29 19:14	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-29 19:14 . 2013-07-29 19:14	--------	d-----w-	c:\program files (x86)\Java
2013-07-28 07:56 . 2013-07-28 07:56	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-07-27 23:08 . 2013-07-30 00:58	--------	d-----w-	c:\users\BoZz\minecraft
2013-07-27 22:57 . 2013-08-19 11:41	--------	d-----w-	c:\users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-26 10:57 . 2013-08-17 22:04	--------	d-----w-	c:\program files (x86)\Cheat Engine 6.3
2013-07-21 10:39 . 2013-08-10 15:37	--------	d--h--w-	c:\windows\msdownld.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-19 11:20 . 2013-03-29 14:20	25640	----a-w-	c:\windows\gdrv.sys
2013-08-18 11:03 . 2013-03-29 14:21	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-08-17 18:40 . 2013-07-12 11:02	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-15 22:37 . 2013-03-29 15:23	78161360	----a-w-	c:\windows\system32\MRT.exe
2013-07-29 19:14 . 2013-04-27 19:05	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-29 19:14 . 2013-04-27 19:05	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-09 04:45 . 2013-08-15 11:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-06-27 11:23 . 2013-05-06 11:29	83672	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-06-19 15:27 . 2013-06-24 13:58	20312	----a-w-	c:\windows\system32\roboot64.exe
2013-06-05 03:34 . 2013-07-10 13:55	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 13:55	624128	----a-w-	c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 13:55	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-05-28 13:05 . 2013-06-13 19:20	163328	----a-w-	c:\windows\SysWow64\FlashPlayerUpdateService.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-03-29 4288048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"Akamai NetSession Interface"="c:\users\BoZz\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-07-26 1807272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"EasyTuneVI"="c:\program files (x86)\GIGABYTE\ET6\ETcall.exe" [2007-07-26 20480]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-01 02:32	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-24 13:05]
.
2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 14:01]
.
2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 14:01]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 127.0.0.1:8082
uSearchAssistant = hxxp://www.google.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-GameCenterMailRu - c:\users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe
Wow6432Node-HKCU-Run-ad4you - c:\users\BoZz\AppData\Roaming\ds.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-CrossFireRus_is1 - c:\program files (x86)\Mail.Ru\Cross Fire\unins000.exe
AddRemove-Minecraft 1.2.0_02 - c:\users\BoZz\AppData\Roaming\Uninstal.exe
AddRemove-Cross Fire - c:\users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe
AddRemove-GameCenterMailRu - c:\users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-19  13:50:59
ComboFix-quarantined-files.txt  2013-08-19 11:50
.
Vor Suchlauf: 16 Verzeichnis(se), 410.073.858.048 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 410.000.162.816 Bytes frei
.
- - End Of File - - 341B2B95F49C2465C64DDE3DF78DDDF7
5FB38429D5D77768867C76DCBDB35194

schrauber · 19.08.2013, 16:50

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Malysch · 19.08.2013, 18:06

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.0 (08.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by BoZz on 19.08.2013 at 18:55:45,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\BoZz\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.08.2013 at 18:59:17,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 19/08/2013 um 18:50:29 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : BoZz - BOZZ-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\BoZz\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\extensions\pricepeep@getpricepeep.com.xpi

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js

C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.95

Datei : C:\Users\BoZz\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.26] : icon_url = "hxxp://www.ask.com/favicon.ico",
Gelöscht [l.33] : search_url = "hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid[...]
Gelöscht [l.34] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTer[...]

*************************

AdwCleaner[S1].txt - [1497 octets] - [19/08/2013 18:50:29]

########## EOF - C:\AdwCleaner[S1].txt - [1557 octets] ##########

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by BoZz (administrator) on 19-08-2013 19:02:03
Running from C:\Users\BoZz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-19] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-19] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-19] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-19 18:54 - 2013-08-19 18:54 - 00001626 _____ C:\Users\BoZz\Desktop\AdwCleaner[S1].txt
2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:49 - 2013-08-19 18:50 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 13:51 - 2013-08-19 13:51 - 00012254 _____ C:\Users\BoZz\Desktop\Combofix.txt
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:41 - 2013-08-19 13:51 - 00000000 ____D C:\Qoobox
2013-08-19 13:41 - 2013-08-19 13:49 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-19 13:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-19 13:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-19 13:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 20:11 - 2013-08-18 20:11 - 00002454 _____ C:\Users\BoZz\Downloads\Malware.txt
2013-08-18 20:09 - 2013-08-18 20:09 - 00002454 _____ C:\Users\BoZz\Desktop\Malware.txt
2013-08-18 00:29 - 2013-08-18 00:29 - 00043860 _____ C:\Users\BoZz\Desktop\FRST.txt
2013-08-18 00:29 - 2013-08-18 00:29 - 00019613 _____ C:\Users\BoZz\Desktop\Addition.txt
2013-08-18 00:28 - 2013-08-18 00:28 - 00019613 _____ C:\Users\BoZz\Downloads\Addition.txt
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-17 20:43 - 2013-08-19 18:55 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:35 - 2013-08-10 17:36 - 09304408 _____ (Wargaming.net                                               ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-19 18:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:31 - 2013-08-04 23:32 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:18 - 2013-08-04 23:19 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:02 - 2013-08-03 01:31 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 02:54 - 2013-07-30 02:55 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 00:19 - 2013-07-30 01:23 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:57 - 2013-08-19 18:53 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 18:59 - 2013-07-26 19:00 - 02404568 _____ (Tim Witschel Serververmietung                               ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:46 - 2013-07-21 12:45 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW

==================== One Month Modified Files and Folders =======

2013-08-19 19:02 - 2013-03-29 16:06 - 00000000 ____D C:\Users\BoZz\AppData\Local\PMB Files
2013-08-19 19:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-19 19:00 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-19 19:00 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-19 18:59 - 2013-08-19 18:59 - 00001601 _____ C:\Users\BoZz\Desktop\JRT.txt
2013-08-19 18:55 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-19 18:54 - 2013-08-19 18:54 - 00001626 _____ C:\Users\BoZz\Desktop\AdwCleaner[S1].txt
2013-08-19 18:54 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-19 18:54 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-19 18:54 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-19 18:53 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-19 18:53 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-08-19 18:52 - 2013-07-15 11:33 - 00050706 _____ C:\Windows\PFRO.log
2013-08-19 18:52 - 2013-07-15 11:33 - 00013723 _____ C:\Windows\setupact.log
2013-08-19 18:52 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-19 18:52 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-19 18:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 18:51 - 2013-03-29 15:39 - 01411442 _____ C:\Windows\WindowsUpdate.log
2013-08-19 18:50 - 2013-08-19 18:50 - 00001626 _____ C:\AdwCleaner[S1].txt
2013-08-19 18:50 - 2013-08-19 18:49 - 01018305 _____ (Thisisu) C:\Users\BoZz\Desktop\JRT.exe
2013-08-19 18:49 - 2013-08-19 18:49 - 00666633 _____ C:\Users\BoZz\Desktop\adwcleaner.exe
2013-08-19 18:45 - 2013-08-19 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\BoZz\Desktop\TFC.exe
2013-08-19 18:42 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-19 18:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-19 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-19 13:51 - 2013-08-19 13:51 - 00012254 _____ C:\Users\BoZz\Desktop\Combofix.txt
2013-08-19 13:51 - 2013-08-19 13:41 - 00000000 ____D C:\Qoobox
2013-08-19 13:51 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-19 13:50 - 2013-08-19 13:50 - 00012254 _____ C:\ComboFix.txt
2013-08-19 13:49 - 2013-08-19 13:41 - 00000000 ____D C:\Windows\erdnt
2013-08-19 13:49 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-19 13:40 - 2013-08-19 13:40 - 05105821 ____R (Swearware) C:\Users\BoZz\Desktop\ComboFix.exe
2013-08-18 20:11 - 2013-08-18 20:11 - 00002454 _____ C:\Users\BoZz\Downloads\Malware.txt
2013-08-18 20:09 - 2013-08-18 20:09 - 00002454 _____ C:\Users\BoZz\Desktop\Malware.txt
2013-08-18 00:29 - 2013-08-18 00:29 - 00043860 _____ C:\Users\BoZz\Desktop\FRST.txt
2013-08-18 00:29 - 2013-08-18 00:29 - 00019613 _____ C:\Users\BoZz\Desktop\Addition.txt
2013-08-18 00:28 - 2013-08-18 00:28 - 00019613 _____ C:\Users\BoZz\Downloads\Addition.txt
2013-08-18 00:27 - 2013-08-18 00:27 - 01575580 _____ (Farbar) C:\Users\BoZz\Downloads\FRST64.exe
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz
2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents
2013-08-17 15:10 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder
2013-08-16 11:28 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther
2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC                     ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-10 17:36 - 2013-08-10 17:35 - 09304408 _____ (Wargaming.net                                               ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-05 00:28 - 2013-07-16 21:03 - 00017836 _____ C:\Windows\DirectX.log
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:32 - 2013-08-04 23:31 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:19 - 2013-08-04 23:18 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:31 - 2013-08-03 01:02 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai
2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-30 02:55 - 2013-07-30 02:54 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO
2013-07-30 01:23 - 2013-07-30 00:19 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 19:00 - 2013-07-26 18:59 - 02404568 _____ (Tim Witschel Serververmietung                               ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer
2013-07-21 20:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:45 - 2013-07-21 12:46 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-12 22:39

==================== End Of Log ============================

--- --- ---

--- --- ---

Bitteschönn

schrauber · 20.08.2013, 11:44

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Malysch · 20.08.2013, 14:49

Scannt mittlerweile 2 Stunden und erst 43% und 3 Java trojaner wurden gefunden werden innerhalb ca. 2 weiteren Stunden gepostet !

schrauber · 20.08.2013, 15:10

ok

Malysch · 20.08.2013, 15:11

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=22be1ef4abe66645b6c04f8f8072e1c4
# engine=14839
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-20 02:04:58
# local_time=2013-08-20 04:04:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 8054 12337455 834 0
# compatibility_mode=5893 16776574 100 94 3487103 128637348 0 0
# scanned=148034
# found=4
# cleaned=0
# scan_time=7868
sh=60DAEFAFDA7E15C83BE52C297EC3BF95ABD98DC2 ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NDW trojan" ac=I fn="D:\BOZZ-PC\Backup Set 2013-05-28 203904\Backup Files 2013-06-16 190010\Backup files 3.zip"
sh=CC1417AB13B0EF8E97C57AB59287F0CD1E5A68CB ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NDW trojan" ac=I fn="D:\BOZZ-PC\Backup Set 2013-06-30 190010\Backup Files 2013-06-30 190010\Backup files 4.zip"
sh=091C5D3A805D6F559E6D6B2F70F9AF05B8632930 ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NDW trojan" ac=I fn="D:\BOZZ-PC\Backup Set 2013-07-21 190010\Backup Files 2013-07-21 190010\Backup files 4.zip"
sh=7BBE78B3C99D493D1860F58EFBE3A3A2B77C2B6E ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NDW trojan" ac=I fn="D:\BOZZ-PC\Backup Set 2013-08-04 190010\Backup Files 2013-08-04 190010\Backup files 4.zip"

schrauber · 20.08.2013, 15:11

Die Backups löschen, dann weiter im Text

Malysch · 20.08.2013, 15:25

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.72  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 11.8.800.94  
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Was für backups?

Wie kann ich denn die Löschen nach dem Log schließt ja die Datei!

Unter C: ? ... Pfad bitte sagen

20.08.2013, 15:10	#12
schrauber /// the machine /// TB-Ausbilder	Pup wieder da ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

20.08.2013, 15:11	#14
schrauber /// the machine /// TB-Ausbilder	Pup wieder da Die Backups löschen, dann weiter im Text __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Pup wieder da

Plagegeister aller Art und deren Bekämpfung: Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Pup wieder da

Ähnliche Themen: Pup wieder da

17.08.2013, 23:08	#1
Malysch	Pup wieder da Neueröffnung 1 Pup hat es wieder geschafft. Ich hatte nach Orfolgreichem Entfernen des Pup Viruses einen Malware gestartet (nichts gefunden). Jetzt gerade noch mall durchgeführt und jetzt ist er wieder da. Hier unten der Log.

17.08.2013, 23:30	#3
Malysch	Pup wieder da Hier __________________

20.08.2013, 14:49	#11
Malysch	Pup wieder da Scannt mittlerweile 2 Stunden und erst 43% und 3 Java trojaner wurden gefunden werden innerhalb ca. 2 weiteren Stunden gepostet !