| |
| |||||||
Log-Analyse und Auswertung: cpu 100% und exe lassen sich nicht öffenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.06.2014, 13:53
| #16 |
 |  cpu 100% und exe lassen sich nicht öffen hallo Jürgen anti-malware lässt sich nicht install "interner fehler:expression error runtime error (at79:177) external exception E06D7363. |
|
06.06.2014, 13:54
| #17 |
| /// TB-Ausbilder /// Anleitungs-Guru  | cpu 100% und exe lassen sich nicht öffen Das hattest doch schon drauf oder? Und auch Avira. Deinstalliert?
__________________
__________________ |
|
06.06.2014, 13:59
| #18 |
| | cpu 100% und exe lassen sich nicht öffen Ja lässt sich nicht starten
__________________avira startet auch nicht lässt sich auch nicht deinstall |
|
06.06.2014, 14:01
| #19 |
| /// TB-Ausbilder /// Anleitungs-Guru | cpu 100% und exe lassen sich nicht öffen Schritt 1   Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan. Poste mir bitte beide Logs.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.06.2014, 14:05
| #20 |
| | cpu 100% und exe lassen sich nicht öffenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014
Ran by Mafia (administrator) on MAFIA-PC on 06-06-2014 15:02:37
Running from C:\Users\Mafia\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Box\Box Sync\FSEventsReader.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Dropbox, Inc.) C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nexon Corp.) C:\Nexon\NexonPlug\NMService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [NexonPlug] => C:\Nexon\NexonPlug\NexonPlug.exe [2115928 2014-04-23] (Nexon Korea Corp.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
Startup: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD07716838EA3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPDC5C3546-B0DD-4CE4-AD10-187D28F005A7&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Promt IE Helper - {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - PROMT Translator - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: https://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tongbu.com/tongbu,version=0.1 - C:\Program Files\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mafia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\testlog.txt
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahootc.xml
FF Extension: PROMT - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\promtff9@promt9.ru [2014-05-29]
FF Extension: YouTube Unblocker - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\youtubeunblocker@unblocker.yt [2014-04-18]
FF Extension: DownloadHelper - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: {11574f4a-82a7-4b99-81dc-020c5e316e55} - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{11574f4a-82a7-4b99-81dc-020c5e316e55}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
Chrome:
=======
CHR HomePage: https://www.facebook.com/?ref=logo
CHR StartupUrls: "https://www.facebook.com/",
"https://www.youtube.com/feed/subscriptions",
"hxxp://www.tumblr.com/dashboard",
"https://twitter.com/"
CHR Extension: (ProxFlow) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-05]
CHR Extension: (Google Docs) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05]
CHR Extension: (Google Drive) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (TV) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05]
CHR Extension: (Adblock Plus) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-05]
CHR Extension: (Google-Suche) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05]
CHR Extension: (Love O'Clock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcnbegbcdfdlndabgemkabfhfllocma [2014-05-05]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-05]
CHR Extension: (Stylish) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-05-05]
CHR Extension: (AdBlock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05]
CHR Extension: (FVD Downloader) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-05]
CHR Extension: (Surfing Day 2012) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgigjnbamdjoeifabplldbjgbjnacki [2014-05-05]
CHR Extension: (Google Wallet) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR Extension: (Google Mail) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
S4 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2012-08-01] ()
R2 BoxSyncFSEventsReaderService; C:\Program Files\Box\Box Sync\FSEventsReader.exe [13824 2013-09-09] ()
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18432 2013-09-09] (Box Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S2 HPSLPSVC; C:\Users\Mafia\AppData\Local\Temp\7zS49D6\hpslpsvc32.dll [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-16] (REALiX(tm))
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-04-10] (StdLib)
R3 ALSysIO; \??\C:\Users\Mafia\AppData\Local\Temp\ALSysIO.sys [X]
S3 athr; system32\DRIVERS\athr.sys [X]
S2 avgntflt; system32\DRIVERS\avgntflt.sys [X]
S1 avipbb; system32\DRIVERS\avipbb.sys [X]
S1 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 catchme; \??\C:\Users\Mafia\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2010-03-31] (Huawei Technologies Co., Ltd.)
S1 ssmdrv; system32\DRIVERS\ssmdrv.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys D4EF00B622EBEBEF85AB53C51A509A14
C:\Windows\System32\DRIVERS\atikmpag.sys 0A536B713BF916E62A14D48B0C1739A3
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\System32\Drivers\ssadadb.sys DD8D9C597AF7CD2F6B70A3D6A4A1ACEA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 636C40DAC5D13F4C354973017AA8ADC2
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Program Files\SystemRequirementsLab\cpudrv.sys D01F685F8B4598D144B0CCE9FF95D8D5
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dfx11_1.sys 30384865C9AF82DB291E5C4F468E1AC6
C:\Windows\System32\DRIVERS\ssudbus.sys 560B0DCE52DFED6623B27C9BAFA6F236
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys B83BDCCBACB65BAA9E20888DD0083A16
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\DRIVERS\ggflt.sys 93CA4D9A0433BE0EDD0B9F2F26D5E54C
C:\Windows\System32\DRIVERS\ggsemc.sys 17E678AAB82CCDFB80E7614504933895
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys 950CC1E6AE3A6CD23E0945CDE089B02C
C:\Windows\System32\DRIVERS\htcnprot.sys 339ADEFAD60353F960E3CA67CE468C24
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 988C0A49F09D75D3341CB419141793C1
C:\Windows\system32\drivers\HWiNFO32.SYS 43E745EFA7D34ADAED455C0AA94C424A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys AD626F6964F4D364D226C39E06872DD3
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys 82EE5914B6AB27BFD23ECA29AEB34DA4
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl.sys 9213AA35BCA94EB79D366DA254E4BDF5
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\DRIVERS\NuidFltr.sys A82BB9014BEF0E4986C3DA610B3A25FE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb.sys 0F6756EF8BDA6DFA7BE50465C83132BB
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIV.sys 79C8488DFA2AA377441645123CB73845
C:\Windows\System32\DRIVERS\Rt86win7.sys 3983CEA05BB855351D75F5482B6C42CE
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys E5B56569A9F79B70314FEDE6C953641E
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ssadbus.sys 64E44ACD8C238FCBBB78F0BA4BDC4B05
C:\Windows\System32\DRIVERS\ssadmdfl.sys BB2C84A15C765DA89FD832B0E73F26CE
C:\Windows\System32\DRIVERS\ssadmdm.sys 6D0D132DDC6F43EDA00DCED6D8B1CA31
C:\Windows\System32\DRIVERS\ssadserd.sys 1A5A397BC459F346AB56492B61EF79F6
C:\Windows\System32\DRIVERS\ssudmdm.sys 585FDB94DB04AC1C56298D1FD1F1389E
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 052306FD76793D5D5AB5D9891FD1ADBB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\system32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\DRIVERS\VClone.sys DAEF3AC067094497402C77476BBC3540
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\wacommousefilter.sys 427A8BC96F16C40DF81C2D2F4EDD32DD
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 846B58EA44BF8C92E4B59F4E2252C4C0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\wStLibG.sys 022E6B0F67F3CF1DE63502194E7D8AC7
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xusb21.sys C26C68BCBAC1F33F890C226769759209
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-06 15:02 - 2014-06-06 15:02 - 00000000 ____D () C:\Users\Mafia\Desktop\FRST-OlderVersion
2014-06-06 11:43 - 2014-06-06 11:44 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-06-06 11:43 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-06 11:43 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-05 23:26 - 2014-06-06 15:03 - 00036961 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-05 23:26 - 2014-06-06 15:02 - 00000000 ____D () C:\FRST
2014-06-05 23:18 - 2014-06-06 15:02 - 01063424 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-05 23:11 - 2014-06-05 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-05 23:11 - 2014-06-05 23:11 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 23:10 - 2014-06-05 23:26 - 00000000 ____D () C:\Users\Mafia\Desktop\mbar
2014-06-05 23:10 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-05 23:09 - 2014-06-05 23:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mafia\Desktop\mbar-1.07.0.1009.exe
2014-06-05 22:52 - 2014-06-05 22:52 - 00030033 _____ () C:\ComboFix.txt
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\noni\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Bea\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Aileen\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\temp
2014-06-05 22:32 - 2014-06-05 22:32 - 00003268 _____ () C:\Users\Mafia\Desktop\prüfung.7z
2014-06-05 22:03 - 2014-06-06 15:03 - 00000000 ____D () C:\Users\Mafia\AppData\Local\temp
2014-06-05 21:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Qoobox
2014-06-05 21:52 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-05 21:52 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-05 21:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-05 21:51 - 2014-06-05 22:08 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 21:45 - 2014-06-05 21:46 - 05205146 _____ (Swearware) C:\Users\Mafia\Downloads\ComboFix(1).exe
2014-06-05 21:44 - 2014-06-05 21:44 - 05205146 ____R (Swearware) C:\Users\Mafia\Downloads\CF.exe
2014-06-05 20:02 - 2014-06-05 20:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-05 20:01 - 2014-06-05 20:03 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00001422 _____ () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00001016 _____ () C:\Users\Public\Desktop\Windows Media Player.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00000020 ___SH () C:\Users\Administrator.Mafia-PC\ntuser.ini
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Startmenü
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Netzwerkumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Druckumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Musik
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Bilder
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Local\Verlauf
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Windows\Profiles\Default
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\WTablet
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Adobe
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn Hamachi
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Google
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Box Sync
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC
2014-06-05 20:01 - 2013-09-03 17:18 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Macromedia
2014-06-05 20:01 - 2013-08-29 04:27 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Microsoft Help
2014-06-05 20:01 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-05 20:01 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 20:00 - 2014-05-01 03:36 - 00000000 ____D () C:\Users\Mafia\Downloads\TuneUp.Utilities.2014.v14.0.1000.296.inkl.Keygen.und.Crack.German
2014-06-05 19:51 - 2014-06-05 19:54 - 29094876 _____ () C:\Users\Mafia\Downloads\TUU.v14.0.1000.296.GER.rar
2014-06-05 19:40 - 2014-06-05 19:42 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-05 19:40 - 2014-06-05 19:40 - 01078591 _____ () C:\Users\Mafia\Downloads\Unlocker1.9.2.exe
2014-06-05 19:40 - 2014-06-05 19:40 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-05 19:37 - 2014-06-05 19:37 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mafia\Downloads\avira_de_av___ws.exe
2014-06-04 21:50 - 2014-06-04 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-04 21:38 - 2014-06-04 21:45 - 1204690621 _____ () C:\Users\Mafia\Downloads\iPhone3,1_7.1.1_11D201_Restore.ipsw
2014-06-04 21:29 - 2014-06-04 21:29 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-04 21:29 - 2014-06-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-04 21:28 - 2014-06-04 21:28 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 20:44 - 2013-08-22 08:13 - 00000407 _____ () C:\Windows\system32\Drivers\etc\networks
2014-06-04 20:43 - 2014-06-04 20:43 - 00000000 ____D () C:\Windows\system32\Drivers\etc\Neuer Ordner2
2014-06-04 20:41 - 2014-06-04 20:41 - 06347938 _____ () C:\Users\Mafia\Downloads\icloud bypass gwcc1.2.6.rar
2014-06-04 20:29 - 2013-08-22 08:13 - 00017463 _____ () C:\Windows\system32\Drivers\etc\services
2014-06-04 20:29 - 2013-08-22 08:13 - 00001358 _____ () C:\Windows\system32\Drivers\etc\protocol
2014-06-04 01:54 - 2014-06-04 01:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(3).exe
2014-06-04 01:53 - 2014-06-04 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-06-04 01:44 - 2014-06-04 01:44 - 00010826 _____ () C:\Users\Mafia\Desktop\prüfung.txt
2014-06-04 01:42 - 2014-06-04 01:42 - 00010859 _____ () C:\Users\Mafia\Desktop\hijackthis.log
2014-06-04 01:37 - 2014-06-04 01:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis_5833.exe
2014-06-04 01:18 - 2014-06-04 01:19 - 00000980 _____ () C:\DelFix.txt
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-01 12:34 - 2014-06-01 12:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 06:04 - 2014-06-04 04:29 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:27 - 2014-06-01 05:28 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 03:49 - 2014-06-01 04:06 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 03:38 - 2014-06-01 05:42 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:13 - 2014-06-01 03:30 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:41 - 2014-06-01 02:59 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:22 - 2014-05-31 18:28 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:35 - 2014-05-30 13:41 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 01:47 - 2014-05-29 01:48 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 01:01 - 2014-04-04 17:05 - 00000000 ____D () C:\Users\Mafia\Downloads\1532
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-26 18:35 - 2014-05-30 21:31 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-26 17:49 - 2014-05-26 17:53 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 17:05 - 2014-05-26 20:30 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:00 - 2014-05-24 23:06 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:58 - 2014-05-24 22:59 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:53 - 2014-05-24 22:56 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 06:11 - 2014-05-24 06:13 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:47 - 2014-05-24 04:49 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 02:42 - 2014-05-24 03:02 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:41 - 2014-05-24 02:57 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2013-01-21 11:11 - 64168776 _____ () C:\Users\Mafia\Downloads\Emma_Setup.exe
2014-05-24 00:21 - 2014-05-24 00:22 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 14:40 - 2014-05-23 14:41 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-22 23:51 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-22 23:49 - 2014-05-22 23:50 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:18 - 2014-05-22 23:19 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 04:36 - 2014-05-22 04:37 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:25 - 2014-05-22 04:26 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-29 09:44 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:39 - 2013-12-21 20:51 - 00000000 ____D () C:\Users\Mafia\Downloads\Langenscheidt T1 Professional
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:22 - 2014-05-21 00:24 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:11 - 2014-05-20 11:12 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 13:11 - 2014-05-19 13:17 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:47 - 2014-05-18 23:48 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-06-06 14:45 - 00009608 _____ () C:\Windows\setupact.log
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 16:57 - 2014-06-06 00:04 - 01977166 _____ () C:\Windows\PFRO.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 10:38 - 2012-10-15 22:06 - 00000000 ____D () C:\Users\Mafia\Downloads\Dox
2014-05-18 09:56 - 2014-06-04 15:53 - 00013817 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-18 08:41 - 2014-05-22 17:06 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 02:32 - 2014-05-29 01:04 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-23 00:57 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:16 - 2014-05-17 03:11 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-16 20:10 - 2014-05-16 20:14 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:34 - 2011-12-28 11:01 - 00000000 ____D () C:\Users\Mafia\Downloads\hosts-
2014-05-16 18:56 - 2014-05-16 19:00 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:19 - 2014-05-12 01:16 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-15 15:19 - 2000-05-18 01:00 - 01509632 _____ (Microsoft Corporation) C:\Users\Mafia\Downloads\InstMsiW.exe
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:25 - 2014-05-15 05:40 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:22 - 2014-05-15 15:02 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 05:22 - 2014-05-15 14:59 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 01:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 20:15 - 2014-06-02 22:08 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-05-13 20:12 - 2014-05-13 22:47 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 19:49 - 2014-06-06 14:46 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-05-13 11:37 - 2014-05-21 00:26 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-13 11:11 - 2014-05-15 05:23 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:35 - 2014-05-13 00:42 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2014-06-04 20:49 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-13 00:09 - 2014-06-04 20:49 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 19:32 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:30 - 2014-06-04 08:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-12 19:29 - 2014-05-29 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-05-12 19:29 - 2014-05-29 01:07 - 00000000 ____D () C:\Windows\msagent
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:08 - 2014-06-04 08:07 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:24 - 2014-05-12 12:11 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-11 18:24 - 2014-05-11 18:26 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 21:26 - 2014-03-21 22:36 - 00000000 ____D () C:\Users\Mafia\Downloads\Babylon Pro 10
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:37 - 2014-05-08 15:38 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 08:04 - 2014-05-08 13:12 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:28 - 2014-05-08 02:31 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:27 - 2014-05-08 02:28 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-07 19:56 - 2014-03-28 18:19 - 00000000 ____D () C:\Users\Mafia\Downloads\bshdbxst
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
==================== One Month Modified Files and Folders =======
2014-06-06 15:03 - 2014-06-05 23:26 - 00036961 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-06 15:03 - 2014-06-05 22:03 - 00000000 ____D () C:\Users\Mafia\AppData\Local\temp
2014-06-06 15:02 - 2014-06-06 15:02 - 00000000 ____D () C:\Users\Mafia\Desktop\FRST-OlderVersion
2014-06-06 15:02 - 2014-06-05 23:26 - 00000000 ____D () C:\FRST
2014-06-06 15:02 - 2014-06-05 23:18 - 01063424 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-06 14:58 - 2013-09-30 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 14:55 - 2013-09-01 15:40 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Adobe
2014-06-06 14:50 - 2013-08-28 03:28 - 01669318 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 14:50 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 14:50 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 14:48 - 2013-08-28 03:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-06 14:46 - 2014-05-13 19:49 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-06-06 14:46 - 2013-08-31 22:37 - 00000000 ___RD () C:\Users\Mafia\Dropbox
2014-06-06 14:46 - 2013-08-31 22:35 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Dropbox
2014-06-06 14:45 - 2014-05-18 16:58 - 00009608 _____ () C:\Windows\setupact.log
2014-06-06 14:45 - 2014-02-03 16:35 - 00000000 ____D () C:\Users\Mafia\AppData\Local\LogMeIn Hamachi
2014-06-06 14:45 - 2013-09-30 22:26 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-06 14:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 11:44 - 2014-06-06 11:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-06-06 00:04 - 2014-05-18 16:57 - 01977166 _____ () C:\Windows\PFRO.log
2014-06-06 00:03 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\UseNeXT
2014-06-05 23:51 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\Documents\UseNeXT
2014-06-05 23:26 - 2014-06-05 23:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-05 23:26 - 2014-06-05 23:10 - 00000000 ____D () C:\Users\Mafia\Desktop\mbar
2014-06-05 23:11 - 2014-06-05 23:11 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 23:09 - 2014-06-05 23:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mafia\Desktop\mbar-1.07.0.1009.exe
2014-06-05 22:52 - 2014-06-05 22:52 - 00030033 _____ () C:\ComboFix.txt
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\noni\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Bea\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Aileen\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 21:52 - 00000000 ____D () C:\Qoobox
2014-06-05 22:52 - 2013-09-02 01:49 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\2.0
2014-06-05 22:51 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-06-05 22:32 - 2014-06-05 22:32 - 00003268 _____ () C:\Users\Mafia\Desktop\prüfung.7z
2014-06-05 22:09 - 2013-10-17 12:37 - 00000000 ____D () C:\Users\noni
2014-06-05 22:09 - 2013-08-25 01:00 - 00000000 ____D () C:\Users\Bea
2014-06-05 22:09 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-06-05 22:09 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-06-05 22:08 - 2014-06-05 21:51 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 21:46 - 2014-06-05 21:45 - 05205146 _____ (Swearware) C:\Users\Mafia\Downloads\ComboFix(1).exe
2014-06-05 21:44 - 2014-06-05 21:44 - 05205146 ____R (Swearware) C:\Users\Mafia\Downloads\CF.exe
2014-06-05 20:03 - 2014-06-05 20:02 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-05 20:03 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00001422 _____ () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00001016 _____ () C:\Users\Public\Desktop\Windows Media Player.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00000020 ___SH () C:\Users\Administrator.Mafia-PC\ntuser.ini
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Startmenü
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Netzwerkumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Druckumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Musik
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Bilder
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Local\Verlauf
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Windows\Profiles\Default
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\WTablet
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Adobe
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn Hamachi
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Google
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Box Sync
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC
2014-06-05 20:01 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-05 20:01 - 2009-07-14 04:04 - 00000864 _____ () C:\Windows\win.ini
2014-06-05 20:00 - 2013-09-07 02:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-05 19:54 - 2014-06-05 19:51 - 29094876 _____ () C:\Users\Mafia\Downloads\TUU.v14.0.1000.296.GER.rar
2014-06-05 19:48 - 2013-10-29 21:34 - 00000000 ____D () C:\Temp
2014-06-05 19:46 - 2013-08-31 12:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Skype
2014-06-05 19:42 - 2014-06-05 19:40 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-05 19:40 - 2014-06-05 19:40 - 01078591 _____ () C:\Users\Mafia\Downloads\Unlocker1.9.2.exe
2014-06-05 19:40 - 2014-06-05 19:40 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-05 19:37 - 2014-06-05 19:37 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mafia\Downloads\avira_de_av___ws.exe
2014-06-05 19:05 - 2010-11-20 23:01 - 01657362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:50 - 2014-06-04 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-04 21:45 - 2014-06-04 21:38 - 1204690621 _____ () C:\Users\Mafia\Downloads\iPhone3,1_7.1.1_11D201_Restore.ipsw
2014-06-04 21:29 - 2014-06-04 21:29 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-04 21:29 - 2014-06-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-04 21:29 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\iTunes
2014-06-04 21:28 - 2014-06-04 21:28 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 21:28 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-04 20:49 - 2014-05-13 00:10 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-06-04 20:49 - 2014-05-13 00:09 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-06-04 20:43 - 2014-06-04 20:43 - 00000000 ____D () C:\Windows\system32\Drivers\etc\Neuer Ordner2
2014-06-04 20:43 - 2014-04-06 23:53 - 00000000 ____D () C:\Neuer Ordner
2014-06-04 20:41 - 2014-06-04 20:41 - 06347938 _____ () C:\Users\Mafia\Downloads\icloud bypass gwcc1.2.6.rar
2014-06-04 15:53 - 2014-05-18 09:56 - 00013817 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-06-04 08:07 - 2014-05-12 12:08 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-06-04 08:05 - 2014-05-12 19:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-06-04 04:29 - 2014-06-01 06:04 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-04 01:55 - 2014-06-04 01:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(3).exe
2014-06-04 01:53 - 2014-06-04 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-06-04 01:44 - 2014-06-04 01:44 - 00010826 _____ () C:\Users\Mafia\Desktop\prüfung.txt
2014-06-04 01:42 - 2014-06-04 01:42 - 00010859 _____ () C:\Users\Mafia\Desktop\hijackthis.log
2014-06-04 01:38 - 2014-06-04 01:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis_5833.exe
2014-06-04 01:19 - 2014-06-04 01:18 - 00000980 _____ () C:\DelFix.txt
2014-06-03 19:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-02 22:08 - 2014-05-13 20:15 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-06-01 19:51 - 2014-04-06 12:47 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\.minecraft
2014-06-01 12:35 - 2014-06-01 12:34 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 09:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 05:42 - 2014-06-01 03:38 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:28 - 2014-06-01 05:27 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 04:06 - 2014-06-01 03:49 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 04:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:30 - 2014-06-01 03:13 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:59 - 2014-06-01 02:41 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:28 - 2014-05-31 18:22 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:23 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia
2014-05-31 17:04 - 2009-07-14 04:03 - 69468160 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 27262976 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-05-31 16:59 - 2009-07-14 04:03 - 00069632 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-05-31 02:41 - 2014-02-07 02:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\vlc
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 21:31 - 2014-05-26 18:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:41 - 2014-05-30 13:35 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 21:25 - 2014-02-08 00:09 - 00000000 ____D () C:\The KMPlayer
2014-05-29 10:49 - 2013-09-13 07:08 - 00000000 ____D () C:\Users\Mafia\Documents\Tongbu
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 09:53 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\Lhsp
2014-05-29 09:44 - 2014-05-21 00:51 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-29 01:48 - 2014-05-29 01:47 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:07 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\msagent
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:04 - 2014-05-17 02:32 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-27 00:55 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\addins
2014-05-26 20:30 - 2014-05-26 17:05 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-26 17:53 - 2014-05-26 17:49 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-25 21:58 - 2014-05-05 18:35 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:06 - 2014-05-24 23:00 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:59 - 2014-05-24 22:58 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:56 - 2014-05-24 22:53 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:29 - 2013-10-16 16:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 06:13 - 2014-05-24 06:11 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:49 - 2014-05-24 04:47 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 04:14 - 2014-02-10 21:55 - 00000000 ____D () C:\Flashtool
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 03:02 - 2014-05-24 02:42 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:57 - 2014-05-24 02:41 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:25 - 2013-12-25 08:57 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2014-05-24 00:21 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:22 - 2013-12-17 13:30 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 21:17 - 2013-12-17 13:30 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-23 15:08 - 2013-08-28 07:41 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\iFunbox_UserCache
2014-05-23 14:41 - 2014-05-23 14:40 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-23 00:57 - 2014-05-16 22:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-23 00:54 - 2013-10-18 18:59 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\libimobiledevice
2014-05-22 23:59 - 2014-05-05 18:44 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 23:50 - 2014-05-22 23:49 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:19 - 2014-05-22 23:18 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 23:15 - 2014-04-19 15:12 - 00007680 ___SH () C:\Users\Mafia\AppData\Roaming\Thumbs.db
2014-05-22 17:06 - 2014-05-18 08:41 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-22 04:37 - 2014-05-22 04:36 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:35 - 2014-03-16 21:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DiskAid
2014-05-22 04:26 - 2014-05-22 04:25 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 19:05 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\Performance
2014-05-21 18:01 - 2014-04-03 19:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\redsn0w
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:51 - 2013-08-28 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-21 00:50 - 2013-08-28 04:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:26 - 2014-05-13 11:37 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-21 00:24 - 2014-05-21 00:22 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 17:02 - 2013-08-31 12:22 - 00000000 ___RD () C:\Program Files\Skype
2014-05-20 17:02 - 2013-08-31 12:21 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:12 - 2014-05-20 11:11 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 01:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
2014-05-19 13:17 - 2014-05-19 13:11 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:56 - 2013-08-28 07:39 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-18 23:48 - 2014-05-18 23:47 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Malwarebytes
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 03:18 - 2013-08-28 03:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-17 03:11 - 2014-05-16 20:16 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:47 - 2013-09-13 06:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:14 - 2014-05-16 20:10 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:00 - 2014-05-16 18:56 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 18:58 - 2013-09-01 15:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-16 18:55 - 2013-09-01 15:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:12 - 2013-09-13 06:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-16 16:35 - 2013-08-28 03:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-16 16:35 - 2013-08-28 03:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:02 - 2014-05-15 05:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 14:59 - 2014-05-15 05:22 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:25 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:23 - 2014-05-13 11:11 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-15 05:02 - 2013-09-01 15:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-15 04:55 - 2013-11-24 17:47 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\ProgramData\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\Program Files\Razer
2014-05-15 01:01 - 2013-08-28 07:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 00:47 - 2013-08-28 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 00:45 - 2012-06-14 12:39 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-14 11:08 - 2014-04-15 11:35 - 00000897 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 22:47 - 2014-05-13 20:12 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 13:30 - 2013-08-28 03:47 - 00000000 ____D () C:\Program Files\Java
2014-05-13 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:42 - 2014-05-13 00:35 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 20:43 - 2014-05-12 19:32 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:11 - 2014-05-11 18:24 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-12 07:26 - 2014-06-06 11:43 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-06 11:43 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 07:25 - 2014-06-05 23:10 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 01:16 - 2014-05-15 15:19 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:26 - 2014-05-11 18:24 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-11 17:58 - 2013-09-02 05:19 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Deployment
2014-05-11 17:40 - 2013-08-28 04:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 19:49 - 2013-08-29 12:27 - 00000000 ____D () C:\Program Files\DFX
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:38 - 2014-05-08 15:37 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 13:12 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 09:23 - 2014-01-06 23:54 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\AVS4YOU
2014-05-08 02:35 - 2013-10-02 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:31 - 2014-05-08 02:28 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:28 - 2014-05-08 02:27 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-08 01:31 - 2014-01-06 23:49 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-05-08 01:21 - 2013-12-05 01:56 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\TuneUpMedia
2014-05-08 01:21 - 2013-08-28 04:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Mozilla
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-07 00:18 - 2014-04-29 12:56 - 00000000 ____D () C:\Users\Mafia\Desktop\Minecraft-bilder
Files to move or delete:
====================
C:\Users\Bea\contacts.dat
Some content of TEMP:
====================
C:\Users\Mafia\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkkxore.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
path \bootmgr
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
displayorder {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
{61b1399a-24cd-11de-a4c4-ca27f4abce37}
{current}
toolsdisplayorder {memdiag}
timeout 15
Windows-Startladeprogramm
-------------------------
Bezeichner {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
custom:15000065 3
custom:15000066 3
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
systemroot \windows
nx OptIn
custom:250000c2 1
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {5eea018c-c458-11e3-a4e7-dd71149e4331}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
custom:15000065 3
custom:15000066 3
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
systemroot \windows
nx OptIn
custom:250000c2 1
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {ab31a0e4-0f88-11e3-95df-c80cab60adee}
device ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
systemroot \windows
nx OptIn
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 ohne DDR-RAM Sperre
locale de-DE
inherit {bootloadersettings}
recoverysequence {ab31a0e4-0f88-11e3-95df-c80cab60adee}
recoveryenabled Yes
testsigning Yes
osdevice partition=C:
systemroot \Windows
kernel ntkrlICE.exe
resumeobject {ab31a0e2-0f88-11e3-95df-c80cab60adee}
nx OptIn
pae ForceEnable
numproc 2
usefirmwarepcisettings No
Windows-Startladeprogramm
-------------------------
Bezeichner {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
device partition=D:
path \WINDOWS\system32\winload.exe
description Windows 8.1
locale de-DE
inherit {bootloadersettings}
recoverysequence {5eea018c-c458-11e3-a4e7-dd71149e4331}
integrityservices Enable
recoveryenabled Yes
custom:17000077 352321653
osdevice partition=D:
systemroot \WINDOWS
resumeobject {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
nx OptIn
custom:250000c2 1
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {10a77766-b926-11e3-9e2d-f3f7ac4b143e}
device partition=D:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
recoveryenabled Yes
custom:17000077 352321653
filedevice partition=D:
filepath \hiberfil.sys
custom:25000008 1
pae Yes
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {ab31a0e2-0f88-11e3-95df-c80cab60adee}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
device partition=D:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {5eea018c-c458-11e3-a4e7-dd71149e4331}
recoveryenabled Yes
custom:17000077 352321653
filedevice partition=D:
filepath \hiberfil.sys
custom:25000008 1
pae Yes
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {10a77769-b926-11e3-9e2d-f3f7ac4b143e}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {10a7776a-b926-11e3-9e2d-f3f7ac4b143e}
description Windows Setup
ramdisksdidevice partition=D:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Ger„teoptionen
--------------
Bezeichner {5eea018d-c458-11e3-a4e7-dd71149e4331}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {ab31a0e5-0f88-11e3-95df-c80cab60adee}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\boot.sdi
LastRegBack: 2014-05-29 01:30
==================== End Of Log ============================
|
auf Deinen Desktop:
Linear-Darstellung
