FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by BoZz (administrator) on 18-08-2013 00:27:26
Running from C:\Users\BoZz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Akamai Technologies, Inc.) C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-03-29] ()
HKCU\...\Run: [GameCenterMailRu] - "C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\GameCenter@Mail.Ru.exe" -autostart [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\BoZz\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [ad4you] - C:\Users\BoZz\AppData\Roaming\ds.exe [369664 2013-06-09] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
MountPoints2: {e7312862-c1f9-11e2-aac6-6cf049eff7f5} - K:\Startme.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
ProxyServer: 127.0.0.1:8082
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B3229E23-185A-4cfe-A34F-B9EFE4506D56} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\Profiles\qck7vaay.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\BoZz\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: trtv3 - C:\Users\BoZz\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
Chrome:
=======
CHR DefaultSearchURL: (Ask Search) - hxxp://www.search.ask.com/web?p2=%5EB7J%5EYYYYYY%5EYY%5EDE&gct=&o=APN11289&tpid=CME-V7&itbv=12.2.2.604&doi=2013-08-03&apn_uid=563DECC3-8F2E-4CB3-8985-29BBA9F9B65E&apn_ptnrs=%5EB7J&apn_dtid=%5EYYYYYY%5EYY%5EDE&apn_dbr=cr_28.0.1500.95&psv=barid%253D%257B39987249%252DFC80%252D11E2%252DACDE%252D6CF049EFF7F5%257D%2526cargo%253DCME%252DV7%2526spr%253Da&trgb=CR&q={searchTerms}
CHR DefaultSuggestURL: (Ask Search) - hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-04-01] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-03-31] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-17] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-17] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-17] ()
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-17] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-17 20:43 - 2013-08-17 20:44 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:43 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:39 - 2013-08-17 20:40 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:40 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 17:52 - 2013-08-17 17:52 - 00017746 _____ C:\Users\BoZz\Desktop\Gmer.txt
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:33 - 2013-08-17 18:02 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-16 00:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 00:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 00:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 00:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 00:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 00:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 00:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 00:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 00:42 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 00:42 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 00:37 - 2013-08-16 00:38 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-15 13:45 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:45 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:45 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:45 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:45 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:45 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:45 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:45 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:45 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:45 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:45 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:45 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:45 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:45 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 14:34 - 2013-08-14 15:00 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:19 - 2007-09-28 06:41 - 00996352 _____ C:\Users\BoZz\Desktop\Xpadder.exe
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:13 - 2013-08-10 19:34 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:35 - 2013-08-10 17:36 - 09304408 _____ (Wargaming.net ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-17 23:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:31 - 2013-08-04 23:32 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:18 - 2013-08-04 23:19 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:31 - 2013-08-07 21:38 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-03 13:30 - 2013-08-07 21:44 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-03 13:30 - 2013-08-07 21:44 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-03 13:30 - 2013-08-07 21:37 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:29 - 2013-08-07 21:34 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-03 13:29 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:28 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:02 - 2013-08-03 01:31 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 02:54 - 2013-07-30 02:55 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 00:19 - 2013-07-30 01:23 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-30 02:58 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:57 - 2013-08-17 23:00 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:32 - 2013-07-27 23:56 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 18:59 - 2013-07-26 19:00 - 02404568 _____ (Tim Witschel Serververmietung ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-08-18 00:04 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:46 - 2013-07-21 12:45 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-07-21 12:39 - 2013-08-10 17:37 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW
==================== One Month Modified Files and Folders =======
2013-08-18 00:27 - 2013-08-18 00:27 - 00000000 ____D C:\FRST
2013-08-18 00:26 - 2013-03-29 16:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-18 00:22 - 2013-03-29 20:48 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Skype
2013-08-18 00:04 - 2013-07-26 12:57 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-08-18 00:01 - 2013-04-01 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-17 23:12 - 2013-03-29 16:06 - 00000000 ____D C:\Users\BoZz\AppData\Local\PMB Files
2013-08-17 23:12 - 2013-03-29 16:06 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-17 23:06 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-17 23:06 - 2009-07-14 06:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-17 23:02 - 2013-03-29 15:39 - 01376753 _____ C:\Windows\WindowsUpdate.log
2013-08-17 23:01 - 2013-08-04 23:32 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-17 23:01 - 2013-05-06 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 23:00 - 2013-07-28 00:57 - 00000000 ____D C:\Users\BoZz\AppData\Local\LogMeIn Hamachi
2013-08-17 23:00 - 2013-04-01 15:01 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-08-17 23:00 - 2013-03-29 16:21 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-17 23:00 - 2013-03-29 16:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-17 22:58 - 2013-07-15 11:33 - 00013555 _____ C:\Windows\setupact.log
2013-08-17 22:58 - 2013-03-29 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-17 22:58 - 2013-03-29 16:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-17 22:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-17 20:44 - 2013-08-17 20:43 - 00002171 _____ C:\DelFix.txt
2013-08-17 20:43 - 2013-08-17 20:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-17 20:42 - 2013-03-29 15:45 - 00000000 ____D C:\Users\BoZz
2013-08-17 20:40 - 2013-08-17 20:39 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-17 20:40 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Adobe
2013-08-17 20:40 - 2013-07-12 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-17 20:40 - 2013-04-01 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-17 20:39 - 2013-08-17 20:39 - 00000000 ____D C:\Users\BoZz\AppData\Local\Macromedia
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\Users\BoZz\AppData\Local\Mozilla
2013-08-17 20:38 - 2013-08-17 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-17 20:38 - 2013-04-01 00:33 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Mozilla
2013-08-17 20:37 - 2013-08-17 20:37 - 00282008 _____ (Mozilla) C:\Users\BoZz\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-17 19:59 - 2013-03-29 16:05 - 00001432 _____ C:\Users\BoZz\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 16:05 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-17 19:53 - 2013-03-29 15:45 - 00000993 _____ C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-17 18:05 - 2013-08-17 18:05 - 610810102 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:05 - 2013-08-17 18:05 - 00290936 _____ C:\Windows\Minidump\081713-37970-01.dmp
2013-08-17 18:05 - 2013-08-17 18:05 - 00000000 ____D C:\Windows\Minidump
2013-08-17 18:02 - 2013-08-17 17:33 - 00000470 _____ C:\Windows\SysWOW64\defogger_disable.log
2013-08-17 17:52 - 2013-08-17 17:52 - 00017746 _____ C:\Users\BoZz\Desktop\Gmer.txt
2013-08-17 17:39 - 2013-08-17 17:39 - 00377856 _____ C:\Users\BoZz\Downloads\gmer_2.1.19163.exe
2013-08-17 17:22 - 2013-07-15 11:33 - 00049568 _____ C:\Windows\PFRO.log
2013-08-17 17:19 - 2013-07-14 19:15 - 00000000 ____D C:\Users\BoZz\Desktop\torrents
2013-08-17 15:10 - 2013-05-30 09:54 - 00000000 ____D C:\Users\BoZz\Desktop\Nikitas Bilder
2013-08-16 11:28 - 2013-03-29 15:35 - 00000000 ____D C:\Windows\Panther
2013-08-16 00:40 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-16 00:40 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-16 00:40 - 2009-07-14 07:13 - 01518986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 00:38 - 2013-08-16 00:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 00:37 - 2013-03-29 17:23 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 15:40 - 2013-07-15 19:46 - 00000000 ____D C:\Users\BoZz\Desktop\Neuer Ordner
2013-08-15 15:13 - 2013-08-15 15:13 - 00144920 _____ C:\Users\BoZz\Downloads\20173.zip
2013-08-14 18:17 - 2013-08-14 18:17 - 00001630 _____ C:\Users\BoZz\Desktop\Xpadder.ini
2013-08-14 18:17 - 2013-08-14 18:17 - 00001090 _____ C:\Users\BoZz\Desktop\Joystick.xpadderprofile
2013-08-14 15:00 - 2013-08-14 14:34 - 00000679 _____ C:\Users\BoZz\Documents\Joystick.xpaddercontroller
2013-08-14 14:18 - 2013-08-14 14:18 - 00454835 _____ C:\Users\BoZz\Desktop\Xpadde2007.zip
2013-08-14 13:55 - 2013-08-14 13:55 - 00242392 _____ C:\Users\BoZz\Downloads\xpadder-windows-downloader.exe
2013-08-10 19:34 - 2013-08-10 19:13 - 407589449 _____ (SANRIODIGITAL GAMES & ENTERTAINMENT INC ) C:\POD-19902_setup.exe
2013-08-10 19:13 - 2013-08-10 19:13 - 01159216 _____ (Hello Kitty Online) C:\Users\BoZz\Downloads\HKO_Download_Manager.exe
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-08-10 17:37 - 2013-07-21 12:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-10 17:36 - 2013-08-10 17:35 - 09304408 _____ (Wargaming.net ) C:\Users\BoZz\Downloads\WoT_internet_install_eu.exe
2013-08-08 23:24 - 2013-03-30 00:13 - 00000000 ____D C:\Users\BoZz\AppData\Local\TeamSpeak 3 Client
2013-08-08 16:07 - 2013-08-08 16:07 - 00000000 ____D C:\Users\BoZz\Desktop\packages
2013-08-07 21:44 - 2013-08-03 13:30 - 00001682 _____ C:\Users\BoZz\Documents\output-client.log
2013-08-07 21:44 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\stats
2013-08-07 21:38 - 2013-08-03 13:31 - 00000155 _____ C:\Users\BoZz\Documents\servers.dat
2013-08-07 21:37 - 2013-08-03 13:30 - 00000988 _____ C:\Users\BoZz\Documents\options.txt
2013-08-07 21:34 - 2013-08-07 21:34 - 00000081 _____ C:\Users\BoZz\Desktop\KeiNett_Launch.properties
2013-08-07 21:34 - 2013-08-03 13:29 - 00000324 _____ C:\Users\BoZz\Documents\launcher_profiles.json
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\Documents\Arktos
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\CrashRpt
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Chromium
2013-08-05 16:25 - 2013-08-05 16:25 - 00000000 ____D C:\Users\BoZz\AppData\Local\Arktos
2013-08-05 00:28 - 2013-07-16 21:03 - 00017836 _____ C:\Windows\DirectX.log
2013-08-04 23:34 - 2013-08-04 23:34 - 00000000 ____D C:\Program Files (x86)\dumps
2013-08-04 23:32 - 2013-08-04 23:32 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-08-04 23:32 - 2013-08-04 23:31 - 08531968 _____ C:\Users\BoZz\Downloads\SteamInstall_German.msi
2013-08-04 23:21 - 2013-08-04 23:21 - 00000000 ____D C:\Users\BoZz\AppData\Local\SCE
2013-08-04 23:19 - 2013-08-04 23:19 - 00000000 ____D C:\Users\Public\Sony Online Entertainment
2013-08-04 23:19 - 2013-08-04 23:18 - 20095616 _____ C:\Users\BoZz\Downloads\PS2_PSG_setup.exe
2013-08-03 23:03 - 2013-08-03 23:03 - 00265776 _____ C:\Users\BoZz\Downloads\Blade_.exe
2013-08-03 18:22 - 2013-06-16 12:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-08-03 18:21 - 2013-06-16 12:19 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-03 18:21 - 2013-06-15 20:58 - 00000000 ____D C:\AeriaGames
2013-08-03 16:53 - 2013-08-03 16:53 - 00558104 _____ (Aeria Games & Entertainment) C:\Users\BoZz\Downloads\scarletblade_de_downloader.exe
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\saves
2013-08-03 13:30 - 2013-08-03 13:30 - 00000000 ____D C:\Users\BoZz\Documents\resourcepacks
2013-08-03 13:30 - 2013-08-03 13:29 - 00000000 ____D C:\Users\BoZz\Documents\libraries
2013-08-03 13:29 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\versions
2013-08-03 13:28 - 2013-08-03 13:28 - 00000000 ____D C:\Users\BoZz\Documents\assets
2013-08-03 01:47 - 2013-08-03 01:47 - 00000000 ____D C:\Program Files (x86)\ÌøÔ¾ÍøÂç
2013-08-03 01:31 - 2013-08-03 01:02 - 308761014 _____ C:\Users\BoZz\Downloads\300_v0.2.220.zip
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2013-07-30 22:26 - 2013-07-11 21:53 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2013-07-30 22:26 - 2013-03-29 15:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-30 22:14 - 2013-06-15 20:58 - 00000000 ____D C:\Users\BoZz\AppData\Local\Akamai
2013-07-30 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-30 02:58 - 2013-07-28 01:08 - 00000000 ____D C:\Users\BoZz\minecraft
2013-07-30 02:55 - 2013-07-30 02:54 - 17191597 _____ C:\Users\BoZz\Downloads\1.6.2DokuCraft-TSC-Adrundaal1.zip
2013-07-30 01:25 - 2013-07-30 01:25 - 00002713 _____ C:\Users\Public\Desktop\Loong - Dragonblood.lnk
2013-07-30 01:24 - 2013-04-15 15:54 - 00000000 ____D C:\GAMIGO
2013-07-30 01:23 - 2013-07-30 00:19 - 2412630842 _____ C:\Users\BoZz\Downloads\Loong-Dragonblood.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-29 21:14 - 2013-07-29 21:14 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-29 21:14 - 2013-07-29 21:14 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-29 21:14 - 2013-04-27 21:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-29 21:14 - 2013-04-27 21:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-29 21:11 - 2013-07-29 21:11 - 00903080 _____ (Oracle Corporation) C:\Users\BoZz\Downloads\chromeinstall-7u25.exe
2013-07-29 13:55 - 2013-04-27 21:06 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\.minecraft
2013-07-29 11:57 - 2013-07-29 11:57 - 00000072 _____ C:\Users\BoZz\Downloads\HTML Text.txt
2013-07-28 11:43 - 2013-07-28 11:43 - 00689489 _____ C:\Users\BoZz\Downloads\Minecraft Cracked Launcher (1).exe
2013-07-28 11:21 - 2013-04-23 19:55 - 00000000 ____D C:\Users\BoZz\Desktop\GTA SAMP
2013-07-28 09:56 - 2013-07-28 09:56 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-28 01:08 - 2013-07-28 01:08 - 00689489 _____ C:\Users\BoZz\Desktop\Minecraft Cracked Launcher.exe
2013-07-28 01:08 - 2013-07-28 01:08 - 00000079 _____ C:\Users\BoZz\Downloads\KeiNett_Launch.properties
2013-07-28 01:06 - 2013-07-28 01:06 - 00252021 _____ C:\Users\BoZz\Downloads\Mineshafter 1.6.2.jar
2013-07-28 00:53 - 2013-07-28 00:53 - 04292608 _____ C:\Users\BoZz\Downloads\hamachi_2.1.0.362.msi
2013-07-27 23:56 - 2013-07-27 23:32 - 00000000 ____D C:\Users\BoZz\Desktop\Beste SA-MP
2013-07-26 19:00 - 2013-07-26 19:00 - 00001115 _____ C:\Users\Public\Desktop\AnotherLife Client.lnk
2013-07-26 19:00 - 2013-07-26 18:59 - 02404568 _____ (Tim Witschel Serververmietung ) C:\Users\BoZz\Downloads\anotherlifesetup.exe
2013-07-26 19:00 - 2013-06-15 20:04 - 00000000 ____D C:\Program Files (x86)\AnotherLifeClient
2013-07-26 13:07 - 2013-07-26 13:07 - 00000000 ____D C:\Users\BoZz\Documents\My Cheat Tables
2013-07-26 12:57 - 2013-07-26 12:57 - 00001085 _____ C:\Users\BoZz\Desktop\Cheat Engine.lnk
2013-07-26 07:13 - 2013-08-16 00:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-16 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-16 00:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-16 00:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-16 00:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-16 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-16 00:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-16 00:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-16 00:42 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-16 00:42 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:00 - 2013-07-25 22:00 - 12009178 _____ C:\Users\BoZz\Desktop\sa-mp-0.3x-R1-install.exe
2013-07-25 21:59 - 2013-07-25 21:59 - 00727380 _____ C:\Users\BoZz\Desktop\mod_sa.v4.3.3.0.SA-MP.v0.3x R1.Setup.exe
2013-07-25 11:25 - 2013-08-15 13:45 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:45 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-22 18:33 - 2013-05-22 19:48 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-22 18:33 - 2013-05-03 21:53 - 00000000 ____D C:\Users\BoZz\AppData\Roaming\TeamViewer
2013-07-21 20:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-21 12:46 - 2013-07-21 12:46 - 00000000 ____D C:\Users\BoZz\Desktop\Cube World
2013-07-21 12:45 - 2013-07-21 12:46 - 33129973 _____ C:\Users\BoZz\Desktop\_CUBE_.rar
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.TXT
2013-07-20 21:48 - 2013-07-20 21:48 - 00000003 _____ C:\Windows\system32\HRUPPROG.DIE.NOW
2013-07-19 03:58 - 2013-08-15 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-15 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 22:39
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2013
Ran by BoZz at 2013-08-18 00:28:44
Running from C:\Users\BoZz\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
??????? ?????@Mail.Ru (HKCU Version: 2.315)
@BIOS Ver.2.06 (x32 Version: 2.06)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Akamai NetSession Interface (HKCU)
AnotherLife Client Version 1.1 (x32 Version: 1.1)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Bandicam (x32 Version: 1.8.9.371)
Bandisoft MPEG-1 Decoder (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
Cheat Engine 6.3 (x32)
Cross Fire (HKCU)
Cross Fire (x32 Version: 1.0.0.66)
DES 2.0 (x32 Version: 1.00.0000)
eaner (Version: 4.00)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
League of Legends (x32 Version: 1.3)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Loong - Dragonblood (x32 Version: 2.04.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Minecraft 1.2.0_02 (x32)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
ON_OFF Charge B10.0422.2 (x32 Version: 1.00.0001)
Pando Media Booster (x32 Version: 2.6.0.9)
Pflanzen gegen Zombies (x32)
Plants vs. Zombies (x32)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)
Skype™ 6.5 (x32 Version: 6.5.158)
Smart 6 B10.0422.1 (x32 Version: 1.00.0000)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.18051)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
17-08-2013 21:29:25 Automatic creation
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {25F5C9A1-5A17-40B5-9478-A2F1D9FC5230} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {3568E6A4-15A8-4017-9C6D-7228C359779B} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {4FF2355D-F93F-4243-AAC5-454A8C026FC6} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {7712AD88-7807-4584-9ADE-A3840040C5FE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {85DF2C1E-A0C0-4EA9-834D-BEA365EB2F37} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {A6710A2D-53BF-4FA2-8276-F0ABD3B45A5B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {ABA7CA19-A5E6-4C8D-9632-C78F8C1114AC} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {AE9DF882-EDBB-4936-859A-F66F96D7AB58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.)
Task: {CDEFE3D6-34B5-43E1-B30D-32DF7DA8464E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.)
Task: {E2198939-939E-4986-B5EA-2114EB1FE553} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {E36E283C-7A9F-4612-9466-6D25BEAC026D} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {F4398ECE-B4BC-4C6A-BEC8-76C7F34A4B99} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/18/2013 00:01:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 11:29:14 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {a7f978e5-ede4-492b-bb91-4c00fedd97aa}
Error: (08/17/2013 11:01:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xfe4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 10:01:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x1314
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 09:26:34 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {14e0f5af-5564-4d38-bf6e-cd8173a8dd79}
Error: (08/17/2013 09:01:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x1320
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 08:45:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUI70.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000394e
ID des fehlerhaften Prozesses: 0x640
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (08/17/2013 08:01:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x111c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 07:01:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0xa38
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3
Error: (08/17/2013 06:45:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {a32a2d77-e5e8-4498-9803-7bf9715d2b5d}
System errors:
=============
Error: (08/17/2013 11:01:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/17/2013 11:01:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/17/2013 08:59:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/17/2013 08:59:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/17/2013 08:57:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 8" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/17/2013 08:57:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 8 erreicht.
Error: (08/17/2013 08:43:32 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.
Error: (08/17/2013 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/17/2013 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/17/2013 07:59:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
Error: (08/18/2013 00:01:02 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243d6c01ce9b95420b6142C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll81352b80-0788-11e3-847d-6cf049eff7f5
Error: (08/17/2013 11:29:14 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {a7f978e5-ede4-492b-bb91-4c00fedd97aa}
Error: (08/17/2013 11:01:03 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243fe401ce9b8ce0442950C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll1ffa018c-0780-11e3-847d-6cf049eff7f5
Error: (08/17/2013 10:01:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243131401ce9b847e76af78C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dllbd5b5963-0777-11e3-94a7-6cf049eff7f5
Error: (08/17/2013 09:26:34 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {14e0f5af-5564-4d38-bf6e-cd8173a8dd79}
Error: (08/17/2013 09:01:04 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243132001ce9b7c1cb83327C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll5d1e79a7-076f-11e3-94a7-6cf049eff7f5
Error: (08/17/2013 08:45:47 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DUI70.dll6.1.7600.163854a5bdf25c0000005000000000000394e64001ce9b75aa034acaC:\Windows\Explorer.EXEC:\Windows\system32\DUI70.dll3a3f624f-076d-11e3-a109-6cf049eff7f5
Error: (08/17/2013 08:01:03 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243111c01ce9b73bb03376eC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dllfa993292-0766-11e3-bf57-6cf049eff7f5
Error: (08/17/2013 07:01:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.1820551db9710c00000050002e243a3801ce9b6b592ae636C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dll9822a339-075e-11e3-b2d2-6cf049eff7f5
Error: (08/17/2013 06:45:09 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {a32a2d77-e5e8-4498-9803-7bf9715d2b5d}
==================== Memory info ===========================
Percentage of memory in use: 18%
Total physical RAM: 16382.49 MB
Available physical RAM: 13317.33 MB
Total Pagefile: 32763.17 MB
Available Pagefile: 29441.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:382.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:201.13 GB) NTFS
Drive e: () (Fixed) (Total:74.53 GB) (Free:74.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9F9167C3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 9F9167C2)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 75 GB) (Disk ID: 446EFE9D)
Partition 1: (Not Active) - (Size=75 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Ich bin Off wir machen später weiter :/
Können wir weiter machen? :D
Bin wieder da und würde gerne weiter machen die Logs wurden gepostet
Diesen Pup hab ich jetzt entfernt kommt dieser wieder da ich es schon mall versucht hatte und dieser wieder kam.
Ich weis jetzt net weiter Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.08.17.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
BoZz :: BOZZ-PC [Administrator]
18.08.2013 19:12:15
mbam-log-2013-08-18 (19-12-15).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 388963
Laufzeit: 53 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Users\BoZz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1KNMQF1\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende) |