Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: cpu 100% und exe lassen sich nicht öffen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 03.06.2014, 21:57   #1
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Mafia (administrator) on MAFIA-PC on 03-06-2014 16:43:59
Running from C:\Users\Mafia\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Box\Box Sync\FSEventsReader.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\Windows Manager\winmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Dropbox, Inc.) C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(Nexon Corp.) C:\Nexon\NexonPlug\NMService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [WindowsUpdate] - C:\Program Files\Windows Manager\winmgr.exe [445952 2014-05-24] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [NexonPlug] => C:\Nexon\NexonPlug\NexonPlug.exe [2115928 2014-04-23] (Nexon Korea Corp.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\RunOnce: [WindowsUpdate] - C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe [268800 2014-06-03] ()
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: J - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: K - K:\SETUP.EXE /adminfile IU.MSP
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {1ada3f0b-3fd1-11e3-8753-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {38acb392-2b8d-11e3-9ead-00241d3198e0} - J:\Startme.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {4b40593b-5461-11e3-8532-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {4b405acc-5461-11e3-8532-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {696abc48-0f80-11e3-9c98-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {f63f0916-da8e-11e3-be8e-00241d3198e0} - F:\setup.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avguard.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avscan.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avshadow.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mousekeyboardcenter.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\pbackup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\pccompanion.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\prmt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\promt professional 10.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\pta2.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ptssync.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\TuneUpUtilitiesApp32.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\TuneUpUtilitiesService32.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ver-dictu.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD07716838EA3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPDC5C3546-B0DD-4CE4-AD10-187D28F005A7&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Promt IE Helper - {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - PROMT Translator - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: https://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tongbu.com/tongbu,version=0.1 - C:\Program Files\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mafia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\testlog.txt
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahootc.xml
FF Extension: PROMT - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\promtff9@promt9.ru [2014-05-29]
FF Extension: YouTube Unblocker - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\youtubeunblocker@unblocker.yt [2014-04-18]
FF Extension: DownloadHelper - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: {11574f4a-82a7-4b99-81dc-020c5e316e55} - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{11574f4a-82a7-4b99-81dc-020c5e316e55}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]

Chrome: 
=======
CHR HomePage: https://www.facebook.com/?ref=logo
CHR StartupUrls: "https://www.facebook.com/",
			"https://www.youtube.com/feed/subscriptions",
			"hxxp://www.tumblr.com/dashboard",
			"https://twitter.com/"
CHR Extension: (ProxFlow) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-05]
CHR Extension: (Google Docs) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05]
CHR Extension: (Google Drive) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (TV) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05]
CHR Extension: (Adblock Plus) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-05]
CHR Extension: (Google-Suche) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05]
CHR Extension: (Love O'Clock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcnbegbcdfdlndabgemkabfhfllocma [2014-05-05]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-05]
CHR Extension: (Stylish) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-05-05]
CHR Extension: (AdBlock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05]
CHR Extension: (FVD Downloader) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-05]
CHR Extension: (Surfing Day 2012) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgigjnbamdjoeifabplldbjgbjnacki [2014-05-05]
CHR Extension: (Google Wallet) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR Extension: (Google Mail) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2012-08-01] ()
R2 BoxSyncFSEventsReaderService; C:\Program Files\Box\Box Sync\FSEventsReader.exe [13824 2013-09-09] ()
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18432 2013-09-09] (Box Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [0 ] (TuneUp Software)
S2 HPSLPSVC; C:\Users\Mafia\AppData\Local\Temp\7zS49D6\hpslpsvc32.dll [X]
S2 MBAMScheduler; "C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-16] (REALiX(tm))
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [74456 2014-05-26] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-28] (Avira GmbH)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [0 ] (TuneUp Software)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-04-10] (StdLib)
R3 ALSysIO; \??\C:\Users\Mafia\AppData\Local\Temp\ALSysIO.sys [X]
S3 athr; system32\DRIVERS\athr.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys D4EF00B622EBEBEF85AB53C51A509A14
C:\Windows\System32\DRIVERS\atikmpag.sys 0A536B713BF916E62A14D48B0C1739A3
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\System32\Drivers\ssadadb.sys DD8D9C597AF7CD2F6B70A3D6A4A1ACEA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 636C40DAC5D13F4C354973017AA8ADC2
C:\Windows\System32\DRIVERS\avgntflt.sys 06740B4CA398D0D00A49CB1D22FC2BC3
C:\Windows\System32\DRIVERS\avipbb.sys 05AF7CBF0BDA1571BBADC36703EB9CA4
C:\Windows\System32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Program Files\SystemRequirementsLab\cpudrv.sys D01F685F8B4598D144B0CCE9FF95D8D5
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dfx11_1.sys 30384865C9AF82DB291E5C4F468E1AC6
C:\Windows\System32\DRIVERS\ssudbus.sys 560B0DCE52DFED6623B27C9BAFA6F236
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys B83BDCCBACB65BAA9E20888DD0083A16
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\DRIVERS\ggflt.sys 93CA4D9A0433BE0EDD0B9F2F26D5E54C
C:\Windows\System32\DRIVERS\ggsemc.sys 17E678AAB82CCDFB80E7614504933895
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys 950CC1E6AE3A6CD23E0945CDE089B02C
C:\Windows\System32\DRIVERS\htcnprot.sys 339ADEFAD60353F960E3CA67CE468C24
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 988C0A49F09D75D3341CB419141793C1
C:\Windows\system32\drivers\HWiNFO32.SYS 43E745EFA7D34ADAED455C0AA94C424A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys AD626F6964F4D364D226C39E06872DD3
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys 82EE5914B6AB27BFD23ECA29AEB34DA4
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys C924D31D6411854E8B6EEFEFA2FE87BA
C:\Windows\system32\drivers\mbam.sys 8683C1B450F4B3872839308D836E0F92
C:\Windows\system32\drivers\mwac.sys BD27D97297934FD4217A37FD28A7ABC7
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl.sys 9213AA35BCA94EB79D366DA254E4BDF5
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\DRIVERS\NuidFltr.sys A82BB9014BEF0E4986C3DA610B3A25FE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb.sys 0F6756EF8BDA6DFA7BE50465C83132BB
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIV.sys 79C8488DFA2AA377441645123CB73845
C:\Windows\System32\DRIVERS\Rt86win7.sys 3983CEA05BB855351D75F5482B6C42CE
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys E5B56569A9F79B70314FEDE6C953641E
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ssadbus.sys 64E44ACD8C238FCBBB78F0BA4BDC4B05
C:\Windows\System32\DRIVERS\ssadmdfl.sys BB2C84A15C765DA89FD832B0E73F26CE
C:\Windows\System32\DRIVERS\ssadmdm.sys 6D0D132DDC6F43EDA00DCED6D8B1CA31
C:\Windows\System32\DRIVERS\ssadserd.sys 1A5A397BC459F346AB56492B61EF79F6
C:\Windows\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\Windows\System32\DRIVERS\ssudmdm.sys 585FDB94DB04AC1C56298D1FD1F1389E
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 052306FD76793D5D5AB5D9891FD1ADBB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\system32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys 
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\DRIVERS\VClone.sys DAEF3AC067094497402C77476BBC3540
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\wacommousefilter.sys 427A8BC96F16C40DF81C2D2F4EDD32DD
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 846B58EA44BF8C92E4B59F4E2252C4C0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\wStLibG.sys 022E6B0F67F3CF1DE63502194E7D8AC7
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xusb21.sys C26C68BCBAC1F33F890C226769759209

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 16:41 - 2014-06-03 16:44 - 00043565 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-03 16:40 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-03 16:33 - 2014-06-03 16:33 - 00002777 _____ () C:\Users\Mafia\Desktop\FSS.txt
2014-06-03 16:32 - 2014-06-03 16:32 - 00410112 _____ (Farbar) C:\Users\Mafia\Desktop\FSS.exe
2014-06-03 15:10 - 2014-06-03 16:44 - 00000000 ____D () C:\FRST
2014-06-03 15:09 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Downloads\FRST(1).exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis.exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ () C:\Users\Mafia\Downloads\hijackthis(1).exe
2014-06-03 14:33 - 2014-06-03 14:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\HijackThis - CHIP-Installer.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-01 12:34 - 2014-06-01 12:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 06:04 - 2014-06-03 16:23 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-01 06:04 - 2014-05-24 14:17 - 00445952 __RSH (Kitsai) C:\Windows\system32\Microsoft.com
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:27 - 2014-06-01 05:28 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 05:26 - 2014-06-01 05:26 - 26568637 _____ () C:\Users\Mafia\Downloads\Dr.Fone.for.iOS.4.5.0.27.rar
2014-06-01 03:49 - 2014-06-01 04:06 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 03:38 - 2014-06-01 05:42 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:13 - 2014-06-01 03:30 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:41 - 2014-06-01 02:59 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:22 - 2014-05-31 18:28 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:35 - 2014-05-30 13:41 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 01:47 - 2014-05-29 01:48 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 01:01 - 2014-04-04 17:05 - 00000000 ____D () C:\Users\Mafia\Downloads\1532
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-26 18:35 - 2014-05-30 21:31 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-26 17:49 - 2014-05-26 17:53 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 17:05 - 2014-05-26 20:30 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-25 02:08 - 2014-06-01 03:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 02:08 - 2014-05-26 03:32 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-25 02:08 - 2014-05-25 02:08 - 00001061 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-25 02:08 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-25 02:08 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:00 - 2014-05-24 23:06 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:58 - 2014-05-24 22:59 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:53 - 2014-05-24 22:56 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 06:11 - 2014-05-24 06:13 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:47 - 2014-05-24 04:49 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 02:42 - 2014-05-24 03:02 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:41 - 2014-05-24 02:57 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2013-01-21 11:11 - 64168776 _____ () C:\Users\Mafia\Downloads\Emma_Setup.exe
2014-05-24 00:21 - 2014-05-24 00:22 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 14:40 - 2014-05-23 14:41 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-22 23:56 - 2014-05-22 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 23:51 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-22 23:49 - 2014-05-22 23:50 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:18 - 2014-05-22 23:19 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 04:36 - 2014-05-22 04:37 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:25 - 2014-05-22 04:26 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-29 09:44 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:39 - 2013-12-21 20:51 - 00000000 ____D () C:\Users\Mafia\Downloads\Langenscheidt T1 Professional
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:22 - 2014-05-21 00:24 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:11 - 2014-05-20 11:12 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 01:11 - 2014-05-20 01:11 - 01326389 _____ () C:\Users\Mafia\Downloads\adwcleaner_3.210.exe
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 13:11 - 2014-05-19 13:17 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:47 - 2014-05-18 23:48 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-06-03 16:22 - 00009048 _____ () C:\Windows\setupact.log
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 16:57 - 2014-06-03 16:22 - 01974142 _____ () C:\Windows\PFRO.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 10:38 - 2012-10-15 22:06 - 00000000 ____D () C:\Users\Mafia\Downloads\Dox
2014-05-18 09:56 - 2014-05-22 04:36 - 00010147 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-18 08:41 - 2014-05-22 17:06 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 02:32 - 2014-05-29 01:04 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-23 00:57 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 22:11 - 2014-05-16 22:11 - 10627812 _____ () C:\Users\Mafia\Downloads\SuperOneClickv2.3.3-ShortFuse.zip
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:16 - 2014-05-17 03:11 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-16 20:10 - 2014-05-16 20:14 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:34 - 2011-12-28 11:01 - 00000000 ____D () C:\Users\Mafia\Downloads\hosts-
2014-05-16 18:56 - 2014-05-16 19:00 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:19 - 2014-05-12 01:16 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-15 15:19 - 2000-05-18 01:00 - 01509632 _____ (Microsoft Corporation) C:\Users\Mafia\Downloads\InstMsiW.exe
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:25 - 2014-05-15 05:40 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:22 - 2014-05-15 15:02 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 05:22 - 2014-05-15 14:59 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 01:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 20:15 - 2014-06-02 22:08 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-05-13 20:12 - 2014-05-13 22:47 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 19:49 - 2014-06-03 16:23 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-05-13 11:37 - 2014-05-21 00:26 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-13 11:11 - 2014-05-15 05:23 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:35 - 2014-05-13 00:42 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2014-05-30 03:27 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-13 00:09 - 2014-05-30 03:27 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 19:32 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:30 - 2014-05-13 02:48 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-12 19:29 - 2014-05-29 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-05-12 19:29 - 2014-05-29 01:07 - 00000000 ____D () C:\Windows\msagent
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:08 - 2014-05-12 12:14 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:24 - 2014-05-12 12:11 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-11 18:24 - 2014-05-11 18:26 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 21:26 - 2014-03-21 22:36 - 00000000 ____D () C:\Users\Mafia\Downloads\Babylon Pro 10
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:37 - 2014-05-08 15:38 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 08:04 - 2014-05-08 13:12 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:28 - 2014-05-08 02:31 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:27 - 2014-05-08 02:28 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-07 19:56 - 2014-03-28 18:19 - 00000000 ____D () C:\Users\Mafia\Downloads\bshdbxst
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-06 17:14 - 2014-05-06 17:26 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-05-05 18:44 - 2014-05-22 23:59 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-05 18:44 - 2014-05-05 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-05 18:36 - 2014-05-05 18:36 - 00000000 ____D () C:\ProgramData\AppReady Software
2014-05-05 18:35 - 2014-05-25 21:58 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 18:17 - 2014-05-05 18:17 - 00428141 _____ () C:\Users\Mafia\Desktop\Minecraft-Modder_v2.9.2.exe
2014-05-04 02:11 - 2014-05-04 02:16 - 1308144206 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1.1_11D201_Restore.ipsw

==================== One Month Modified Files and Folders =======

2014-06-03 16:44 - 2014-06-03 16:41 - 00043565 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-03 16:44 - 2014-06-03 15:10 - 00000000 ____D () C:\FRST
2014-06-03 16:44 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Temp
2014-06-03 16:33 - 2014-06-03 16:33 - 00002777 _____ () C:\Users\Mafia\Desktop\FSS.txt
2014-06-03 16:32 - 2014-06-03 16:32 - 00410112 _____ (Farbar) C:\Users\Mafia\Desktop\FSS.exe
2014-06-03 16:28 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 16:28 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 16:26 - 2013-08-28 03:28 - 01520109 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 16:24 - 2013-08-31 22:35 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Dropbox
2014-06-03 16:23 - 2014-06-01 06:04 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-03 16:23 - 2014-05-13 19:49 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-06-03 16:23 - 2014-02-03 16:35 - 00000000 ____D () C:\Users\Mafia\AppData\Local\LogMeIn Hamachi
2014-06-03 16:23 - 2013-08-31 22:37 - 00000000 ___RD () C:\Users\Mafia\Dropbox
2014-06-03 16:22 - 2014-05-18 16:58 - 00009048 _____ () C:\Windows\setupact.log
2014-06-03 16:22 - 2014-05-18 16:57 - 01974142 _____ () C:\Windows\PFRO.log
2014-06-03 16:22 - 2013-09-30 22:26 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 16:22 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 16:21 - 2013-10-15 19:42 - 00000000 ____D () C:\AdwCleaner
2014-06-03 16:11 - 2010-11-20 23:01 - 01657362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-03 15:09 - 2014-06-03 16:40 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-03 15:09 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Downloads\FRST(1).exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis.exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ () C:\Users\Mafia\Downloads\hijackthis(1).exe
2014-06-03 14:48 - 2013-08-28 03:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-03 14:33 - 2014-06-03 14:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\HijackThis - CHIP-Installer.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-03 04:45 - 2013-09-01 15:40 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Adobe
2014-06-02 22:23 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\UseNeXT
2014-06-02 22:15 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\Documents\UseNeXT
2014-06-02 22:08 - 2014-05-13 20:15 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-06-02 21:58 - 2013-09-30 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 19:51 - 2014-04-06 12:47 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\.minecraft
2014-06-01 19:50 - 2013-08-31 12:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Skype
2014-06-01 12:35 - 2014-06-01 12:34 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 09:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 05:42 - 2014-06-01 03:38 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:28 - 2014-06-01 05:27 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 05:26 - 2014-06-01 05:26 - 26568637 _____ () C:\Users\Mafia\Downloads\Dr.Fone.for.iOS.4.5.0.27.rar
2014-06-01 04:06 - 2014-06-01 03:49 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 04:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:30 - 2014-06-01 03:13 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 03:21 - 2014-05-25 02:08 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 02:59 - 2014-06-01 02:41 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:28 - 2014-05-31 18:22 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:23 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia
2014-05-31 17:04 - 2009-07-14 04:03 - 69468160 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 27262976 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-05-31 16:59 - 2009-07-14 04:03 - 00069632 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-05-31 02:41 - 2014-02-07 02:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\vlc
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 21:31 - 2014-05-26 18:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:41 - 2014-05-30 13:35 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-30 03:27 - 2014-05-13 00:10 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-30 03:27 - 2014-05-13 00:09 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-29 21:25 - 2014-02-08 00:09 - 00000000 ____D () C:\The KMPlayer
2014-05-29 10:49 - 2013-09-13 07:08 - 00000000 ____D () C:\Users\Mafia\Documents\Tongbu
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 09:53 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\Lhsp
2014-05-29 09:44 - 2014-05-21 00:51 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-29 01:48 - 2014-05-29 01:47 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:07 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\msagent
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:04 - 2014-05-17 02:32 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-27 00:55 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\addins
2014-05-26 20:30 - 2014-05-26 17:05 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-26 17:53 - 2014-05-26 17:49 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 03:32 - 2014-05-25 02:08 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-25 21:58 - 2014-05-05 18:35 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-25 02:08 - 2014-05-25 02:08 - 00001061 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:06 - 2014-05-24 23:00 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:59 - 2014-05-24 22:58 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:56 - 2014-05-24 22:53 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:29 - 2013-10-16 16:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 14:17 - 2014-06-01 06:04 - 00445952 __RSH (Kitsai) C:\Windows\system32\Microsoft.com
2014-05-24 06:13 - 2014-05-24 06:11 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:49 - 2014-05-24 04:47 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 04:14 - 2014-02-10 21:55 - 00000000 ____D () C:\Flashtool
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 03:02 - 2014-05-24 02:42 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:57 - 2014-05-24 02:41 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:25 - 2013-12-25 08:57 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2014-05-24 00:21 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:22 - 2013-12-17 13:30 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 21:17 - 2013-12-17 13:30 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-23 16:43 - 2013-08-25 01:00 - 00000000 ____D () C:\Users\Bea
2014-05-23 15:08 - 2013-08-28 07:41 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\iFunbox_UserCache
2014-05-23 14:41 - 2014-05-23 14:40 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-23 00:57 - 2014-05-16 22:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-23 00:54 - 2013-10-18 18:59 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\libimobiledevice
2014-05-22 23:59 - 2014-05-05 18:44 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 23:56 - 2014-05-22 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 23:55 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 23:55 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-22 23:50 - 2014-05-22 23:49 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:19 - 2014-05-22 23:18 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 23:15 - 2014-04-19 15:12 - 00007680 ___SH () C:\Users\Mafia\AppData\Roaming\Thumbs.db
2014-05-22 17:06 - 2014-05-18 08:41 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-22 04:37 - 2014-05-22 04:36 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:36 - 2014-05-18 09:56 - 00010147 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-22 04:35 - 2014-03-16 21:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DiskAid
2014-05-22 04:26 - 2014-05-22 04:25 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 19:05 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\Performance
2014-05-21 18:01 - 2014-04-03 19:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\redsn0w
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:51 - 2013-08-28 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-21 00:50 - 2013-08-28 04:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-05-21 00:38 - 2013-09-07 02:12 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:26 - 2014-05-13 11:37 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-21 00:24 - 2014-05-21 00:22 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 17:02 - 2013-08-31 12:22 - 00000000 ___RD () C:\Program Files\Skype
2014-05-20 17:02 - 2013-08-31 12:21 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:12 - 2014-05-20 11:11 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 10:58 - 2013-08-28 04:53 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:58 - 2013-08-28 04:53 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-20 01:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
2014-05-20 01:11 - 2014-05-20 01:11 - 01326389 _____ () C:\Users\Mafia\Downloads\adwcleaner_3.210.exe
2014-05-19 13:17 - 2014-05-19 13:11 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:56 - 2013-08-28 07:39 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-18 23:48 - 2014-05-18 23:47 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Malwarebytes
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 03:18 - 2013-08-28 03:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-17 03:11 - 2014-05-16 20:16 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 22:11 - 2014-05-16 22:11 - 10627812 _____ () C:\Users\Mafia\Downloads\SuperOneClickv2.3.3-ShortFuse.zip
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:47 - 2013-09-13 06:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:14 - 2014-05-16 20:10 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:00 - 2014-05-16 18:56 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 18:58 - 2013-09-01 15:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-16 18:55 - 2013-09-01 15:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:12 - 2013-09-13 06:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-16 16:35 - 2013-08-28 03:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-16 16:35 - 2013-08-28 03:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:02 - 2014-05-15 05:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 14:59 - 2014-05-15 05:22 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:25 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:23 - 2014-05-13 11:11 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-15 05:02 - 2013-09-01 15:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-15 04:55 - 2013-11-24 17:47 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\ProgramData\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\Program Files\Razer
2014-05-15 01:01 - 2013-08-28 07:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 00:47 - 2013-08-28 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 00:45 - 2012-06-14 12:39 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-14 11:08 - 2014-04-15 11:35 - 00000897 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 22:47 - 2014-05-13 20:12 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 13:30 - 2013-08-28 03:47 - 00000000 ____D () C:\Program Files\Java
2014-05-13 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 02:48 - 2014-05-12 19:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-13 00:42 - 2014-05-13 00:35 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 20:43 - 2014-05-12 19:32 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:14 - 2014-05-12 12:08 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-12 12:11 - 2014-05-11 18:24 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-12 07:26 - 2014-05-25 02:08 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-25 02:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 01:16 - 2014-05-15 15:19 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:26 - 2014-05-11 18:24 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-11 17:58 - 2013-09-02 05:19 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Deployment
2014-05-11 17:40 - 2013-08-28 04:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 19:49 - 2013-08-29 12:27 - 00000000 ____D () C:\Program Files\DFX
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:38 - 2014-05-08 15:37 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 13:12 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 09:23 - 2014-01-06 23:54 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\AVS4YOU
2014-05-08 02:35 - 2013-10-02 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:31 - 2014-05-08 02:28 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:28 - 2014-05-08 02:27 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-08 01:31 - 2014-01-06 23:49 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-05-08 01:21 - 2013-12-05 01:56 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\TuneUpMedia
2014-05-08 01:21 - 2013-08-28 04:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Mozilla
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-07 00:18 - 2014-04-29 12:56 - 00000000 ____D () C:\Users\Mafia\Desktop\Minecraft-bilder
2014-05-06 17:26 - 2014-05-06 17:14 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-05-05 18:44 - 2014-05-05 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-05 18:44 - 2013-09-30 22:26 - 00000000 ____D () C:\Program Files\Google
2014-05-05 18:39 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-05 18:36 - 2014-05-05 18:36 - 00000000 ____D () C:\ProgramData\AppReady Software
2014-05-05 18:17 - 2014-05-05 18:17 - 00428141 _____ () C:\Users\Mafia\Desktop\Minecraft-Modder_v2.9.2.exe
2014-05-04 02:16 - 2014-05-04 02:11 - 1308144206 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1.1_11D201_Restore.ipsw
2014-05-04 01:43 - 2013-08-28 07:41 - 00000000 ____D () C:\Program Files\i-Funbox DevTeam

Files to move or delete:
====================
C:\Users\Bea\contacts.dat


Some content of TEMP:
====================
C:\Users\Mafia\AppData\Local\Temp\avgnt.exe
C:\Users\Mafia\AppData\Local\Temp\bassmod.dll
C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe
C:\Users\Mafia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvp2yt.dll
C:\Users\Mafia\AppData\Local\Temp\npp.6.6.3.Installer.exe
C:\Users\Mafia\AppData\Local\Temp\nse2496.exe
C:\Users\Mafia\AppData\Local\Temp\nseF99A.exe
C:\Users\Mafia\AppData\Local\Temp\nseFC59.exe
C:\Users\Mafia\AppData\Local\Temp\nsoFF56.exe
C:\Users\Mafia\AppData\Local\Temp\nsu2765.exe
C:\Users\Mafia\AppData\Local\Temp\nsu2C94.exe
C:\Users\Mafia\AppData\Local\Temp\nsv7DF5.exe
C:\Users\Mafia\AppData\Local\Temp\proxy_vole8242817500600634785.dll
C:\Users\Mafia\AppData\Local\Temp\Quarantine.exe
C:\Users\Mafia\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \bootmgr
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
displayorder            {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
                        {61b1399a-24cd-11de-a4c4-ca27f4abce37}
                        {current}
toolsdisplayorder       {memdiag}
timeout                 15

Windows-Startladeprogramm
-------------------------
Bezeichner              {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
custom:15000065         3
custom:15000066         3
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
systemroot              \windows
nx                      OptIn
custom:250000c2         1
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {5eea018c-c458-11e3-a4e7-dd71149e4331}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
custom:15000065         3
custom:15000066         3
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
systemroot              \windows
nx                      OptIn
custom:250000c2         1
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {ab31a0e4-0f88-11e3-95df-c80cab60adee}
device                  ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7 ohne DDR-RAM Sperre
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {ab31a0e4-0f88-11e3-95df-c80cab60adee}
recoveryenabled         Yes
testsigning             Yes
osdevice                partition=C:
systemroot              \Windows
kernel                  ntkrlICE.exe
resumeobject            {ab31a0e2-0f88-11e3-95df-c80cab60adee}
nx                      OptIn
pae                     ForceEnable
numproc                 2
usefirmwarepcisettings  No

Windows-Startladeprogramm
-------------------------
Bezeichner              {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
device                  partition=D:
path                    \WINDOWS\system32\winload.exe
description             Windows 8.1
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {5eea018c-c458-11e3-a4e7-dd71149e4331}
integrityservices       Enable
recoveryenabled         Yes
custom:17000077         352321653
osdevice                partition=D:
systemroot              \WINDOWS
resumeobject            {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
nx                      OptIn
custom:250000c2         1

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {10a77766-b926-11e3-9e2d-f3f7ac4b143e}
device                  partition=D:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
recoveryenabled         Yes
custom:17000077         352321653
filedevice              partition=D:
filepath                \hiberfil.sys
custom:25000008         1
pae                     Yes
debugoptionenabled      No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {ab31a0e2-0f88-11e3-95df-c80cab60adee}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
device                  partition=D:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {5eea018c-c458-11e3-a4e7-dd71149e4331}
recoveryenabled         Yes
custom:17000077         352321653
filedevice              partition=D:
filepath                \hiberfil.sys
custom:25000008         1
pae                     Yes
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {10a77769-b926-11e3-9e2d-f3f7ac4b143e}
description             Windows Recovery
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {10a7776a-b926-11e3-9e2d-f3f7ac4b143e}
description             Windows Setup
ramdisksdidevice        partition=D:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {5eea018d-c458-11e3-a4e7-dd71149e4331}
description             Windows Recovery
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {ab31a0e5-0f88-11e3-95df-c80cab60adee}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\boot.sdi



LastRegBack: 2014-05-29 01:30

==================== End Of Log ============================
         

Alt 03.06.2014, 22:00   #2
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014
Ran by Mafia at 2014-06-03 16:45:49
Running from C:\Users\Mafia\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
A Bug's Life Action Spiel (HKLM\...\A Bug's Life) (Version:  - )
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Aladdin (HKLM\...\Aladdin) (Version:  - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
AVS Video Converter 8.5 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
Babylon (HKLM\...\{5111D459-D8BD-4C26-BE8B-A15ED1ACBF69}) (Version: 10.00.0111 - Babylon Ltd.)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-3 - Wacom Technology Corp.)
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bleed (HKLM\...\Steam App 239800) (Version:  - Ian Campbell)
Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{EA45DACB-0978-420F-AE32-FD5354FEED61}) (Version: 4.0.3100.0 - Box, Inc.)
Box Sync (Version: 4.0.3100.0 - Box Inc.) Hidden
Broken Sword 5 - the Serpent's Curse -  Episode 1 (HKLM\...\GOGPACKBROKENSWORD5EP1_is1) (Version: 2.0.0.3 - GOG.com)
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
DFX (HKLM\...\DFX) (Version: 11.113.0.0 - Power Technology)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
DiskAid 6.5.6.0 (HKLM\...\DiskAid_is1) (Version: 6.5.6.0 - DigiDNA)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dracula 5 (HKLM\...\Dracula5_is1) (Version: 1.0 - Anuman)
DriverTuner 3.1.0.1 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Eleusis (HKLM\...\Eleusis_is1) (Version:  - )
ffdshow v1.3.4500 [2013-01-06] (HKLM\...\ffdshow_is1) (Version: 1.3.4500.0 - )
Flashtool (HKLM\...\Flashtool) (Version: 0.9.16.0 - Androxyde)
GadgetWide Cloud Control Service (HKLM\...\{6147344A-2A3D-4CE0-9F09-E99CE1C45573}) (Version: 1.2.0.6 - GadgetWide)
GadgetWide Cloud Control Service (HKLM\...\{9DF8F96F-821F-458C-AE5A-FC17051BD592}) (Version: 1.2.4.0 - )
Geheimakte Sam Peters (HKLM\...\{F4DE991E-E7DE-4C22-A01C-3AEC85A62FDE}) (Version: 1.00 - Deep Silver)
Goodbye Deponia (HKLM\...\R29vZGJ5ZURlcG9uaWE=_is1) (Version: 1 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
HWiNFO32 Version 4.24 (HKLM\...\HWiNFO32_is1) (Version: 4.24 - Martin Malík - REALiX)
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iBackupBot 5.0.6 (HKLM\...\iBackupBot) (Version: 5.0.6 - VOWSoft, Ltd.)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.7.2386.747 - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.0.9.0 - Reincubate Ltd)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kai's SuperGOO (HKLM\...\SUPERGOO) (Version:  - )
KnightShift (HKLM\...\KnightShift) (Version: 1.2 - ZUXXEZ Entertainment AG)
L&H TTS3000 Deutsch (HKLM\...\LHTTSGED) (Version:  - )
L&H TTS3000 Español (HKLM\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Français (HKLM\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM\...\LHTTSITI) (Version:  - )
L&H TTS3000 Português (Brasil) (HKLM\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM\...\LHTTSRUR) (Version:  - )
Langenscheidt T1 7.0 (HKLM\...\{57EB87EF-23DF-4A76-9B90-FD7B53E1C6CE}) (Version:  - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0 - Logitech) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Max Recorder (HKLM\...\Max Recorder) (Version: 1.026.0.0 - Silver Vine, LLC)
Micky auf Ganovenjagd (HKLM\...\Micky auf Ganovenjagd) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.60418.17931 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{cbf90bef-21fb-400b-935a-5900785071dd}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{7CBA9009-7EA4-338B-893D-9607CD829ADF}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (Version: 2.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.1.3 (HKLM\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-a1f395dd-4409-482e-99fc-b5681c730f76) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-cbe5321e-9a5d-4826-aa08-d03b68b18551) (Version:  - Epic Games, Inc.)
MyHarmony (HKCU\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
Nero Burning Core (Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM 2014 (HKLM\...\{28FCF48D-1BB2-4D6B-89F9-9499663122D6}) (Version: 15.0.02800 - Nero AG)
Nero Burning ROM Help (CHM) (Version: 15.0.00018 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.0.22900 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.15003 - Nero AG) Hidden
Nero Update (Version: 11.0.13300.42.0 - Nero AG) Hidden
Nexon Game Manager (HKLM\...\{415ADF7E-6DB8-4481-86C0-1CEC0163CC7B}) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
plist Editor for Windows 1.0.2 (HKLM\...\plist Editor for Windows) (Version: 1.0.2 - VOWSoft,Ltd.)
PPÖúÊÖ PC°æ 1.0.8.0 (HKLM\...\PPÖúÊÖ PC°æ) (Version: 1.0.8.0 - ¹ãÖÝÌúÈËÍøÂç¿Æ¼¼ÓÐÏÞ¹«Ë¾)
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
PROMT Professional 10 Multilingual Try-Buy (HKLM\...\{9841E95C-4F87-4142-85A1-71D33B395763}) (Version: 10.0.00027 - PROMT Ltd.)
psynetic® Gif-X 3.00 (HKLM\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM\...\Raptr) (Version:  - )
Rayman 3 (HKLM\...\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}) (Version: 1.00.000 - )
Realtek HDMI Audio Driver for ATI (HKLM\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version:  - Microsoft) Hidden
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.6.8 - Shark007)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Emma (HKLM\...\Emma) (Version: 2.13.1.38 - Sony Mobile Communications AB)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
Sony Mobile Update Service (HKLM\...\Update Service) (Version: 2.13.14.201312091927 - Sony Mobile Communications AB)
Sony PC Companion 2.10.197 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.197 - Sony)
Spiel mit mir! (HKLM\...\BEAR2) (Version:  - )
SpongeBob Schwammkopf - Der Film (HKLM\...\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}) (Version: 1.0 - )
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Subtitle Edit 3.3.8 (HKLM\...\SubtitleEdit_is1) (Version: 3.3.8.2047 - Nikse)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Tesla Effect: A Tex Murphy Adventure (HKLM\...\VGVzbGFFZmZlY3RBVGV4TXVycGh5QWR2ZW50dXJl_is1) (Version: 1 - )
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.8.0.119 - PandoraTV)
Tongbu Assistant 2.0.7.1 (HKLM\...\Tongbu2) (Version: 2.0.7.1 - Xiamen Tongbu Network Ltd.)
TransMac version 10.4 (HKLM\...\TransMac_is1) (Version: 10.4 - Acute Systems)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2 - TuneUp Software) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnLock Root Pro 4.10 (HKLM\...\UnLock Root Pro) (Version: 4.10 - Unlcokroot)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WBFS to ISO (HKLM\...\{55F0E086-2E1C-4478-B52E-DA6025A46434}_is1) (Version:  - wbfstoiso.com)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (HKLM\...\8A2EF7D7A858B40014EB296EFBEA8CA1CB929923) (Version: 10/05/2012 9.1.9.1002 - Intel)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare Dr.Fone(Build 1.0.2.5) (HKLM\...\{BE467978-8B6E-43D4-8E12-1ED9AFF303F7}_is1) (Version: 1.0.2.5 - Wondershare Software Co.,Ltd.)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
넥슨플러그 (HKLM\...\NexonPlug) (Version:  - )
엘소드 (HKLM\...\ElSword) (Version:  - )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2013-12-29 21:03 - 2014-05-30 03:29 - 00000956 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0475C0E8-6FD9-4A0B-8BA5-77FA8D3C77A7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {06AA28D9-BD5F-428E-875E-F1AE96F4EEE4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {11C6D7B5-6C54-4192-909E-E84A6F248B13} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-08-28] ()
Task: {129FEFBB-2CBF-4314-AE84-52EE97F42B70} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {3B21E08C-03AE-479A-A5EF-80BB33ED5879} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {4BAD7FC9-F9C6-4108-98F2-8CCE2973E4FD} - System32\Tasks\AdobeAAMUpdater-1.0-Mafia-PC-Mafia => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {5107B6DA-E500-43F5-A9DC-574FE5B994E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {5A5EB51E-0E2B-47D7-8B81-FBCA5E2E477C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {695060B0-E4AF-484E-942E-0F140D400F21} - System32\Tasks\{07001983-0DCD-45FE-9661-9FB5B16F8331} => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-09-04] (Microsoft)
Task: {6EDB4E9C-9E4E-4C91-8DFE-2C27D2CFA9AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FEEBCC1-789E-4B1C-B926-EF4973EC0CB3} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {A0070F61-B9A3-4E07-9882-8F07007AF242} - System32\Tasks\{E4DF9104-1E13-49E3-94F2-2069E79ED790} => C:\Program Files\PRMT9\PROMT Professional\PROMT Professional 9.0.exe
Task: {A6B93D48-32C5-4D9D-AD7A-59D425F3FD63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)
Task: {AB10449B-88B3-4364-86C1-5E13261F5D86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)
Task: {AE546B48-3289-43CE-8B0D-F69442D246A2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {B738FB0D-7366-4329-B78F-8588912B9F4C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {B90B8E5A-F52F-4654-9C68-F43E5914DFCA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-09-04] (Microsoft)
Task: {B988CDF7-BDBA-425C-8534-E8629DB7A931} - System32\Tasks\Core Temp Autostart Mafia => C:\Program Files\Core Temp\Core Temp.exe [2013-03-01] ()
Task: {EC77AA74-7CD3-48A2-A584-8E862F91B227} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-20 11:23 - 2014-03-20 11:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2013-09-09 10:35 - 2013-09-09 10:35 - 00080896 _____ () C:\Program Files\Box\Box Sync\SystemWrapper.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2013-09-03 17:16 - 2011-07-06 00:01 - 00962936 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-08-28 07:00 - 2013-03-01 17:44 - 00763856 _____ () C:\Program Files\Core Temp\Core Temp.exe
2013-08-28 07:27 - 2011-07-17 22:48 - 00008192 _____ () C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-09 10:35 - 2013-09-09 10:35 - 00013824 _____ () C:\Program Files\Box\Box Sync\FSEventsReader.exe
2014-06-01 06:04 - 2014-05-24 14:17 - 00445952 _____ () C:\Program Files\Windows Manager\winmgr.exe
2013-08-28 07:00 - 2013-08-28 07:00 - 00006144 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\CoreTempReader.dll
2013-08-28 07:00 - 2013-08-28 07:00 - 00008704 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\GetCoreTempInfoNET.dll
2013-08-28 07:00 - 2013-08-28 07:00 - 00007680 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\SystemInfo.dll
2014-06-03 16:23 - 2014-06-03 16:23 - 00268800 _____ () C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe
2006-12-12 04:27 - 2006-12-12 04:27 - 00387072 _____ () C:\Nexon\NexonPlug\mss32.dll
2006-12-12 04:27 - 2006-12-12 04:27 - 00150528 _____ () C:\Nexon\NexonPlug\mssmp3.asi
2014-06-03 16:23 - 2014-06-03 16:23 - 00043008 _____ () c:\users\mafia\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvp2yt.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Mafia\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-10 19:51 - 2014-05-10 19:51 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Bea\pass.1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\pass.1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Bea\Pass.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\Pass.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Bea\Scan leben.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\Scan leben.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\noni\NONI.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\noni\NONI.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2014 04:45:53 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 04:45:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 04:24:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 04:08:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 03:11:27 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 03:11:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 03:03:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 03:02:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Dropbox.exe, Version: 2.8.2.0, Zeitstempel: 0x535b0c6a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x65942549
ID des fehlerhaften Prozesses: 0xd10
Startzeit der fehlerhaften Anwendung: 0xDropbox.exe0
Pfad der fehlerhaften Anwendung: Dropbox.exe1
Pfad des fehlerhaften Moduls: Dropbox.exe2
Berichtskennung: Dropbox.exe3

Error: (06/03/2014 03:02:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cvtres.exe, Version: 8.0.50727.4940, Zeitstempel: 0x51e7f50c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x105c
Startzeit der fehlerhaften Anwendung: 0xcvtres.exe0
Pfad der fehlerhaften Anwendung: cvtres.exe1
Pfad des fehlerhaften Moduls: cvtres.exe2
Berichtskennung: cvtres.exe3

Error: (06/03/2014 02:56:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/03/2014 04:25:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (06/03/2014 04:23:10 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/03/2014 04:23:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/03/2014 04:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (06/03/2014 04:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (06/03/2014 04:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (06/03/2014 04:22:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/03/2014 04:22:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (06/03/2014 04:09:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (06/03/2014 04:08:09 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422


Microsoft Office Sessions:
=========================
Error: (06/03/2014 04:45:53 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 04:45:53 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 04:24:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 04:08:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 03:11:27 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 03:11:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/03/2014 03:03:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 03:02:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dropbox.exe2.8.2.0535b0c6aunknown0.0.0.000000000c000000565942549d1001cf7f2bf98dbc53C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exeunknown55162b5b-eb1f-11e3-9d1c-00241d3198e0

Error: (06/03/2014 03:02:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cvtres.exe8.0.50727.494051e7f50cunknown0.0.0.000000000c000000500000000105c01cf7f2c056bc1faC:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exeunknown4ae97f68-eb1f-11e3-9d1c-00241d3198e0

Error: (06/03/2014 02:56:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-05-07 09:41:29.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Windows Defender\MpUXSrv.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.826
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.336
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.300
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.257
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\BrowserChoice\browserchoice.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\BrowserChoice\browserchoice.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.162
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 4094.49 MB
Available physical RAM: 1661.38 MB
Total Pagefile: 8187.25 MB
Available Pagefile: 5373.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1883.73 MB

==================== Drives ================================

Drive c: ( ) (Fixed) (Total:931.41 GB) (Free:289.59 GB) NTFS
Drive d: ( ) (Fixed) (Total:931.51 GB) (Free:871.33 GB) NTFS
Drive e: (Madmax786612) (CDROM) (Total:2.72 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:3.74 GB) (Free:3.36 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30131FA8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3558A12E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 7A7FE55B)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
         
__________________


Alt 05.06.2014, 19:06   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Hi,
da Du selber geantwortet hast, haben wir Deinen Thread nicht als "unbeantwortet" gesehen...

Schritt 1

Wichtig: Benenne die runtergeladene Combofix.exe vor dem Start in CF.exe um! Ansonsten folge diesen Anweisungen analog:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
__________________

Alt 05.06.2014, 20:51   #4
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Hallo die exe startet nicht

c:\users\mafia\downloads\combofix.exe konnte nicht gefunden werden
stellen sie sicher dass der namen richtig eingegeben haben und wiederholen
den vorgang
und jetzt?

Alt 05.06.2014, 20:54   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Hi,
Du kannst die Combofix.exe doch runterladen oder?
Du sollst sie ja gemäß Anleitung auf den Desktop abspeichern. Wenn sie im Downloadordner liegt, dann kopiere sie auf den Desktop. Dann Rechtsklick umbennen in CF.exe. Dann versuche sie zu starten...

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 05.06.2014, 21:34   #6
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Hallo Chfe sorry hat alles soweit geklappt
hier ist der log davon

Alt 05.06.2014, 21:38   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Das ist ein altes HJT-Logfile. Ich brauche das von Combofix!



Der Chef ist jemand anders hier...wir sind auch noch lange nicht fertig!

Damit alles seine Ordnung hat:



Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.





Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 05.06.2014, 21:53   #8
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
ComboFix 14-06-04.01 - Mafia 05.06.2014  22:44:37.2.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.1.1252.49.1031.18.4094.2772 [GMT 2:00]
ausgeführt von:: c:\users\Mafia\Downloads\CF.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-05 bis 2014-06-05  ))))))))))))))))))))))))))))))
.
.
2014-06-05 20:51 . 2014-06-05 20:51	--------	d-----w-	c:\users\HomeGroupUser$\AppData\Local\temp
2014-06-05 20:51 . 2014-06-05 20:51	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-06-05 20:51 . 2014-06-05 20:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-06-05 20:51 . 2014-06-05 20:51	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-06-05 20:03 . 2014-06-05 20:51	--------	d-----w-	c:\users\Mafia\AppData\Local\temp
2014-06-05 19:49 . 2014-06-05 20:32	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B3E982A-2E37-4B45-ABEF-C127DA5FA01D}\offreg.dll
2014-06-05 18:02 . 2014-06-05 18:03	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-05 18:01 . 2014-06-05 18:01	--------	d-----w-	c:\windows\Profiles
2014-06-05 18:01 . 2014-06-05 18:01	--------	d-----w-	c:\windows\Favorites
2014-06-05 18:01 . 2014-06-05 18:01	--------	d-----w-	c:\users\Administrator.Mafia-PC
2014-06-05 17:40 . 2014-06-05 17:42	--------	d-----w-	c:\program files\Unlocker
2014-06-04 19:50 . 2014-06-05 17:31	--------	d-----w-	C:\AdwCleaner
2014-06-04 19:28 . 2014-06-04 19:28	--------	d-----w-	c:\program files\iPod
2014-06-04 18:43 . 2014-06-04 18:43	--------	d-----w-	c:\windows\system32\drivers\etc\Neuer Ordner2
2014-06-01 04:04 . 2014-06-04 02:29	--------	d-sh--w-	c:\program files\Windows Manager
2014-06-01 01:38 . 2014-06-01 01:38	--------	d-----w-	c:\users\Mafia\AppData\Local\Wondershare
2014-06-01 01:38 . 2014-06-01 01:38	--------	d-----w-	c:\program files\Common Files\Wondershare
2014-06-01 01:38 . 2014-06-01 04:10	--------	d-----w-	c:\program files\Wondershare
2014-06-01 01:38 . 2014-06-01 03:42	--------	d--h--w-	c:\program files\Dr.Fone_Temp
2014-06-01 01:38 . 2014-06-01 01:38	--------	d-----w-	c:\programdata\Wondershare
2014-05-28 23:03 . 2014-05-28 23:03	--------	d-----w-	c:\programdata\PROMT
2014-05-28 23:03 . 2014-05-28 23:03	--------	d-----w-	c:\program files\BCL Technologies
2014-05-24 02:47 . 2014-05-24 02:49	--------	d-----w-	C:\Fastboot files
2014-05-23 22:23 . 2014-05-23 22:23	27632	----a-w-	c:\windows\system32\drivers\seehcri.sys
2014-05-22 21:51 . 2012-08-21 11:01	26840	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2014-05-20 22:51 . 2014-05-20 22:51	--------	d-----w-	c:\program files\Langenscheidt T1 7_0
2014-05-20 22:51 . 2014-05-29 07:44	--------	d-----w-	C:\Langenscheidt T1 7_0
2014-05-20 22:50 . 2002-05-01 16:50	77824	----a-w-	c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-05-20 22:50 . 2002-05-01 16:50	32768	----a-w-	c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-05-20 22:50 . 2002-05-01 16:50	225280	----a-w-	c:\program files\Common Files\InstallShield\IScript\iscript.dll
2014-05-20 22:50 . 2002-05-01 16:50	176128	----a-w-	c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-05-20 22:50 . 2013-12-21 18:47	614532	----a-w-	c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-05-20 15:02 . 2014-05-20 15:02	--------	d-----w-	c:\program files\Common Files\Skype
2014-05-19 00:58 . 2014-05-19 00:58	--------	d-----w-	c:\programdata\Avanquest Software
2014-05-18 09:07 . 2014-05-18 09:07	--------	d-----w-	c:\users\Mafia\AppData\Roaming\PROMT
2014-05-17 01:18 . 2014-05-17 01:18	--------	d-----w-	c:\program files\Microsoft Visual Studio 11.0
2014-05-17 01:18 . 2014-05-17 01:18	--------	d-----w-	c:\program files\Microsoft SDKs
2014-05-17 00:32 . 2014-05-28 23:04	--------	d-----w-	c:\program files\PRMT10
2014-05-16 20:13 . 2014-05-22 22:57	--------	d-sh--w-	c:\windows\system32\AI_RecycleBin
2014-05-16 20:13 . 2014-05-16 20:13	--------	d-----w-	c:\users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 18:47 . 2014-05-16 18:47	--------	d-----w-	c:\program files\Common Files\Java
2014-05-16 18:47 . 2014-05-16 18:47	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-05-16 18:16 . 2014-05-17 01:11	--------	d-----w-	c:\program files\PRMT9
2014-05-15 03:41 . 2014-05-15 03:41	--------	d-----w-	c:\users\Mafia\AppData\Local\BigFinishGames
2014-05-15 03:25 . 2014-05-15 03:40	--------	d-----w-	c:\program files\Tesla Effect A Tex Murphy Adventure
2014-05-15 03:22 . 2014-05-15 13:02	--------	d-----w-	c:\users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 03:22 . 2014-05-15 12:59	--------	d-sh--w-	c:\users\Mafia\vWc85O
2014-05-14 23:03 . 2010-08-30 06:34	536576	----a-w-	c:\windows\system32\sqlite3.dll
2014-05-14 09:08 . 2014-05-14 09:08	--------	d-----w-	c:\program files\LogMeIn Hamachi
2014-05-13 20:48 . 2014-05-13 20:48	17938608	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2014-05-13 18:15 . 2014-06-02 20:08	--------	d-----w-	c:\users\Mafia\AppData\Local\QuickPar
2014-05-13 18:12 . 2014-05-13 20:47	--------	d-----w-	c:\program files\QuickPar
2014-05-13 17:49 . 2014-06-05 20:05	--------	d-----w-	c:\users\Mafia\AppData\Roaming\DropboxMaster
2014-05-13 09:37 . 2014-05-20 22:26	--------	d-----w-	c:\users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-13 09:28 . 2014-06-05 20:02	--------	d-----w-	c:\users\Mafia\AppData\Local\assembly
2014-05-12 22:09 . 2014-06-04 18:49	--------	d-----w-	c:\program files\GadgetWide Cloud Control Service
2014-05-12 19:30 . 2014-05-12 19:30	--------	d-----w-	c:\users\Mafia\AppData\Local\Promt
2014-05-12 17:30 . 2014-06-04 06:05	--------	d-----w-	c:\users\Mafia\AppData\Roaming\Win_3400
2014-05-12 17:29 . 2014-05-29 07:53	--------	d-----w-	c:\windows\Lhsp
2014-05-12 17:29 . 2014-05-28 23:07	--------	d-----w-	c:\windows\msagent
2014-05-11 16:30 . 2014-05-25 22:25	--------	d-----w-	c:\program files\Notepad++
2014-05-11 16:30 . 2014-05-25 22:25	--------	d-----w-	c:\users\Mafia\AppData\Roaming\Notepad++
2014-05-08 18:30 . 2014-05-08 18:30	--------	d-----w-	c:\users\Mafia\AppData\Local\MaxRecorder
2014-05-08 17:50 . 2014-05-08 17:50	--------	d-----w-	c:\programdata\DFX
2014-05-08 17:49 . 2014-05-08 17:49	--------	d-----w-	c:\program files\Max Recorder
2014-05-08 13:48 . 2014-05-08 13:48	227704	----a-w-	c:\program files\Internet Explorer\Plugins\nppdf32.dll
2014-05-08 13:39 . 2014-05-08 13:39	--------	d-----w-	c:\users\Mafia\AppData\Roaming\Logitech
2014-05-08 00:28 . 2014-05-08 00:31	--------	d-----w-	c:\program files\Unlockroot Pro
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-16 14:35 . 2013-08-28 01:58	70832	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-16 14:35 . 2013-08-28 01:58	692400	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-05-05 17:52 . 2014-05-05 17:52	119808	----a-r-	c:\users\Mafia\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-04-18 02:43 . 2014-04-18 02:43	71704	----a-w-	c:\windows\system32\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43	71704	----a-w-	c:\windows\system32\amdpcom32.dll
2014-04-18 02:42 . 2014-03-12 16:10	126336	----a-w-	c:\windows\system32\atiuxpag.dll
2014-04-18 02:42 . 2014-03-12 16:10	99520	----a-w-	c:\windows\system32\atiu9pag.dll
2014-04-18 02:42 . 2014-03-12 16:10	1117184	----a-w-	c:\windows\system32\aticfx32.dll
2014-04-18 02:42 . 2014-03-12 16:10	8866928	----a-w-	c:\windows\system32\atidxx32.dll
2014-04-18 02:42 . 2014-03-12 16:10	6796592	----a-w-	c:\windows\system32\atiumdva.dll
2014-04-18 02:42 . 2014-03-12 16:10	6799688	----a-w-	c:\windows\system32\atiumdag.dll
2014-04-18 02:39 . 2014-04-18 02:39	247520	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:35 . 2014-04-18 02:35	13515264	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:23 . 2014-04-18 02:23	200704	----a-w-	c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22	83456	----a-w-	c:\windows\system32\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22	73216	----a-w-	c:\windows\system32\OVDecode.dll
2014-04-18 02:19 . 2014-04-18 02:19	24107520	----a-w-	c:\windows\system32\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17	58880	----a-w-	c:\windows\system32\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13	113664	----a-w-	c:\windows\system32\mantle32.dll
2014-04-18 01:58 . 2014-04-18 01:58	4358656	----a-w-	c:\windows\system32\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51	23409152	----a-w-	c:\windows\system32\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46	368128	----a-w-	c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46	52224	----a-w-	c:\windows\system32\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46	49152	----a-w-	c:\windows\system32\aticalcl.dll
2014-04-18 01:45 . 2014-04-18 01:45	85504	----a-w-	c:\windows\system32\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42	14302208	----a-w-	c:\windows\system32\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33	37888	----a-w-	c:\windows\system32\amdmmcl.dll
2014-04-18 01:30 . 2014-03-12 15:03	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-04-18 01:29 . 2014-04-18 01:29	30720	----a-w-	c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29	491520	----a-w-	c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29	208896	----a-w-	c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28	164352	----a-w-	c:\windows\system32\atitmmxx.dll
2014-04-18 01:21 . 2014-04-18 01:21	616960	----a-w-	c:\windows\system32\coinst_14.100.dll
2014-04-18 01:08 . 2014-03-12 14:26	848896	----a-w-	c:\windows\system32\atiadlxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07	133632	----a-w-	c:\windows\system32\atigktxx.dll
2014-04-18 01:06 . 2014-04-18 01:06	512000	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-04-17 20:28 . 2014-04-17 20:28	38912	----a-w-	c:\windows\system32\kdbsdk32.dll
2014-04-10 09:00 . 2014-04-10 09:00	10752	--s-a-w-	c:\windows\system32\EZFTP.oca
2014-04-10 06:16 . 2014-04-10 06:16	52920	----a-w-	c:\windows\system32\drivers\wStLibG.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{F72C8153-7140-4FEE-8F69-CA4579D71195}]
2014-03-25 02:24	73728	----a-w-	c:\program files\Tongbu\Addin\tbIEAddin.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 09:23	691360	----a-w-	c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 09:23	691360	----a-w-	c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 09:23	691360	----a-w-	c:\program files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxSyncFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-20 21:29	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxSyncNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-20 21:29	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxSyncProblem]
@="{8CEE0157-49FA-4ACE-87AF-C01BCA971E26}"
[HKEY_CLASSES_ROOT\CLSID\{8CEE0157-49FA-4ACE-87AF-C01BCA971E26}]
2010-11-20 21:29	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxSyncSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-20 21:29	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mafia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mafia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mafia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mafia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"NexonPlug"="c:\nexon\NexonPlug\NexonPlug.exe" [2014-04-23 2115928]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2014-01-31 389120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-03-29 11930696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2014-04-17 748256]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
.
c:\users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-19 77824]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2011-06-02 11336]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-11-25 12400]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [2012-08-01 225280]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2013-07-18 762192]
R4 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R4 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-09-15 22560]
S1 wStLibG;wStLibG;c:\windows\system32\drivers\wStLibG.sys [2014-04-10 52920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-04-18 208896]
S2 BoxSyncFSEventsReaderService;Box Sync FS Events Reader Service;c:\program files\Box\Box Sync\FSEventsReader.exe [2013-09-09 13824]
S2 BoxSyncUpdateService;Box Sync Update Service;c:\program files\Box\Box Sync\SyncUpdaterService.exe [2013-09-09 18432]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2014-05-13 1682768]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-15 375056]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-07-05 5553016]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-07-05 451960]
S3 ALSysIO;ALSysIO;c:\users\Mafia\AppData\Local\Temp\ALSysIO.sys [x]
S3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1.sys [2012-12-13 24424]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2014-05-23 27632]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService	REG_MULTI_SZ   	HPSLPSVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-22 21:59	1091912	----a-w-	c:\program files\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-28 14:35]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-09-30 20:26]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-09-30 20:26]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = www.google.com
uSearchAssistant = hxxp://www.google.com
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Customize Translation Options - c:\program files\PRMT10\PRMTIE\options.htm
IE: Detect Translation Profile Automatically - c:\program files\PRMT10\PRMTIE\aot.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Translate Entire Page - c:\program files\PRMT10\PRMTIE\page.htm
IE: Translate Search Query - c:\program files\PRMT10\PRMTIE\search.htm
IE: Translate Selected Text - c:\program files\PRMT10\PRMTIE\translat.htm
FF - ProfilePath - c:\users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com/
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows NT\CurrentVersion\Windows]
@Denied: (A C D 2 3) (Everyone)
"Device"="Microsoft XPS Document Writer,winspool,Ne00:"
"UserSelectedDefault"=dword:00000000
"Load"="c:\\Windows\\system32\\Microsoft.com"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-2278640974-4239821988-345242402-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-2278640974-4239821988-345242402-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-2278640974-4239821988-345242402-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-2278640974-4239821988-345242402-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-2278640974-4239821988-345242402-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2278640974-4239821988-345242402-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AF688DFF-DED4-5FEE-E483-FDEEFE05717E}*]
"pajphcaaphhpajdbjbhnafgcolmmnpac"=hex:6a,61,6d,69,61,67,6d,68,6b,66,62,6e,69,
   6c,6a,6a,6a,67,6a,64,00,00
"oappfbahgdjkeocfpippfbhjjolbeh"=hex:6a,61,6d,69,61,67,6d,68,6b,66,62,6e,69,6c,
   6a,6a,6a,67,6a,64,00,00
"oahmpmickganelghgioemgkgggjpok"=hex:61,61,00,00
"najnmhlffoliakngijolabcieahf"=hex:66,61,68,70,70,61,62,69,61,6e,61,6e,00,00
"abknihdgeggokgihhfmghagokfimadcnbp"=hex:64,62,6b,6f,68,65,65,62,6f,66,6b,70,
   69,6e,66,64,66,6a,6a,69,6d,68,65,63,6a,6e,6b,68,6c,68,64,63,63,6c,67,6f,6d,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wondershare\Wondershare Helper Compact\1416323945\ime\QTSystem\PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSOR_ARCHITECTURE=x86*PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 10, GenuineIntel*PROCESSOR_LEVEL=6*PROCESSOR_REVISION=170a*ProgramData=C:\ProgramData*ProgramFiles=C:]
"JoinUserExperience"=dword:00000001
"LastStopTime"=hex:5b,69,04,a6,ea,67,e4,40
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wondershare\Wondershare Helper Compact\1546806642\;c:\program files\QuickTime\QTSystem\PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSOR_ARCHITECTURE=x86*PROCESSOR_IDENTIFIER=x86 Family 6 Model 23 Stepping 10, GenuineIntel*PROCESSOR_LEVEL=6*PROCESSOR_REVISION=170a*ProgramData=C:\Pro]
"JoinUserExperience"=dword:00000001
"LastStopTime"=hex:5b,69,04,a6,ea,67,e4,40
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1596)
c:\program files\ATI Technologies\HydraVision\HydraDMH.dll
.
Zeit der Fertigstellung: 2014-06-05  22:52:50
ComboFix-quarantined-files.txt  2014-06-05 20:52
ComboFix2.txt  2014-06-05 20:09
.
Vor Suchlauf: 24 Verzeichnis(se), 307.082.514.432 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 306.992.795.648 Bytes frei
.
- - End Of File - - BC35877308366721F188CF9A979D0306
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 05.06.2014, 22:03   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
ausgeführt von:: c:\users\Mafia\Downloads\CF.exe
         
Bitte befolge grundsätzlich die Anweisungen!

Schritt 1
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


Schritt 2



Bitte starte FRST erneut und drücke auf Scan.

MBAR- und FRST-Log bitte posten.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Geändert von deeprybka (05.06.2014 um 22:08 Uhr)

Alt 05.06.2014, 22:31   #10
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.06.05.13

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16660
Mafia :: MAFIA-PC [administrator]

05.06.2014 23:11:18
mbar-log-2014-06-05 (23-11-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 418084
Time elapsed: 14 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Mafia (administrator) on MAFIA-PC on 05-06-2014 23:29:29
Running from C:\Users\Mafia\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Box\Box Sync\FSEventsReader.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\UseNeXT\UseNeXT.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [NexonPlug] => C:\Nexon\NexonPlug\NexonPlug.exe [2115928 2014-04-23] (Nexon Korea Corp.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
Startup: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD07716838EA3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPDC5C3546-B0DD-4CE4-AD10-187D28F005A7&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Promt IE Helper - {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - PROMT Translator - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: https://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tongbu.com/tongbu,version=0.1 - C:\Program Files\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mafia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\testlog.txt
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahootc.xml
FF Extension: PROMT - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\promtff9@promt9.ru [2014-05-29]
FF Extension: YouTube Unblocker - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\youtubeunblocker@unblocker.yt [2014-04-18]
FF Extension: DownloadHelper - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: {11574f4a-82a7-4b99-81dc-020c5e316e55} - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{11574f4a-82a7-4b99-81dc-020c5e316e55}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]

Chrome: 
=======
CHR HomePage: https://www.facebook.com/?ref=logo
CHR StartupUrls: "https://www.facebook.com/",
			"https://www.youtube.com/feed/subscriptions",
			"hxxp://www.tumblr.com/dashboard",
			"https://twitter.com/"
         

Alt 05.06.2014, 22:33   #11
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Mafia (administrator) on MAFIA-PC on 05-06-2014 23:29:29
Running from C:\Users\Mafia\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Box\Box Sync\FSEventsReader.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\UseNeXT\UseNeXT.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [NexonPlug] => C:\Nexon\NexonPlug\NexonPlug.exe [2115928 2014-04-23] (Nexon Korea Corp.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
Startup: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD07716838EA3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPDC5C3546-B0DD-4CE4-AD10-187D28F005A7&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Promt IE Helper - {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - PROMT Translator - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: https://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tongbu.com/tongbu,version=0.1 - C:\Program Files\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mafia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\testlog.txt
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahootc.xml
FF Extension: PROMT - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\promtff9@promt9.ru [2014-05-29]
FF Extension: YouTube Unblocker - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\youtubeunblocker@unblocker.yt [2014-04-18]
FF Extension: DownloadHelper - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: {11574f4a-82a7-4b99-81dc-020c5e316e55} - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{11574f4a-82a7-4b99-81dc-020c5e316e55}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]

Chrome: 
=======
CHR HomePage: https://www.facebook.com/?ref=logo
CHR StartupUrls: "https://www.facebook.com/",
			"https://www.youtube.com/feed/subscriptions",
			"hxxp://www.tumblr.com/dashboard",
			"https://twitter.com/"
CHR Extension: (ProxFlow) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-05]
CHR Extension: (Google Docs) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05]
CHR Extension: (Google Drive) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (TV) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05]
CHR Extension: (Adblock Plus) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-05]
CHR Extension: (Google-Suche) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05]
CHR Extension: (Love O'Clock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcnbegbcdfdlndabgemkabfhfllocma [2014-05-05]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-05]
CHR Extension: (Stylish) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-05-05]
CHR Extension: (AdBlock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05]
CHR Extension: (FVD Downloader) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-05]
CHR Extension: (Surfing Day 2012) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgigjnbamdjoeifabplldbjgbjnacki [2014-05-05]
CHR Extension: (Google Wallet) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR Extension: (Google Mail) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S4 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2012-08-01] ()
R2 BoxSyncFSEventsReaderService; C:\Program Files\Box\Box Sync\FSEventsReader.exe [13824 2013-09-09] ()
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18432 2013-09-09] (Box Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S2 HPSLPSVC; C:\Users\Mafia\AppData\Local\Temp\7zS49D6\hpslpsvc32.dll [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-16] (REALiX(tm))
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-04-10] (StdLib)
R3 ALSysIO; \??\C:\Users\Mafia\AppData\Local\Temp\ALSysIO.sys [X]
S3 athr; system32\DRIVERS\athr.sys [X]
S2 avgntflt; system32\DRIVERS\avgntflt.sys [X]
S1 avipbb; system32\DRIVERS\avipbb.sys [X]
S1 avkmgr; system32\DRIVERS\avkmgr.sys [X]
R3 catchme; \??\C:\Users\Mafia\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2010-03-31] (Huawei Technologies Co., Ltd.)
S1 ssmdrv; system32\DRIVERS\ssmdrv.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 mbr; \??\C:\CF\mbr.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys D4EF00B622EBEBEF85AB53C51A509A14
C:\Windows\System32\DRIVERS\atikmpag.sys 0A536B713BF916E62A14D48B0C1739A3
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\System32\Drivers\ssadadb.sys DD8D9C597AF7CD2F6B70A3D6A4A1ACEA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 636C40DAC5D13F4C354973017AA8ADC2
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Program Files\SystemRequirementsLab\cpudrv.sys D01F685F8B4598D144B0CCE9FF95D8D5
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dfx11_1.sys 30384865C9AF82DB291E5C4F468E1AC6
C:\Windows\System32\DRIVERS\ssudbus.sys 560B0DCE52DFED6623B27C9BAFA6F236
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys B83BDCCBACB65BAA9E20888DD0083A16
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\DRIVERS\ggflt.sys 93CA4D9A0433BE0EDD0B9F2F26D5E54C
C:\Windows\System32\DRIVERS\ggsemc.sys 17E678AAB82CCDFB80E7614504933895
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys 950CC1E6AE3A6CD23E0945CDE089B02C
C:\Windows\System32\DRIVERS\htcnprot.sys 339ADEFAD60353F960E3CA67CE468C24
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 988C0A49F09D75D3341CB419141793C1
C:\Windows\system32\drivers\HWiNFO32.SYS 43E745EFA7D34ADAED455C0AA94C424A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys AD626F6964F4D364D226C39E06872DD3
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys 82EE5914B6AB27BFD23ECA29AEB34DA4
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl.sys 9213AA35BCA94EB79D366DA254E4BDF5
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\DRIVERS\NuidFltr.sys A82BB9014BEF0E4986C3DA610B3A25FE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb.sys 0F6756EF8BDA6DFA7BE50465C83132BB
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIV.sys 79C8488DFA2AA377441645123CB73845
C:\Windows\System32\DRIVERS\Rt86win7.sys 3983CEA05BB855351D75F5482B6C42CE
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys E5B56569A9F79B70314FEDE6C953641E
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ssadbus.sys 64E44ACD8C238FCBBB78F0BA4BDC4B05
C:\Windows\System32\DRIVERS\ssadmdfl.sys BB2C84A15C765DA89FD832B0E73F26CE
C:\Windows\System32\DRIVERS\ssadmdm.sys 6D0D132DDC6F43EDA00DCED6D8B1CA31
C:\Windows\System32\DRIVERS\ssadserd.sys 1A5A397BC459F346AB56492B61EF79F6
C:\Windows\System32\DRIVERS\ssudmdm.sys 585FDB94DB04AC1C56298D1FD1F1389E
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 052306FD76793D5D5AB5D9891FD1ADBB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\system32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\DRIVERS\VClone.sys DAEF3AC067094497402C77476BBC3540
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\wacommousefilter.sys 427A8BC96F16C40DF81C2D2F4EDD32DD
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 846B58EA44BF8C92E4B59F4E2252C4C0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\wStLibG.sys 022E6B0F67F3CF1DE63502194E7D8AC7
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xusb21.sys C26C68BCBAC1F33F890C226769759209

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 23:29 - 2014-06-05 23:29 - 00083606 _____ () C:\Users\Mafia\Desktop\Shortcut.txt
2014-06-05 23:27 - 2014-06-05 23:29 - 00062398 _____ () C:\Users\Mafia\Desktop\Addition.txt
2014-06-05 23:26 - 2014-06-05 23:30 - 00036816 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-05 23:26 - 2014-06-05 23:29 - 00000000 ____D () C:\FRST
2014-06-05 23:18 - 2014-06-05 23:18 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-05 23:11 - 2014-06-05 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-05 23:11 - 2014-06-05 23:11 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 23:10 - 2014-06-05 23:26 - 00000000 ____D () C:\Users\Mafia\Desktop\mbar
2014-06-05 23:10 - 2014-06-05 23:10 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-05 23:09 - 2014-06-05 23:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mafia\Desktop\mbar-1.07.0.1009.exe
2014-06-05 22:52 - 2014-06-05 22:52 - 00030033 _____ () C:\ComboFix.txt
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\noni\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Bea\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Aileen\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\temp
2014-06-05 22:32 - 2014-06-05 22:32 - 00003268 _____ () C:\Users\Mafia\Desktop\prüfung.7z
2014-06-05 22:03 - 2014-06-05 23:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\temp
2014-06-05 21:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Qoobox
2014-06-05 21:52 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-05 21:52 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-05 21:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-05 21:52 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-05 21:51 - 2014-06-05 22:08 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 21:45 - 2014-06-05 21:46 - 05205146 _____ (Swearware) C:\Users\Mafia\Downloads\ComboFix(1).exe
2014-06-05 21:44 - 2014-06-05 21:44 - 05205146 ____R (Swearware) C:\Users\Mafia\Downloads\CF.exe
2014-06-05 20:02 - 2014-06-05 20:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-05 20:01 - 2014-06-05 20:03 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00001422 _____ () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00001016 _____ () C:\Users\Public\Desktop\Windows Media Player.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00000020 ___SH () C:\Users\Administrator.Mafia-PC\ntuser.ini
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Startmenü
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Netzwerkumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Druckumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Musik
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Bilder
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Local\Verlauf
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Windows\Profiles\Default
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\WTablet
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Adobe
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn Hamachi
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Google
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Box Sync
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC
2014-06-05 20:01 - 2013-09-03 17:18 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Macromedia
2014-06-05 20:01 - 2013-08-29 04:27 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Microsoft Help
2014-06-05 20:01 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-05 20:01 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 20:00 - 2014-05-01 03:36 - 00000000 ____D () C:\Users\Mafia\Downloads\TuneUp.Utilities.2014.v14.0.1000.296.inkl.Keygen.und.Crack.German
2014-06-05 19:51 - 2014-06-05 19:54 - 29094876 _____ () C:\Users\Mafia\Downloads\TUU.v14.0.1000.296.GER.rar
2014-06-05 19:40 - 2014-06-05 19:42 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-05 19:40 - 2014-06-05 19:40 - 01078591 _____ () C:\Users\Mafia\Downloads\Unlocker1.9.2.exe
2014-06-05 19:40 - 2014-06-05 19:40 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-05 19:37 - 2014-06-05 19:37 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mafia\Downloads\avira_de_av___ws.exe
2014-06-04 21:50 - 2014-06-05 19:31 - 00000000 ____D () C:\AdwCleaner
2014-06-04 21:50 - 2014-06-04 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-04 21:38 - 2014-06-04 21:45 - 1204690621 _____ () C:\Users\Mafia\Downloads\iPhone3,1_7.1.1_11D201_Restore.ipsw
2014-06-04 21:29 - 2014-06-04 21:29 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-04 21:29 - 2014-06-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-04 21:28 - 2014-06-04 21:28 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 20:44 - 2013-08-22 08:13 - 00000407 _____ () C:\Windows\system32\Drivers\etc\networks
2014-06-04 20:43 - 2014-06-04 20:43 - 00000000 ____D () C:\Windows\system32\Drivers\etc\Neuer Ordner2
2014-06-04 20:41 - 2014-06-04 20:41 - 06347938 _____ () C:\Users\Mafia\Downloads\icloud bypass gwcc1.2.6.rar
2014-06-04 20:29 - 2013-08-22 08:13 - 00017463 _____ () C:\Windows\system32\Drivers\etc\services
2014-06-04 20:29 - 2013-08-22 08:13 - 00001358 _____ () C:\Windows\system32\Drivers\etc\protocol
2014-06-04 01:54 - 2014-06-04 01:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(3).exe
2014-06-04 01:53 - 2014-06-04 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-06-04 01:44 - 2014-06-04 01:44 - 00010826 _____ () C:\Users\Mafia\Desktop\prüfung.txt
2014-06-04 01:42 - 2014-06-04 01:42 - 00010859 _____ () C:\Users\Mafia\Desktop\hijackthis.log
2014-06-04 01:37 - 2014-06-04 01:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis_5833.exe
2014-06-04 01:18 - 2014-06-04 01:19 - 00000980 _____ () C:\DelFix.txt
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-01 12:34 - 2014-06-01 12:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 06:04 - 2014-06-04 04:29 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:27 - 2014-06-01 05:28 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 03:49 - 2014-06-01 04:06 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 03:38 - 2014-06-01 05:42 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:13 - 2014-06-01 03:30 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:41 - 2014-06-01 02:59 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:22 - 2014-05-31 18:28 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:35 - 2014-05-30 13:41 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 01:47 - 2014-05-29 01:48 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 01:01 - 2014-04-04 17:05 - 00000000 ____D () C:\Users\Mafia\Downloads\1532
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-26 18:35 - 2014-05-30 21:31 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-26 17:49 - 2014-05-26 17:53 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 17:05 - 2014-05-26 20:30 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:00 - 2014-05-24 23:06 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:58 - 2014-05-24 22:59 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:53 - 2014-05-24 22:56 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 06:11 - 2014-05-24 06:13 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:47 - 2014-05-24 04:49 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 02:42 - 2014-05-24 03:02 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:41 - 2014-05-24 02:57 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2013-01-21 11:11 - 64168776 _____ () C:\Users\Mafia\Downloads\Emma_Setup.exe
2014-05-24 00:21 - 2014-05-24 00:22 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 14:40 - 2014-05-23 14:41 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-22 23:51 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-22 23:49 - 2014-05-22 23:50 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:18 - 2014-05-22 23:19 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 04:36 - 2014-05-22 04:37 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:25 - 2014-05-22 04:26 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-29 09:44 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:39 - 2013-12-21 20:51 - 00000000 ____D () C:\Users\Mafia\Downloads\Langenscheidt T1 Professional
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:22 - 2014-05-21 00:24 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:11 - 2014-05-20 11:12 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 13:11 - 2014-05-19 13:17 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:47 - 2014-05-18 23:48 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-06-05 22:04 - 00009496 _____ () C:\Windows\setupact.log
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 16:57 - 2014-06-05 22:04 - 01976632 _____ () C:\Windows\PFRO.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 10:38 - 2012-10-15 22:06 - 00000000 ____D () C:\Users\Mafia\Downloads\Dox
2014-05-18 09:56 - 2014-06-04 15:53 - 00013817 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-18 08:41 - 2014-05-22 17:06 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 02:32 - 2014-05-29 01:04 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-23 00:57 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:16 - 2014-05-17 03:11 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-16 20:10 - 2014-05-16 20:14 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:34 - 2011-12-28 11:01 - 00000000 ____D () C:\Users\Mafia\Downloads\hosts-
2014-05-16 18:56 - 2014-05-16 19:00 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:19 - 2014-05-12 01:16 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-15 15:19 - 2000-05-18 01:00 - 01509632 _____ (Microsoft Corporation) C:\Users\Mafia\Downloads\InstMsiW.exe
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:25 - 2014-05-15 05:40 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:22 - 2014-05-15 15:02 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 05:22 - 2014-05-15 14:59 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 01:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 20:15 - 2014-06-02 22:08 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-05-13 20:12 - 2014-05-13 22:47 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 19:49 - 2014-06-05 22:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-05-13 11:37 - 2014-05-21 00:26 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-13 11:11 - 2014-05-15 05:23 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:35 - 2014-05-13 00:42 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2014-06-04 20:49 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-13 00:09 - 2014-06-04 20:49 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 19:32 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:30 - 2014-06-04 08:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-12 19:29 - 2014-05-29 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-05-12 19:29 - 2014-05-29 01:07 - 00000000 ____D () C:\Windows\msagent
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:08 - 2014-06-04 08:07 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:24 - 2014-05-12 12:11 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-11 18:24 - 2014-05-11 18:26 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 21:26 - 2014-03-21 22:36 - 00000000 ____D () C:\Users\Mafia\Downloads\Babylon Pro 10
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:37 - 2014-05-08 15:38 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 08:04 - 2014-05-08 13:12 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:28 - 2014-05-08 02:31 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:27 - 2014-05-08 02:28 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-07 19:56 - 2014-03-28 18:19 - 00000000 ____D () C:\Users\Mafia\Downloads\bshdbxst
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-06 17:14 - 2014-05-06 17:26 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso

==================== One Month Modified Files and Folders =======

2014-06-05 23:30 - 2014-06-05 23:26 - 00036816 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-05 23:30 - 2014-06-05 22:03 - 00000000 ____D () C:\Users\Mafia\AppData\Local\temp
2014-06-05 23:30 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\UseNeXT
2014-06-05 23:29 - 2014-06-05 23:29 - 00083606 _____ () C:\Users\Mafia\Desktop\Shortcut.txt
2014-06-05 23:29 - 2014-06-05 23:27 - 00062398 _____ () C:\Users\Mafia\Desktop\Addition.txt
2014-06-05 23:29 - 2014-06-05 23:26 - 00000000 ____D () C:\FRST
2014-06-05 23:26 - 2014-06-05 23:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-05 23:26 - 2014-06-05 23:10 - 00000000 ____D () C:\Users\Mafia\Desktop\mbar
2014-06-05 23:21 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\Documents\UseNeXT
2014-06-05 23:18 - 2014-06-05 23:18 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-05 23:11 - 2014-06-05 23:11 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 23:10 - 2014-06-05 23:10 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-05 23:09 - 2014-06-05 23:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mafia\Desktop\mbar-1.07.0.1009.exe
2014-06-05 22:58 - 2013-09-30 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 22:52 - 2014-06-05 22:52 - 00030033 _____ () C:\ComboFix.txt
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\noni\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Bea\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Aileen\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 22:52 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\temp
2014-06-05 22:52 - 2014-06-05 21:52 - 00000000 ____D () C:\Qoobox
2014-06-05 22:52 - 2013-09-02 01:49 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\2.0
2014-06-05 22:51 - 2014-02-03 16:35 - 00000000 ____D () C:\Users\Mafia\AppData\Local\LogMeIn Hamachi
2014-06-05 22:51 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-06-05 22:48 - 2013-08-28 03:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 22:32 - 2014-06-05 22:32 - 00003268 _____ () C:\Users\Mafia\Desktop\prüfung.7z
2014-06-05 22:10 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 22:10 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 22:09 - 2013-10-17 12:37 - 00000000 ____D () C:\Users\noni
2014-06-05 22:09 - 2013-08-28 03:28 - 01623050 _____ () C:\Windows\WindowsUpdate.log
2014-06-05 22:09 - 2013-08-25 01:00 - 00000000 ____D () C:\Users\Bea
2014-06-05 22:09 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-06-05 22:09 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-06-05 22:08 - 2014-06-05 21:51 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 22:06 - 2013-08-31 22:37 - 00000000 ___RD () C:\Users\Mafia\Dropbox
2014-06-05 22:06 - 2013-08-31 22:35 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Dropbox
2014-06-05 22:05 - 2014-05-13 19:49 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-06-05 22:04 - 2014-05-18 16:58 - 00009496 _____ () C:\Windows\setupact.log
2014-06-05 22:04 - 2014-05-18 16:57 - 01976632 _____ () C:\Windows\PFRO.log
2014-06-05 22:04 - 2013-09-30 22:26 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 22:04 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 21:46 - 2014-06-05 21:45 - 05205146 _____ (Swearware) C:\Users\Mafia\Downloads\ComboFix(1).exe
2014-06-05 21:44 - 2014-06-05 21:44 - 05205146 ____R (Swearware) C:\Users\Mafia\Downloads\CF.exe
2014-06-05 20:03 - 2014-06-05 20:02 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-06-05 20:03 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00001422 _____ () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00001016 _____ () C:\Users\Public\Desktop\Windows Media Player.lnk
2014-06-05 20:01 - 2014-06-05 20:01 - 00000020 ___SH () C:\Users\Administrator.Mafia-PC\ntuser.ini
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Startmenü
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Netzwerkumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Druckumgebung
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Musik
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\Documents\Eigene Bilder
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 _SHDL () C:\Users\Administrator.Mafia-PC\AppData\Local\Verlauf
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Windows\Profiles\Default
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\WTablet
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Roaming\Adobe
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn Hamachi
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\LogMeIn
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Google
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Box Sync
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC\AppData\Local\Apple Computer
2014-06-05 20:01 - 2014-06-05 20:01 - 00000000 ____D () C:\Users\Administrator.Mafia-PC
2014-06-05 20:01 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-05 20:01 - 2009-07-14 04:04 - 00000864 _____ () C:\Windows\win.ini
2014-06-05 20:00 - 2013-09-07 02:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-05 19:54 - 2014-06-05 19:51 - 29094876 _____ () C:\Users\Mafia\Downloads\TUU.v14.0.1000.296.GER.rar
2014-06-05 19:48 - 2013-10-29 21:34 - 00000000 ____D () C:\Temp
2014-06-05 19:46 - 2013-08-31 12:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Skype
2014-06-05 19:42 - 2014-06-05 19:40 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-05 19:40 - 2014-06-05 19:40 - 01078591 _____ () C:\Users\Mafia\Downloads\Unlocker1.9.2.exe
2014-06-05 19:40 - 2014-06-05 19:40 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-05 19:37 - 2014-06-05 19:37 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mafia\Downloads\avira_de_av___ws.exe
2014-06-05 19:31 - 2014-06-04 21:50 - 00000000 ____D () C:\AdwCleaner
2014-06-05 19:11 - 2013-09-01 15:40 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Adobe
2014-06-05 19:05 - 2010-11-20 23:01 - 01657362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:50 - 2014-06-04 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-04 21:45 - 2014-06-04 21:38 - 1204690621 _____ () C:\Users\Mafia\Downloads\iPhone3,1_7.1.1_11D201_Restore.ipsw
2014-06-04 21:29 - 2014-06-04 21:29 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-04 21:29 - 2014-06-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-04 21:29 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\iTunes
2014-06-04 21:28 - 2014-06-04 21:28 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 21:28 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-04 20:49 - 2014-05-13 00:10 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-06-04 20:49 - 2014-05-13 00:09 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-06-04 20:43 - 2014-06-04 20:43 - 00000000 ____D () C:\Windows\system32\Drivers\etc\Neuer Ordner2
2014-06-04 20:43 - 2014-04-06 23:53 - 00000000 ____D () C:\Neuer Ordner
2014-06-04 20:41 - 2014-06-04 20:41 - 06347938 _____ () C:\Users\Mafia\Downloads\icloud bypass gwcc1.2.6.rar
2014-06-04 15:53 - 2014-05-18 09:56 - 00013817 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-06-04 08:07 - 2014-05-12 12:08 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-06-04 08:05 - 2014-05-12 19:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-06-04 04:29 - 2014-06-01 06:04 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-04 01:55 - 2014-06-04 01:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(3).exe
2014-06-04 01:53 - 2014-06-04 01:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-06-04 01:44 - 2014-06-04 01:44 - 00010826 _____ () C:\Users\Mafia\Desktop\prüfung.txt
2014-06-04 01:42 - 2014-06-04 01:42 - 00010859 _____ () C:\Users\Mafia\Desktop\hijackthis.log
2014-06-04 01:38 - 2014-06-04 01:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis_5833.exe
2014-06-04 01:19 - 2014-06-04 01:18 - 00000980 _____ () C:\DelFix.txt
2014-06-03 19:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-02 22:08 - 2014-05-13 20:15 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-06-01 19:51 - 2014-04-06 12:47 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\.minecraft
2014-06-01 12:35 - 2014-06-01 12:34 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 09:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 05:42 - 2014-06-01 03:38 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:28 - 2014-06-01 05:27 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 04:06 - 2014-06-01 03:49 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 04:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:30 - 2014-06-01 03:13 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:59 - 2014-06-01 02:41 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:28 - 2014-05-31 18:22 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:23 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia
2014-05-31 17:04 - 2009-07-14 04:03 - 69468160 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 27262976 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-05-31 16:59 - 2009-07-14 04:03 - 00069632 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-05-31 02:41 - 2014-02-07 02:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\vlc
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 21:31 - 2014-05-26 18:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:41 - 2014-05-30 13:35 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 21:25 - 2014-02-08 00:09 - 00000000 ____D () C:\The KMPlayer
2014-05-29 10:49 - 2013-09-13 07:08 - 00000000 ____D () C:\Users\Mafia\Documents\Tongbu
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 09:53 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\Lhsp
2014-05-29 09:44 - 2014-05-21 00:51 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-29 01:48 - 2014-05-29 01:47 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:07 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\msagent
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:04 - 2014-05-17 02:32 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-27 00:55 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\addins
2014-05-26 20:30 - 2014-05-26 17:05 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-26 17:53 - 2014-05-26 17:49 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-25 21:58 - 2014-05-05 18:35 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:06 - 2014-05-24 23:00 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:59 - 2014-05-24 22:58 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:56 - 2014-05-24 22:53 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:29 - 2013-10-16 16:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 06:13 - 2014-05-24 06:11 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:49 - 2014-05-24 04:47 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 04:14 - 2014-02-10 21:55 - 00000000 ____D () C:\Flashtool
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 03:02 - 2014-05-24 02:42 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:57 - 2014-05-24 02:41 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:25 - 2013-12-25 08:57 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2014-05-24 00:21 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:22 - 2013-12-17 13:30 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 21:17 - 2013-12-17 13:30 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-23 15:08 - 2013-08-28 07:41 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\iFunbox_UserCache
2014-05-23 14:41 - 2014-05-23 14:40 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-23 00:57 - 2014-05-16 22:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-23 00:54 - 2013-10-18 18:59 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\libimobiledevice
2014-05-22 23:59 - 2014-05-05 18:44 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 23:50 - 2014-05-22 23:49 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:19 - 2014-05-22 23:18 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 23:15 - 2014-04-19 15:12 - 00007680 ___SH () C:\Users\Mafia\AppData\Roaming\Thumbs.db
2014-05-22 17:06 - 2014-05-18 08:41 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-22 04:37 - 2014-05-22 04:36 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:35 - 2014-03-16 21:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DiskAid
2014-05-22 04:26 - 2014-05-22 04:25 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 19:05 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\Performance
2014-05-21 18:01 - 2014-04-03 19:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\redsn0w
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:51 - 2013-08-28 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-21 00:50 - 2013-08-28 04:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:26 - 2014-05-13 11:37 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-21 00:24 - 2014-05-21 00:22 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 17:02 - 2013-08-31 12:22 - 00000000 ___RD () C:\Program Files\Skype
2014-05-20 17:02 - 2013-08-31 12:21 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:12 - 2014-05-20 11:11 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 01:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
2014-05-19 13:17 - 2014-05-19 13:11 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:56 - 2013-08-28 07:39 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-18 23:48 - 2014-05-18 23:47 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Malwarebytes
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 03:18 - 2013-08-28 03:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-17 03:11 - 2014-05-16 20:16 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:47 - 2013-09-13 06:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:14 - 2014-05-16 20:10 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:00 - 2014-05-16 18:56 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 18:58 - 2013-09-01 15:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-16 18:55 - 2013-09-01 15:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:12 - 2013-09-13 06:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-16 16:35 - 2013-08-28 03:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-16 16:35 - 2013-08-28 03:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:02 - 2014-05-15 05:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 14:59 - 2014-05-15 05:22 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:25 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:23 - 2014-05-13 11:11 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-15 05:02 - 2013-09-01 15:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-15 04:55 - 2013-11-24 17:47 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\ProgramData\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\Program Files\Razer
2014-05-15 01:01 - 2013-08-28 07:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 00:47 - 2013-08-28 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 00:45 - 2012-06-14 12:39 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-14 11:08 - 2014-04-15 11:35 - 00000897 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 22:47 - 2014-05-13 20:12 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 13:30 - 2013-08-28 03:47 - 00000000 ____D () C:\Program Files\Java
2014-05-13 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:42 - 2014-05-13 00:35 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 20:43 - 2014-05-12 19:32 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:11 - 2014-05-11 18:24 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-12 01:16 - 2014-05-15 15:19 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:26 - 2014-05-11 18:24 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-11 17:58 - 2013-09-02 05:19 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Deployment
2014-05-11 17:40 - 2013-08-28 04:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 19:49 - 2013-08-29 12:27 - 00000000 ____D () C:\Program Files\DFX
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:38 - 2014-05-08 15:37 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 13:12 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 09:23 - 2014-01-06 23:54 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\AVS4YOU
2014-05-08 02:35 - 2013-10-02 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:31 - 2014-05-08 02:28 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:28 - 2014-05-08 02:27 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-08 01:31 - 2014-01-06 23:49 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-05-08 01:21 - 2013-12-05 01:56 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\TuneUpMedia
2014-05-08 01:21 - 2013-08-28 04:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Mozilla
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-07 00:18 - 2014-04-29 12:56 - 00000000 ____D () C:\Users\Mafia\Desktop\Minecraft-bilder
2014-05-06 17:26 - 2014-05-06 17:14 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso

Files to move or delete:
====================
C:\Users\Bea\contacts.dat


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \bootmgr
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
integrityservices       Enable
default                 {current}
resumeobject            {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
displayorder            {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
                        {61b1399a-24cd-11de-a4c4-ca27f4abce37}
                        {current}
toolsdisplayorder       {memdiag}
timeout                 15

Windows-Startladeprogramm
-------------------------
Bezeichner              {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
custom:15000065         3
custom:15000066         3
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
systemroot              \windows
nx                      OptIn
custom:250000c2         1
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {5eea018c-c458-11e3-a4e7-dd71149e4331}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
custom:15000065         3
custom:15000066         3
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
systemroot              \windows
nx                      OptIn
custom:250000c2         1
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {ab31a0e4-0f88-11e3-95df-c80cab60adee}
device                  ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7 ohne DDR-RAM Sperre
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {ab31a0e4-0f88-11e3-95df-c80cab60adee}
recoveryenabled         Yes
testsigning             Yes
osdevice                partition=C:
systemroot              \Windows
kernel                  ntkrlICE.exe
resumeobject            {ab31a0e2-0f88-11e3-95df-c80cab60adee}
nx                      OptIn
pae                     ForceEnable
numproc                 2
usefirmwarepcisettings  No

Windows-Startladeprogramm
-------------------------
Bezeichner              {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
device                  partition=D:
path                    \WINDOWS\system32\winload.exe
description             Windows 8.1
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {5eea018c-c458-11e3-a4e7-dd71149e4331}
integrityservices       Enable
recoveryenabled         Yes
custom:17000077         352321653
osdevice                partition=D:
systemroot              \WINDOWS
resumeobject            {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
nx                      OptIn
custom:250000c2         1

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {10a77766-b926-11e3-9e2d-f3f7ac4b143e}
device                  partition=D:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
recoveryenabled         Yes
custom:17000077         352321653
filedevice              partition=D:
filepath                \hiberfil.sys
custom:25000008         1
pae                     Yes
debugoptionenabled      No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {ab31a0e2-0f88-11e3-95df-c80cab60adee}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
device                  partition=D:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {5eea018c-c458-11e3-a4e7-dd71149e4331}
recoveryenabled         Yes
custom:17000077         352321653
filedevice              partition=D:
filepath                \hiberfil.sys
custom:25000008         1
pae                     Yes
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {10a77769-b926-11e3-9e2d-f3f7ac4b143e}
description             Windows Recovery
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {10a7776a-b926-11e3-9e2d-f3f7ac4b143e}
description             Windows Setup
ramdisksdidevice        partition=D:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {5eea018d-c458-11e3-a4e7-dd71149e4331}
description             Windows Recovery
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {ab31a0e5-0f88-11e3-95df-c80cab60adee}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\boot.sdi



LastRegBack: 2014-05-29 01:30

==================== End Of Log ============================
         
--- --- ---

Alt 05.06.2014, 22:33   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen




OK...weitere Anweisungen folgen morgen...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 05.06.2014, 22:36   #13
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014
Ran by Mafia at 2014-06-05 23:30:49
Running from C:\Users\Mafia\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVS Video Converter 8.5 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
Babylon (HKLM\...\{5111D459-D8BD-4C26-BE8B-A15ED1ACBF69}) (Version: 10.00.0111 - Babylon Ltd.)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-3 - Wacom Technology Corp.)
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bleed (HKLM\...\Steam App 239800) (Version:  - Ian Campbell)
Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{EA45DACB-0978-420F-AE32-FD5354FEED61}) (Version: 4.0.3100.0 - Box, Inc.)
Box Sync (Version: 4.0.3100.0 - Box Inc.) Hidden
Broken Sword 5 - the Serpent's Curse -  Episode 1 (HKLM\...\GOGPACKBROKENSWORD5EP1_is1) (Version: 2.0.0.3 - GOG.com)
calibre (HKLM\...\{BA356893-F9F4-4C84-B10B-6EB2FC3C3B90}) (Version: 1.5.0 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
DFX (HKLM\...\DFX) (Version: 11.113.0.0 - Power Technology)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
DiskAid 6.5.6.0 (HKLM\...\DiskAid_is1) (Version: 6.5.6.0 - DigiDNA)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dracula 5 (HKLM\...\Dracula5_is1) (Version: 1.0 - Anuman)
DriverTuner 3.1.0.1 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Eleusis (HKLM\...\Eleusis_is1) (Version:  - )
ffdshow v1.3.4500 [2013-01-06] (HKLM\...\ffdshow_is1) (Version: 1.3.4500.0 - )
Flashtool (HKLM\...\Flashtool) (Version: 0.9.16.0 - Androxyde)
GadgetWide Cloud Control Service (HKLM\...\{6147344A-2A3D-4CE0-9F09-E99CE1C45573}) (Version: 1.2.0.6 - GadgetWide)
GadgetWide Cloud Control Service (HKLM\...\{9DF8F96F-821F-458C-AE5A-FC17051BD592}) (Version: 1.2.4.0 - )
Geheimakte Sam Peters (HKLM\...\{F4DE991E-E7DE-4C22-A01C-3AEC85A62FDE}) (Version: 1.00 - Deep Silver)
Goodbye Deponia (HKLM\...\R29vZGJ5ZURlcG9uaWE=_is1) (Version: 1 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
HWiNFO32 Version 4.24 (HKLM\...\HWiNFO32_is1) (Version: 4.24 - Martin Malík - REALiX)
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iBackupBot 5.0.6 (HKLM\...\iBackupBot) (Version: 5.0.6 - VOWSoft, Ltd.)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.7.2386.747 - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.0.9.0 - Reincubate Ltd)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kai's SuperGOO (HKLM\...\SUPERGOO) (Version:  - )
KnightShift (HKLM\...\KnightShift) (Version: 1.2 - ZUXXEZ Entertainment AG)
L&H TTS3000 Deutsch (HKLM\...\LHTTSGED) (Version:  - )
L&H TTS3000 Español (HKLM\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Français (HKLM\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM\...\LHTTSITI) (Version:  - )
L&H TTS3000 Português (Brasil) (HKLM\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM\...\LHTTSRUR) (Version:  - )
Langenscheidt T1 7.0 (HKLM\...\{57EB87EF-23DF-4A76-9B90-FD7B53E1C6CE}) (Version:  - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0 - Logitech) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Max Recorder (HKLM\...\Max Recorder) (Version: 1.026.0.0 - Silver Vine, LLC)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.60418.17931 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{cbf90bef-21fb-400b-935a-5900785071dd}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{7CBA9009-7EA4-338B-893D-9607CD829ADF}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (Version: 2.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.1.3 (HKLM\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-a1f395dd-4409-482e-99fc-b5681c730f76) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-cbe5321e-9a5d-4826-aa08-d03b68b18551) (Version:  - Epic Games, Inc.)
MyHarmony (HKCU\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
Nero Burning Core (Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM (Version: 15.0.24000 - Nero AG) Hidden
Nero Burning ROM 2014 (HKLM\...\{28FCF48D-1BB2-4D6B-89F9-9499663122D6}) (Version: 15.0.02800 - Nero AG)
Nero Burning ROM Help (CHM) (Version: 15.0.00018 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (Version: 11.0.22900 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.15003 - Nero AG) Hidden
Nero Update (Version: 11.0.13300.42.0 - Nero AG) Hidden
Nexon Game Manager (HKLM\...\{415ADF7E-6DB8-4481-86C0-1CEC0163CC7B}) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
plist Editor for Windows 1.0.2 (HKLM\...\plist Editor for Windows) (Version: 1.0.2 - VOWSoft,Ltd.)
PPÖúÊÖ PC°æ 1.0.8.0 (HKLM\...\PPÖúÊÖ PC°æ) (Version: 1.0.8.0 - ¹ãÖÝÌúÈËÍøÂç¿Æ¼¼ÓÐÏÞ¹«Ë¾)
Prerequisite installer (Version: 15.0.0005 - Nero AG) Hidden
PROMT Professional 10 Multilingual Try-Buy (HKLM\...\{9841E95C-4F87-4142-85A1-71D33B395763}) (Version: 10.0.00027 - PROMT Ltd.)
psynetic® Gif-X 3.00 (HKLM\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM\...\Raptr) (Version:  - )
Rayman 3 (HKLM\...\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}) (Version: 1.00.000 - )
Realtek HDMI Audio Driver for ATI (HKLM\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version:  - Microsoft) Hidden
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.6.8 - Shark007)
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Emma (HKLM\...\Emma) (Version: 2.13.1.38 - Sony Mobile Communications AB)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
Sony Mobile Update Service (HKLM\...\Update Service) (Version: 2.13.14.201312091927 - Sony Mobile Communications AB)
Sony PC Companion 2.10.197 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.197 - Sony)
SpongeBob Schwammkopf - Der Film (HKLM\...\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}) (Version: 1.0 - )
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Subtitle Edit 3.3.8 (HKLM\...\SubtitleEdit_is1) (Version: 3.3.8.2047 - Nikse)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Tesla Effect: A Tex Murphy Adventure (HKLM\...\VGVzbGFFZmZlY3RBVGV4TXVycGh5QWR2ZW50dXJl_is1) (Version: 1 - )
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.8.0.119 - PandoraTV)
Tongbu Assistant 2.0.7.1 (HKLM\...\Tongbu2) (Version: 2.0.7.1 - Xiamen Tongbu Network Ltd.)
TransMac version 10.4 (HKLM\...\TransMac_is1) (Version: 10.4 - Acute Systems)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2 - TuneUp Software) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnLock Root Pro 4.10 (HKLM\...\UnLock Root Pro) (Version: 4.10 - Unlcokroot)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WBFS to ISO (HKLM\...\{55F0E086-2E1C-4478-B52E-DA6025A46434}_is1) (Version:  - wbfstoiso.com)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
Windows-Treiberpaket - Intel System  (10/05/2012 9.1.9.1002) (HKLM\...\8A2EF7D7A858B40014EB296EFBEA8CA1CB929923) (Version: 10/05/2012 9.1.9.1002 - Intel)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare Dr.Fone(Build 1.0.2.5) (HKLM\...\{BE467978-8B6E-43D4-8E12-1ED9AFF303F7}_is1) (Version: 1.0.2.5 - Wondershare Software Co.,Ltd.)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
넥슨플러그 (HKLM\...\NexonPlug) (Version:  - )
엘소드 (HKLM\...\ElSword) (Version:  - )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2014-06-04 20:29 - 2014-06-05 22:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0475C0E8-6FD9-4A0B-8BA5-77FA8D3C77A7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {06AA28D9-BD5F-428E-875E-F1AE96F4EEE4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {129FEFBB-2CBF-4314-AE84-52EE97F42B70} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {3B21E08C-03AE-479A-A5EF-80BB33ED5879} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {4BAD7FC9-F9C6-4108-98F2-8CCE2973E4FD} - System32\Tasks\AdobeAAMUpdater-1.0-Mafia-PC-Mafia => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {5107B6DA-E500-43F5-A9DC-574FE5B994E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {5A5EB51E-0E2B-47D7-8B81-FBCA5E2E477C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {695060B0-E4AF-484E-942E-0F140D400F21} - System32\Tasks\{07001983-0DCD-45FE-9661-9FB5B16F8331} => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-09-04] (Microsoft)
Task: {6EDB4E9C-9E4E-4C91-8DFE-2C27D2CFA9AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FEEBCC1-789E-4B1C-B926-EF4973EC0CB3} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {A0070F61-B9A3-4E07-9882-8F07007AF242} - System32\Tasks\{E4DF9104-1E13-49E3-94F2-2069E79ED790} => C:\Program Files\PRMT9\PROMT Professional\PROMT Professional 9.0.exe
Task: {A6B93D48-32C5-4D9D-AD7A-59D425F3FD63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)
Task: {AB10449B-88B3-4364-86C1-5E13261F5D86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)
Task: {AE546B48-3289-43CE-8B0D-F69442D246A2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {B738FB0D-7366-4329-B78F-8588912B9F4C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {B9086CBA-8915-4B8C-999B-FD034F496673} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-08-28] ()
Task: {B90B8E5A-F52F-4654-9C68-F43E5914DFCA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-09-04] (Microsoft)
Task: {B988CDF7-BDBA-425C-8534-E8629DB7A931} - System32\Tasks\Core Temp Autostart Mafia => C:\Program Files\Core Temp\Core Temp.exe [2013-03-01] ()
Task: {EC77AA74-7CD3-48A2-A584-8E862F91B227} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-09 10:35 - 2013-09-09 10:35 - 00013824 _____ () C:\Program Files\Box\Box Sync\FSEventsReader.exe
2013-09-03 17:16 - 2011-07-06 00:01 - 00962936 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-08-28 07:00 - 2013-08-28 07:00 - 00006144 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\CoreTempReader.dll
2013-08-28 07:00 - 2013-08-28 07:00 - 00008704 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\GetCoreTempInfoNET.dll
2013-08-28 07:00 - 2013-08-28 07:00 - 00007680 _____ () C:\Users\Mafia\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\SystemInfo.dll
2014-03-20 11:23 - 2014-03-20 11:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2013-09-09 10:35 - 2013-09-09 10:35 - 00080896 _____ () C:\Program Files\Box\Box Sync\SystemWrapper.dll
2006-12-12 04:27 - 2006-12-12 04:27 - 00387072 _____ () C:\Nexon\NexonPlug\mss32.dll
2006-12-12 04:27 - 2006-12-12 04:27 - 00150528 _____ () C:\Nexon\NexonPlug\mssmp3.asi
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-10 19:51 - 2014-05-10 19:51 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-09-01 22:42 - 2014-03-18 13:40 - 04327936 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-09-01 22:42 - 2014-03-06 11:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Bea\pass.1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\pass.1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Bea\Pass.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\Pass.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Bea\Scan leben.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Bea\Scan leben.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\noni\NONI.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\noni\NONI.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avkmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ssmdrv
Description: ssmdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ssmdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2014 11:30:52 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:30:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:27:58 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:27:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 10:43:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\wbem\wmiprvse.exe; Beschreibung = ComboFix created restore point; Fehler = 0x80042302).

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator


System errors:
=============
Error: (06/05/2014 10:58:59 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BENEDIKT-NB",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D80D29B7-4F38-4BE6-9399-D1FCA5-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/05/2014 10:53:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/05/2014 10:52:59 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/05/2014 10:52:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/05/2014 10:52:09 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/05/2014 10:51:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/05/2014 10:51:49 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (06/05/2014 10:51:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/05/2014 10:48:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/05/2014 10:44:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (06/05/2014 11:30:52 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:30:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:27:58 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 11:27:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 10:43:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x80042302

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (06/05/2014 10:43:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator


CodeIntegrity Errors:
===================================
  Date: 2014-05-07 09:41:29.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Windows Defender\MpUXSrv.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.826
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.336
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.300
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.257
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\BrowserChoice\browserchoice.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\BrowserChoice\browserchoice.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 13:31:40.162
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\explorer.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4094.49 MB
Available physical RAM: 2086.33 MB
Total Pagefile: 8187.25 MB
Available Pagefile: 6154.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1862.52 MB

==================== Drives ================================

Drive c: ( ) (Fixed) (Total:931.41 GB) (Free:281.26 GB) NTFS
Drive d: ( ) (Fixed) (Total:931.51 GB) (Free:868.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30131FA8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3558A12E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 05.06.2014, 22:39   #14
Cappobebbes
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



Code:
ATTFilter
Users shortcut scan result (x86) Version:02-06-2014
Ran by Mafia at 2014-06-05 23:31:18
Running from C:\Users\Mafia\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\Users\Administrator.Mafia-PC\Links\Desktop.lnk -> C:\Users\Mafia\Desktop ()
Shortcut: C:\Users\Administrator.Mafia-PC\Links\Downloads.lnk -> C:\Users\Mafia\Downloads ()
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Aileen\Paint Tool SAI\Portable sai - Verknüpfung.lnk -> C:\Users\Mafia\Desktop\Kitsune\Paint Tool SAI\Portable sai.exe (No File)
Shortcut: C:\Users\Aileen\Neuer Ordner (2)\OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrodist.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk -> C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-000000000006}\_SC_Acrobat.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk -> C:\Program Files\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goodbye Deponia.lnk -> C:\Program Files\Goodbye Deponia\deponia3.exe (Daedalic Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk -> C:\Program Files\ImgBurn\ImgBurn.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk -> C:\Program Files\Tesla Effect A Tex Murphy Adventure\TeslaEffect.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone\HomePage.lnk -> C:\Program Files\Wondershare\Dr.Fone\Wondershare Dr.Fone.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone\Online kaufen.lnk -> C:\Program Files\Wondershare\Dr.Fone\Wondershare Dr.FoneOrder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone\Wie zu nutzen.lnk -> C:\Program Files\Wondershare\Dr.Fone\Wondershare Dr.FoneOnlineHelp.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone\Wondershare Dr.Fone Deinstallieren.lnk -> C:\Program Files\Wondershare\Dr.Fone\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone\Wondershare Dr.Fone.lnk -> C:\Program Files\Wondershare\Dr.Fone\drfone.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WBFS to ISO\Uninstall WBFS to ISO.lnk -> C:\Program Files\WBFS to ISO\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WBFS to ISO\WBFS to ISO.lnk -> C:\Program Files\WBFS to ISO\wbfstoiso.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\iBackupBot for iTunes\iBackupBot for iTunes.lnk -> C:\Program Files\VOWSoft iPod Software\iBackupBot for iTunes\iBackupBot.exe (VOW Software, Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\iBackupBot for iTunes\Uninstall.lnk -> C:\Program Files\VOWSoft iPod Software\iBackupBot for iTunes\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\iBackupBot for iTunes\Website.lnk -> C:\Program Files\VOWSoft iPod Software\iBackupBot for iTunes\iBackupBot.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT\UseNeXT.lnk -> C:\Program Files\UseNeXT\UseNeXT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Handbuch.lnk -> C:\Program Files\Ubisoft\Rayman 3\Manual\Rayman3_PC_MT_GER.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Liesmich.lnk -> C:\Program Files\Ubisoft\Rayman 3\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Rayman 3 konfigurieren.lnk -> C:\Program Files\Ubisoft\Rayman 3\R3_Setup_DX8.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Rayman 3 spielen.lnk -> C:\Program Files\Ubisoft\Rayman 3\Rayman3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Registirerung.lnk -> C:\Program Files\Ubisoft\Rayman 3\Register\register.exe (Ubi Soft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Utilities 2014.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Utilities Hilfe.lnk -> C:\ProgramData\TuneUp Software\TuneUp Utilities 2014\de-DE\main_vista_7.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp 1-Klick-Wartung.lnk -> C:\Program Files\TuneUp Utilities 2014\OneClick.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Browser Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\BrowserCleaner.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskCleaner.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Doctor.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskDoctor.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Space Explorer.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskExplorer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Drive Defrag.lnk -> C:\Program Files\TuneUp Utilities 2014\DriveDefrag.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Duplicate Finder.lnk -> C:\Program Files\TuneUp Utilities 2014\DuplicateFinder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Economy-Modus.lnk -> C:\Program Files\TuneUp Utilities 2014\EnergyOptimizer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Live-Optimierung.lnk -> C:\Program Files\TuneUp Utilities 2014\SettingCenter.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Optimierungsbericht.lnk -> C:\Program Files\TuneUp Utilities 2014\Report.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Process Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\ProcessManager.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Program Deactivator.lnk -> C:\Program Files\TuneUp Utilities 2014\ProgramDeactivator.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryCleaner.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Defrag.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryDefrag.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Editor.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryEditor.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Repair Wizard.lnk -> C:\Program Files\TuneUp Utilities 2014\RepairWizard.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Rescue Center.lnk -> C:\Program Files\TuneUp Utilities 2014\RescueCenter.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Setting Center.lnk -> C:\Program Files\TuneUp Utilities 2014\SettingCenter.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Shortcut Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\ShortcutCleaner.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Shredder.lnk -> C:\Program Files\TuneUp Utilities 2014\Shredder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp StartUp Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\StartUpManager.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp StartUp Optimizer.lnk -> C:\Program Files\TuneUp Utilities 2014\StartupOptimizer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Styler.lnk -> C:\Program Files\TuneUp Utilities 2014\Styler.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp System Control.lnk -> C:\Program Files\TuneUp Utilities 2014\SystemControl.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp System Information.lnk -> C:\Program Files\TuneUp Utilities 2014\SystemInformation.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Undelete.lnk -> C:\Program Files\TuneUp Utilities 2014\Undelete.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Uninstall Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\UninstallManager.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Update Wizard.lnk -> C:\Program Files\TuneUp Utilities 2014\UpdateWizard.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tongbu Network\Tongbu Assistant\Tongbu Assistant.lnk -> C:\Program Files\Tongbu\Launcher.exe (同步网络平台)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tongbu Network\Tongbu Assistant\Uninstall.lnk -> C:\Program Files\Tongbu\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ\Nick Games\SpongeBob Schwammkopf\Der Film\README lesen.lnk -> C:\Program Files\THQ\Nick Games\SpongeBob Schwammkopf\Der Film\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ\Nick Games\SpongeBob Schwammkopf\Der Film\SpongeBob Schwammkopf - Der Film.lnk -> C:\Program Files\THQ\Nick Games\SpongeBob Schwammkopf\Der Film\sb4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Subtitle Edit entfernen.lnk -> C:\Program Files\Subtitle Edit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Subtitle Edit.lnk -> C:\Program Files\Subtitle Edit\SubtitleEdit.exe (Nikse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Changelog.lnk -> C:\Program Files\Subtitle Edit\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk -> C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\Settings Application 32bit.lnk -> C:\Program Files\Shark007\Standard\Tools\Settings32.exe (Shark007)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft\Kai's SuperGOO\GetStarted with SuperGOO.lnk -> C:\Program Files\SuperGOO\GetStarted with SuperGOO.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft\Kai's SuperGOO\Kai's SuperGOO ReadMe.lnk -> C:\Program Files\SuperGOO\Kai's SuperGOO ReadMe.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft\Kai's SuperGOO\Kai's SuperGOO.lnk -> C:\Program Files\SuperGOO\SuperGoo.exe (MetaCreations Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime - Bitte lesen.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\QuickPar.lnk -> C:\Program Files\QuickPar\QuickPar.exe (Peter B Clements)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Uninstall.lnk -> C:\Program Files\QuickPar\uninst.exe (Peter B Clements)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Website.lnk -> C:\Program Files\QuickPar\QuickPar.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psynetic\Gif-X\Beispiele.lnk -> C:\Program Files\psynetic\Gif-X\beispiele ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psynetic\Gif-X\Deinstallieren.lnk -> C:\Program Files\psynetic\Gif-X\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psynetic\Gif-X\Gif-X.lnk -> C:\Program Files\psynetic\Gif-X\gif-X.exe (Robert Mundt, hxxp://www.psynetic.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psynetic\Gif-X\Hilfe.lnk -> C:\Program Files\psynetic\Gif-X\gif-x.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psynetic\Gif-X\Website.lnk -> C:\Program Files\psynetic\Gif-X\psynetic® Gif-X.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT\Electronic dictionary.lnk -> C:\Windows\Installer\{9841E95C-4F87-4142-85A1-71D33B395763}\VerDictEng_16476EA7A1394F1EA80E4F77B37EE6CA.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT\PROMT Agent.lnk -> C:\Program Files\PRMT10\PTA\PTA2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT\PROMT Professional 10.lnk -> C:\Windows\Installer\{9841E95C-4F87-4142-85A1-71D33B395763}\Icon_MainApp.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT\PTS Data Synchronization.lnk -> C:\Windows\Installer\{9841E95C-4F87-4142-85A1-71D33B395763}\Icon_PTSSync.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPÖúÊÖ\PPÖúÊÖ ÍøÕ¾.lnk -> C:\Program Files\PPÖúÊÖ\PPÖúÊÖ PC°æ.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPÖúÊÖ\PPÖúÊÖ.lnk -> C:\Program Files\PPÖúÊÖ\ihelper.exe (广州铁人网络科技有限公司)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPÖúÊÖ\жÔØ PPÖúÊÖ.lnk -> C:\Program Files\PPÖúÊÖ\uninst.exe (广州铁人网络科技有限公司)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nocturnal works\Eleusis\Eleusis entfernen.lnk -> C:\Program Files\Nocturnal works\Eleusis\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nocturnal works\Eleusis\Eleusis.lnk -> C:\Program Files\Nocturnal works\Eleusis\Eleusis Game Launcher.exe (Nocturnal Works)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon\넥슨플러그.lnk -> C:\Nexon\NexonPlug\NexonPlug.exe (Nexon Korea Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter.lnk -> C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero Burning ROM.lnk -> C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\EasyBCD 2.2.lnk -> C:\Program Files\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Uninstall EasyBCD.lnk -> C:\Program Files\NeoSmart Technologies\EasyBCD\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\MP3Gain Help.lnk -> C:\Program Files\MP3Gain\MP3Gain.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\MP3Gain.lnk -> C:\Program Files\MP3Gain\MP3GainGUI.exe (Snelg Enterprises)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\Uninstall MP3Gain.lnk -> C:\Program Files\MP3Gain\uninst-mp3gain.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot\Minimal ADB and Fastboot.lnk -> C:\Program Files\Minimal ADB and Fastboot\py_cmd.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot\Uninstall Minimal ADB and Fastboot.lnk -> C:\Program Files\Minimal ADB and Fastboot\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center\Microsoft-Maus- und Tastatur-Center.lnk -> C:\Windows\Installer\{0C41D003-E38E-4C8A-BA67-AFF061E27F3F}\DeviceCenter.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Windows System Image Manager.lnk -> C:\Program Files\Windows AIK\Tools\Image Manager\ImgMgr.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\VAMT 1.2\Hilfe zum Tool für die Volumenaktivierungsverwaltung.lnk -> C:\Program Files\Windows AIK\Docs\CHMs\VAMT.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\VAMT 1.2\Tool für Volumenaktivierungsverwaltung.lnk -> C:\Program Files\Windows AIK\Tools\VAMT\x86\VAMT.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\Referenz für das unbeaufsichtigte Windows-Setup.lnk -> C:\Program Files\Windows AIK\Docs\CHMs\Unattend.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\Schrittweise Anleitung - Grundlegende Windows-Bereitstellung für IT-Spezialisten.lnk -> C:\Program Files\Windows AIK\Docs\Whitepapers\stepbystep_itpro.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\Windows Automated Installation Kit-Benutzerhandbuch.lnk -> C:\Program Files\Windows AIK\Docs\CHMs\WAIK.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\Windows PE-Benutzerhandbuch.lnk -> C:\Program Files\Windows AIK\Docs\CHMs\WinPE.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\SDK\Einführung in die Component Platform Interface-Referenz.lnk -> C:\Program Files\Windows AIK\Docs\CHMs\cpiapi.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\SDK\Handbuch für Hilfeerstellung.lnk -> C:\Program Files\Windows AIK\SDKs\Help and Support\Help_Authoring.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Documentation\SDK\Windows Imaging Interface-Referenz.lnk -> C:\Program Files\Windows AIK\SDKs\WIMGAPI\wimgapi.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Blend SDK\Expression Blend SDK Documentation.lnk -> C:\Program Files\Microsoft SDKs\Expression\Blend\.NETFramework\v4.0\Help\en\.NETFramework40BlendSDK.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder\Max Recorder.lnk -> C:\Program Files\Max Recorder\MaxRecorder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\Langenscheidt T1.lnk -> C:\Program Files\Langenscheidt T1 7_0\T1_70_LangenscheidtT1.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\Liesmich.txt.lnk -> C:\Program Files\Langenscheidt T1 7_0\liesmich.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\Online-Registrierung.lnk -> C:\Program Files\Langenscheidt T1 7_0\T1_70_OnlineRegistrierung.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\T1 Support.lnk -> C:\Program Files\Langenscheidt T1 7_0\T1_70_T1Support.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\T1-Anywhere.lnk -> C:\Program Files\Langenscheidt T1 7_0\StdAlone\T1Anywhere.exe (LUCY Software and Services GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\T1-Basisanwendung.lnk -> C:\Program Files\Langenscheidt T1 7_0\StdAlone\MT_Alone.exe (Lucy Software and Services GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\T1-Hilfe.lnk -> C:\Program Files\Langenscheidt T1 7_0\StdAlone\T1.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0\Übersetzungsqualität verbessern.lnk -> C:\Program Files\Langenscheidt T1 7_0\Textoptimierung.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knowledge Adventure\Spiel mit mir!.lnk -> C:\KA\BEAR2\KAMENU.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPodRobot\plist Editor for Windows\plist Editor for Windows.lnk -> C:\Program Files\iPodRobot\plist Editor for Windows\plistEditor.exe (iCopyBot.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPodRobot\plist Editor for Windows\Uninstall.lnk -> C:\Program Files\iPodRobot\plist Editor for Windows\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPodRobot\plist Editor for Windows\Website.lnk -> C:\Program Files\iPodRobot\plist Editor for Windows\plist Editor for Windows.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn Read Me.lnk -> C:\Program Files\ImgBurn\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn.lnk -> C:\Program Files\ImgBurn\ImgBurn.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn\Uninstall.lnk -> C:\Program Files\ImgBurn\uninstall.exe (LIGHTNING UK!)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Check New Update.lnk -> C:\Program Files\i-Funbox DevTeam\links\ifunbox.win32.checkupdate.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox.lnk -> C:\Program Files\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Online Tutorial.lnk -> C:\Program Files\i-Funbox DevTeam\links\ifunbox.win32.tutorial.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Uninstall iFunbox.lnk -> C:\Program Files\i-Funbox DevTeam\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32\HWiNFO32 Driver Tool.lnk -> C:\Program Files\HWiNFO32\HW32inst.EXE (REALiX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32\HWiNFO32 Help.lnk -> C:\Program Files\HWiNFO32\HWiNFO32.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32\HWiNFO32 History.lnk -> C:\Program Files\HWiNFO32\History.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32\HWiNFO32 Program.lnk -> C:\Program Files\HWiNFO32\HWiNFO32.EXE (REALiX)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Broken Sword 5 - the Serpents Curse - Episode 1\Broken Sword 5 - the Serpent's Curse - Episode 1.lnk -> C:\GOG Games\Broken Sword 5 - the Serpents Curse - Episode 1\BS5.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Broken Sword 5 - the Serpents Curse - Episode 1\Uninstall Broken Sword 5 - the Serpent's Curse -  Episode 1.lnk -> C:\GOG Games\Broken Sword 5 - the Serpents Curse - Episode 1\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\ffdshow deinstallieren.lnk -> C:\Program Files\ffdshow\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Anleitung.lnk -> C:\Program Files\Elaborate Bytes\VirtualCloneDrive\HelpLauncher.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Uninstall.lnk -> C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Virtual CloneDrive Revision History.lnk -> C:\Program Files\Elaborate Bytes\VirtualCloneDrive\manual\changes_vcd.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\VirtualCloneDrive\Virtual CloneDrive.lnk -> C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner\DriverTuner entfernen.lnk -> C:\Program Files\DriverTuner\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner\DriverTuner.lnk -> C:\Program Files\DriverTuner\DriverTuner.exe (LionSea)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner\update.lnk -> C:\Program Files\DriverTuner\update\update.EXE (Sunisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive\Micky auf Ganovenjagd\Micky auf Ganovenjagd deinstallieren.lnk -> C:\Windows\IsUn0407.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive\Aladdin\Aladdin deinstallieren.lnk -> C:\Windows\IsUn0407.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive\A Bugs Life Action-Spiel\A Bug's Life Action Spiel deinstallieren.lnk -> C:\Windows\IsUn0407.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskAid\DiskAid.lnk -> C:\Program Files\DigiDNA\DiskAid\DiskAid.exe (DigiDNA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer\DFX.lnk -> C:\Program Files\DFX\DFX.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer\Manual.lnk -> C:\Program Files\DFX\Universal\Help\DFX Manual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver\Geheimakte Sam Peters\Geheimakte Sam Peters spielen.lnk -> C:\Program Files\Deep Silver\Geheimakte Sam Peters\Autostarter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk -> C:\Program Files\Calibre2\ebook-viewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk -> C:\Program Files\Calibre2\lrfviewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync\Box Sync.lnk -> C:\Windows\Installer\{EA45DACB-0978-420F-AE32-FD5354FEED61}\BoxSync.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock\Bamboo Dock.lnk -> C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock\Uninstall.lnk -> C:\Program Files\Bamboo Dock\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Bamboo Voreinstellungen.lnk -> C:\Program Files\Tablet\Pen\Consumer_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Bamboo Voreinstellungsdatei-Dienstprogramm.lnk -> C:\Program Files\Tablet\Pen\32\PrefUtil.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo\Lies Mich.lnk -> C:\Program Files\Tablet\Pen\Lies Mich.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Aktivierung.lnk -> C:\Program Files\AVS4YOU\Registration.exe (Online Media Technologies Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Hilfe.lnk -> C:\Program Files\AVS4YOU\AVS4YOUHelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Lizenzvereinbarung.lnk -> C:\Program Files\AVS4YOU\License Agreement.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Converter.lnk -> C:\Program Files\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe (Online Media Technologies Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anuman\Dracula 5\Dracula 5 entfernen.lnk -> C:\Program Files\Anuman\Dracula 5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anuman\Dracula 5\Dracula 5.lnk -> C:\Program Files\Anuman\Dracula 5\Dracula5.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\AVD Manager.lnk -> C:\Program Files\Android\android-sdk\AVD Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\SDK Manager.lnk -> C:\Program Files\Android\android-sdk\SDK Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools\Uninstall Android SDK Tools.lnk -> C:\Program Files\Android\android-sdk\uninstall.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Bridge CS6.lnk -> C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Extension Manager CS6.lnk -> C:\Program Files\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Flash Professional CS6.lnk -> C:\Program Files\Adobe\Adobe Flash CS6\Flash.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Encoder CS6.lnk -> C:\Program Files\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\DisplaySwitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\microsoft shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\AC3Filter Config.lnk -> C:\Program Files\AC3Filter\ac3config.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Clear filter cache.lnk -> C:\Program Files\AC3Filter\Clear filter cache.reg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\License.lnk -> C:\Program Files\AC3Filter\GPL.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Readme.lnk -> C:\Program Files\AC3Filter\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Reset to defaults.lnk -> C:\Program Files\AC3Filter\Reset to defaults.reg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Restore default presets.lnk -> C:\Program Files\AC3Filter\Presets.reg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\SPDIF test (32bit).lnk -> C:\Program Files\AC3Filter\spdif_test.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Uninstall AC3Filter.lnk -> C:\Program Files\AC3Filter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Bea\Adam's Venture 3.lnk -> C:\Program Files\Adam's Venture 3\Binaries\Win32\VentureGame.exe (No File)
Shortcut: C:\Users\Bea\Amnesia.exe - Verknüpfung.lnk -> C:\Program Files\Amnesia - The Dark Descent\redist\Amnesia.exe (No File)
Shortcut: C:\Users\Bea\Amnesia_The_Dark_Descent_Trainer.EXE - Verknüpfung.lnk -> C:\Program Files\Amnesia - The Dark Descent\redist\Amnesia_The_Dark_Descent_Trainer.EXE (No File)
Shortcut: C:\Users\Bea\game - Verknüpfung.lnk -> C:\Program Files\Focus\Frogwares\Das Testament des Sherlock Holmes\game.exe (No File)
Shortcut: C:\Users\Bea\Paris1925.lnk -> C:\games\Paris 1925\Paris1925.exe (No File)
Shortcut: C:\Users\Bea\Bea\Galileo Family Quiz - Unsere Natur verstehen.lnk -> C:\Program Files\Galileo Family Quiz - Spezial I\galileo.exe (No File)
Shortcut: C:\Users\Bea\Bea\Risen - Verknüpfung.lnk -> C:\Program Files\Deep Silver\Risen\bin\Risen.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\Links\Desktop.lnk -> C:\Users\Mafia\Desktop ()
Shortcut: C:\Users\Mafia\Links\Downloads.lnk -> C:\Users\Mafia\Downloads ()
Shortcut: C:\Users\Mafia\Links\Dropbox.lnk -> C:\Users\Mafia\Dropbox ()
Shortcut: C:\Users\Mafia\Downloads\redsn0w_win_0.9.15b3\boot-ipt4g.lnk -> C:\redsn0w.exe (No File)
Shortcut: C:\Users\Mafia\Downloads\redsn0w_win_0.9.15b1\boot-ipt4g.lnk -> C:\redsn0w.exe (No File)
Shortcut: C:\Users\Mafia\Documents\Audible\Downloads.lnk -> C:\Users\Public\Documents\Audible\Downloads (No File)
Shortcut: C:\Users\Mafia\Desktop\Aileen - Verknüpfung.lnk -> C:\Users\Aileen ()
Shortcut: C:\Users\Mafia\Desktop\Aileen neu - Verknüpfung.lnk -> C:\Users\Aileen\Aileen neu ()
Shortcut: C:\Users\Mafia\Desktop\Bea - Verknüpfung.lnk -> C:\Users\Bea ()
Shortcut: C:\Users\Mafia\Desktop\Downloads.lnk -> C:\Users\Mafia\Downloads ()
Shortcut: C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk -> C:\Windows\System32\drivers\etc ()
Shortcut: C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk -> C:\Users\Mafia\AppData\Roaming\Reincubate\iPhone Backup Extractor\iPhoneBackupExtractor.exe (Reincubate Ltd)
Shortcut: C:\Users\Mafia\Desktop\KnightShift.lnk -> C:\Program Files\Reality Pump\KnightShift\KnightShift.exe (Reality Pump)
Shortcut: C:\Users\Mafia\Desktop\Portable sai - Verknüpfung.lnk -> C:\Users\Aileen\Paint Tool SAI\Portable sai.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk -> C:\Users\Mafia\AppData\Roaming\Microsoft\Installer\{9DF8F96F-821F-458C-AE5A-FC17051BD592}\_4e65124a.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk -> C:\Users\Mafia\AppData\Roaming\Microsoft\Installer\{6147344A-2A3D-4CE0-9F09-E99CE1C45573}\_72ac292d.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\Uninstall XBMC.lnk -> C:\Program Files\XBMC\Uninstall.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\XBMC.lnk -> C:\Program Files\XBMC\XBMC.exe (Team XBMC)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Windows 7 USB DVD Download Tool.lnk -> C:\Users\Mafia\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager\WBFS Manager 3.0.lnk -> C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro\UnlockRoot Pro.lnk -> C:\Program Files\Unlockroot Pro\unlockrootpro.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\README.lnk -> C:\Program Files\Unlocker\README.TXT ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker Assistant.lnk -> C:\Program Files\Unlocker\UnlockerAssistant.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker.lnk -> C:\Program Files\Unlocker\Unlocker.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Uninstall.lnk -> C:\Program Files\Unlocker\uninst.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Website.lnk -> C:\Program Files\Unlocker\Unlocker.url ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\ TransMac.lnk -> C:\Program Files\TransMac\TransMac.exe (Acute Systems)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\Acute Systems Web Site.lnk -> C:\Program Files\TransMac\Acute Systems Web Site.url ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\TransMac Help.lnk -> C:\Program Files\TransMac\TransMac.chm ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\TransMac License.lnk -> C:\Program Files\TransMac\License.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\TransMac Read Me.lnk -> C:\Program Files\TransMac\Readme.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac\Uninstall TransMac.lnk -> C:\Program Files\TransMac\unins000.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -> C:\The KMPlayer\KMPSetup.exe (hxxp://www.kmplayer.com)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -> C:\The KMPlayer\KMPlayer.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -> C:\The KMPlayer\uninstall.exe (PandoraTV)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile\Update Service\Uninstall.lnk -> C:\Program Files\Sony Mobile\Update Service\uninst.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile\Update Service\Update Service.lnk -> C:\Program Files\Sony Mobile\Update Service\Update Service.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile\Emma\Emma Home page.lnk -> C:\Program Files\Sony Mobile\Emma\Emma Home page.url ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile\Emma\Emma.lnk -> C:\Program Files\Sony Mobile\Emma\Emma.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile\Emma\Uninstall.lnk -> C:\Program Files\Sony Mobile\Emma\uninst.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate\iPhone Backup Extractor\iPhone Backup Extractor.lnk -> C:\Users\Mafia\AppData\Roaming\Reincubate\iPhone Backup Extractor\iPhoneBackupExtractor.exe (Reincubate Ltd)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate\iPhone Backup Extractor\Uninstall.lnk -> C:\Users\Mafia\AppData\Roaming\Reincubate\iPhone Backup Extractor\iPhoneBackupExtractor-uninstaller.exe (Reincubate Ltd)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.37.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool\Flashtool.lnk -> C:\Flashtool\FlashTool.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool\Flashtool64.lnk -> C:\Flashtool\FlashTool64.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool\Uninstall Flashtool.lnk -> C:\Flashtool\uninstall.exe (Androxyde)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Deinstallieren.lnk -> C:\Program Files\AVS4YOU\Uninstall.exe (Online Media Technologies Ltd.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\AMD Gaming Evolved.lnk -> C:\Program Files\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\AVS Mobile Uploader.lnk -> C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe (Online Media Technologies Ltd.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Burner.lnk -> C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe (Online Media Technologies Ltd.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Uploader.lnk -> C:\Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe (Online Media Technologies Ltd.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Mafia\Dropbox ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\Unlocker.lnk -> C:\Program Files\Unlocker\Unlocker.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox - Verknüpfung.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iFunbox.lnk -> C:\Program Files\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\UseNeXT - Verknüpfung.lnk -> C:\Program Files\UseNeXT\UseNeXT.exe ()
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DiskAid.lnk -> C:\Program Files\DigiDNA\DiskAid\DiskAid.exe (DigiDNA)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Subtitle Edit.lnk -> C:\Program Files\Subtitle Edit\SubtitleEdit.exe (Nikse)
Shortcut: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Mafia\AppData\Local\Microsoft\Windows\GameExplorer\{F8AB1708-B9E5-44F6-BDF8-E702431A2B48}\PlayTasks\0\Spielen.lnk -> C:\Program Files\Disney Interactive\Tarzan Action-Spiel\tarzan.exe (No File)
Shortcut: C:\Users\Mafia\AppData\Local\Microsoft\Windows\GameExplorer\{C9FFBD9C-042D-4AA2-8CC9-37E6F81169C4}\PlayTasks\0\Spielen.lnk -> C:\Program Files\Ubisoft\Rayman 3\Rayman3.exe ()
Shortcut: C:\Users\Mafia\AppData\Local\Microsoft\Windows\GameExplorer\{347EE87C-5406-41A5-BF2B-7E2B47D51086}\PlayTasks\0\Spielen.lnk -> C:\Programme\Disney Interactive\A Bugs Life Action-Spiel\bugs.exe (Travellers Tales)
Shortcut: C:\Users\Public\Desktop\Bamboo Dock.lnk -> C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()
Shortcut: C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse - Episode 1.lnk -> C:\GOG Games\Broken Sword 5 - the Serpents Curse - Episode 1\BS5.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\Users\Public\Desktop\Play League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk -> C:\Program Files\Tesla Effect A Tex Murphy Adventure\TeslaEffect.exe ()
Shortcut: C:\Users\Public\Desktop\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\mplayer2.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\넥슨플러그.lnk -> C:\Nexon\NexonPlug\NexonPlug.exe (Nexon Korea Corp.)




ShortcutWithArgument: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator.Mafia-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) -> --appletID=HomePanel_BL --appletVersion=1.0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Rayman 3 deinstallieren.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}\setup.exe" -l0x7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ\Nick Games\SpongeBob Schwammkopf\Der Film\Spiel deinstallieren.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}\setup.exe" -l0x7 \ -uninst
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Deinstallieren.lnk -> C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe (Sony) -> -uninst -runfromtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs\Uninstall 32bit Standard.lnk -> C:\Program Files\Shark007\Standard\Tools\Settings32.exe (Shark007) -> uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft\Kai's SuperGOO\Uninstall Kai's SuperGOO.lnk -> C:\Windows\uninst.exe (InstallShield Corporation, Inc.) -> -fC:\PROGRA~1\SuperGOO\DeIsL1.isu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump\KnightShift\KnightShift - Offizielle Website.lnk -> C:\Program Files\Reality Pump\KnightShift\UNWISE.EXE () -> /W3 "C:\Program Files\Reality Pump\KnightShift\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump\KnightShift\KnightShift deinstallieren.lnk -> C:\Program Files\Reality Pump\KnightShift\UNWISE.EXE () -> /W4 "C:\Program Files\Reality Pump\KnightShift\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump\KnightShift\KnightShift.lnk -> C:\Program Files\Reality Pump\KnightShift\UNWISE.EXE () -> /W1 "C:\Program Files\Reality Pump\KnightShift\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump\KnightShift\Konfiguration.lnk -> C:\Program Files\Reality Pump\KnightShift\UNWISE.EXE () -> /W2 "C:\Program Files\Reality Pump\KnightShift\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {111EE7DF-FC45-40C7-98A7-753AC46B12FB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK\Eingabeaufforderung für Bereitstellungstools.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files\Windows AIK\Tools\PETools\pesetenv.cmd"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe () ->  /design 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {C22378E6-9A65-438E-964C-7DB8FBB568DE} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Harmony Remote\Logitech Harmony Remote Software 7.lnk -> C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe () -> /launchbrowser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} FEEDBACK=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Audiodekoder-Konfiguration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\VFW-Konfiguration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Windows\system32\ff_vfw.dll",configureVFW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Videodekoder-Konfiguration.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver\Geheimakte Sam Peters\Geheimakte Sam Peters deinstallieren.lnk -> C:\Program Files\InstallShield Installation Information\{F4DE991E-E7DE-4C22-A01C-3AEC85A62FDE}\setup.exe () -> -runfromtemp -l0x0407
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Hilfe.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Uninstall Windows 7 USB DVD Download Tool.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {CCF298AF-9CE1-4B26-B251-486E98A34789}
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Mafia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\Users\Administrator.Mafia-PC\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Rayman 3\Ubi.com.url -> C:\Program Files\Ubisoft\Rayman 3\ubi.url
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Software Webseite.url -> hxxp://www.tuneup.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Online Help.url -> hxxp://www.nikse.dk/SubtitleEdit/Help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Subtitle Edit im Internet.url -> hxxp://www.nikse.dk/SubtitleEdit/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon\넥슨.url -> hxxp://www.nexon.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon\엘소드.url -> hxxp://game.nexon.com/94224
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Broken Sword 5 - the Serpents Curse - Episode 1\Documents\Support.url -> hxxp://www.gog.com/support/broken_sword_5_the_serpents_curse
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow\Webseite.url -> hxxp://ffdshow-tryout.sourceforge.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner\DriverTuner im Internet.url -> hxxp://www.DriverTuner.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver\Geheimakte Sam Peters\Geheimakte*Webseite.url -> hxxp://geheimakte.deepsilver.de/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\Get Involved.url -> hxxp://calibre-ebook.com/get-involved
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\User Manual.url -> hxxp://manual.calibre-ebook.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Documentation.url -> hxxp://ac3filter.net/wiki/AC3Filter_Help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter\Home.url -> hxxp://ac3filter.net
InternetURL: C:\Users\Mafia\Favorites\The NeoSmart Files.url -> hxxp://neosmart.net/blog/feed/
InternetURL: C:\Users\Mafia\Favorites\Media\ABC News and Entertainment.url -> hxxp://www.abc.com/videoclips
InternetURL: C:\Users\Mafia\Favorites\Media\Bloomberg.url -> hxxp://www.bloomberg.com/blpvideo3.cgi
InternetURL: C:\Users\Mafia\Favorites\Media\Capitol Records.url -> hxxp://www.hollywoodandvine.com/netshow
InternetURL: C:\Users\Mafia\Favorites\Media\CBS.url -> hxxp://www.cbs.com/network/htdocs/netshow/
InternetURL: C:\Users\Mafia\Favorites\Media\CNBC Dow Jones Business Video.url -> hxxp://www.business.cnbcdowjones.com
InternetURL: C:\Users\Mafia\Favorites\Media\CNET Today - Technology News.url -> hxxp://stream.cnet.com
InternetURL: C:\Users\Mafia\Favorites\Media\CNN Videoselect.url -> hxxp://cnn.com/videoselect/netshow/
InternetURL: C:\Users\Mafia\Favorites\Media\Disney.url -> hxxp://www.disney.com/Features/Distribution/Media/index.html
InternetURL: C:\Users\Mafia\Favorites\Media\ESPN Sports.url -> hxxp://espn.sportszone.com/dist/m/index.html
InternetURL: C:\Users\Mafia\Favorites\Media\Fox News.url -> hxxp://foxnews.com/js_index.sml?content=/video/netshow.sml
InternetURL: C:\Users\Mafia\Favorites\Media\Fox Sports.url -> hxxp://www.foxsports.com/media/netshow.sml
InternetURL: C:\Users\Mafia\Favorites\Media\Hollywood Online.url -> hxxp://www.hollywood.com/netshow
InternetURL: C:\Users\Mafia\Favorites\Media\Internet Radio Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=5.2&os=&over=&olcid=&clcid=&ar=Media&sba=RadioGuide&o1=&o2=&o3=
InternetURL: C:\Users\Mafia\Favorites\Media\MSNBC.url -> hxxp://www.msnbc.com/modules/videomoment.asp
InternetURL: C:\Users\Mafia\Favorites\Media\MUSICVIDEOS.COM.url -> hxxp://www.musicvideos.com
InternetURL: C:\Users\Mafia\Favorites\Media\NBC VideoSeeker.url -> hxxp://www.videoseeker.com/netshow/
InternetURL: C:\Users\Mafia\Favorites\Media\TV Guide Entertainment Network.url -> hxxp://tvgen.com/netshow/netshow.sml
InternetURL: C:\Users\Mafia\Favorites\Media\Universal Studios Online.url -> hxxp://www.universalstudios.com/netshow
InternetURL: C:\Users\Mafia\Favorites\Media\Warner Bros. Hip Clips.url -> hxxp://www.warnerbros.com/hipclips/
InternetURL: C:\Users\Mafia\Favorites\Media\What's On Now.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ntserver&sbp=netshow&plcid=&pver=3.0&os=&over=&olcid=&clcid=&ar=NetShow&sba=Events&o1=&o2=&o3=
InternetURL: C:\Users\Mafia\Favorites\Media\Windows Media Showcase.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=5.2&os=&over=&olcid=&clcid=&ar=Media&sba=Guide&o1=&o2=&o3=
InternetURL: C:\Users\Mafia\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Mafia\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Mafia\Downloads\213132653621-RMBOO\SKIDROW FACEBOOK.url -> https://www.facebook.com/skidrowgamesnett
InternetURL: C:\Users\Mafia\Downloads\213132653621-RMBOO\SKIDROWGAMES.NET.url -> hxxp://www.skidrowgames.net/
InternetURL: C:\Users\Mafia\Downloads\213132653621-RMBOO\Rambo.The.Video.Game-RELOADED\SKIDROW FACEBOOK.url -> https://www.facebook.com/skidrowgamesnett
InternetURL: C:\Users\Mafia\Downloads\213132653621-RMBOO\Rambo.The.Video.Game-RELOADED\SKIDROWGAMES.NET.url -> hxxp://www.skidrowgames.net/
InternetURL: C:\Users\Mafia\Documents\VirtualDJ\Sampler\Get more free sound effects on www.a1freesoundeffects.com.url -> hxxp://www.a1freesoundeffects.com/
InternetURL: C:\Users\Mafia\Desktop\Bleed.url -> steam://rungameid/239800
InternetURL: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\Visit XBMC Online.url -> hxxp://xbmc.org
InternetURL: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro\Help.url -> hxxp://www.unlockroot.com/support.html
InternetURL: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Home Page.url -> hxxp://www.kmplayer.com/forums/forumdisplay.php?f=18
InternetURL: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech\MyHarmony Onlineunterstützung.url -> hxxp://support.myharmony.com/
InternetURL: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Mafia\AppData\Roaming\.minecraft\saves\Video Menu.url -> hxxp://www.youtube.com/watch?v=OjpcAY_g6ws
InternetURL: C:\Users\Public\Desktop\엘소드.url -> hxxp://game.nexon.com/94224

==================== End of log =============================
         
Ok
Ich mein name ist Stefan gut alla dann bis morgen

Alt 06.06.2014, 12:19   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
cpu 100% und exe lassen sich nicht öffen - Standard

cpu 100% und exe lassen sich nicht öffen



OK Stefan,

machen wir weiter...

Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 3



Bitte starte FRST erneut und drücke auf Scan.

Bitte poste die Logs von MBAM, ESET und FRST.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu cpu 100% und exe lassen sich nicht öffen
100%, bat/starter.nbi, bootmgr, conduit.search, conduit.search entfernen, downloader, flash player, icloud, iexplore.exe, iphone 5, svchost.exe, tablet, usbvideo.sys, vbs/starter.naq, win32/adgazelle.a, win32/conduit.searchprotect.h, win32/conduit.searchprotect.i, win32/conduit.searchprotect.n, win32/dealply.m, win32/downloadsponsor.a, win32/downware.l, win32/elex.aj, win32/outbrowse.d, win32/outbrowse.n, win32/outbrowse.r, win32/packed.vmprotect.abd, win32/packed.vprotect.c, win32/toolbar.babylon.e, win64/conduit.searchprotect.a, xperia



Ähnliche Themen: cpu 100% und exe lassen sich nicht öffen


  1. Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 23.03.2015 (10)
  2. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Log-Analyse und Auswertung - 14.11.2014 (26)
  3. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Plagegeister aller Art und deren Bekämpfung - 05.10.2014 (4)
  4. in Chrome öffen sich selbständig neue Werbefenster
    Alles rund um Windows - 31.03.2014 (1)
  5. Windows XP: Fragmente verschiedener Programme lassen sich nicht deinstallieren, Desktophintergrund verändert sich
    Log-Analyse und Auswertung - 18.02.2014 (12)
  6. .exe files lassen sich nicht ausführen, malware lässt sich nicht ausführen, system wiederherstellung nicht möglich
    Log-Analyse und Auswertung - 25.03.2013 (0)
  7. Programme lassen sich nicht mehr öffnen -> löschen sich bei Öffnungsversuch
    Plagegeister aller Art und deren Bekämpfung - 01.12.2011 (29)
  8. Ordner auf Externer WD HDMI Festplatte lassen sich nicht mehr öffnen, PC hängt sich auf
    Netzwerk und Hardware - 17.11.2011 (14)
  9. Prozesse lassen sich nicht beenden, Malwarebytes und HouseCall hängen sich auf
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (4)
  10. Antivirenprogramme lassen sich nicht öffnen und Werbeantivirenprogramme melden sich ständig
    Plagegeister aller Art und deren Bekämpfung - 11.07.2011 (3)
  11. Fenster verkleinern/verstecken sich, lassen sich nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 28.12.2010 (2)
  12. Windows security alert; kein Programm lässt sich öffen
    Plagegeister aller Art und deren Bekämpfung - 24.12.2010 (29)
  13. Homepage von HiJackthis lässt sich nicht öffen / Bitte Logfile auswerten
    Log-Analyse und Auswertung - 05.11.2010 (1)
  14. Norton/Firewall schalten sich regelmässig ab und lassen sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 24.11.2009 (3)
  15. Einstellungen lassen sich nciht mehr ändern, div. webseiten lassen sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 23.02.2009 (82)
  16. Google suche bringt werbung, bestimmte Programme lassen sich nicht öffen
    Log-Analyse und Auswertung - 24.11.2008 (1)
  17. Taskmanager lässt sich nicht öffen+logfile
    Log-Analyse und Auswertung - 22.06.2008 (1)

Zum Thema cpu 100% und exe lassen sich nicht öffen - Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014 Ran by Mafia (administrator) on MAFIA-PC on 03-06-2014 16:43:59 Running from C:\Users\Mafia\Desktop Platform: Microsoft Windows - cpu 100% und exe lassen sich nicht öffen...
Archiv
Du betrachtest: cpu 100% und exe lassen sich nicht öffen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.