Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Mafia (administrator) on MAFIA-PC on 03-06-2014 16:43:59
Running from C:\Users\Mafia\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Box\Box Sync\FSEventsReader.exe
(Box Inc.) C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\Windows Manager\winmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Dropbox, Inc.) C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
(Nexon Corp.) C:\Nexon\NexonPlug\NMService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [WindowsUpdate] - C:\Program Files\Windows Manager\winmgr.exe [445952 2014-05-24] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [NexonPlug] => C:\Nexon\NexonPlug\NexonPlug.exe [2115928 2014-04-23] (Nexon Korea Corp.)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\RunOnce: [WindowsUpdate] - C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe [268800 2014-06-03] ()
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: J - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: K - K:\SETUP.EXE /adminfile IU.MSP
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {1ada3f0b-3fd1-11e3-8753-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {38acb392-2b8d-11e3-9ead-00241d3198e0} - J:\Startme.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {4b40593b-5461-11e3-8532-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {4b405acc-5461-11e3-8532-00241d3198e0} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {696abc48-0f80-11e3-9c98-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-2278640974-4239821988-345242402-1001\...\MountPoints2: {f63f0916-da8e-11e3-be8e-00241d3198e0} - F:\setup.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avguard.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avscan.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avshadow.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mousekeyboardcenter.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\pbackup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\pccompanion.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\prmt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\promt professional 10.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\pta2.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ptssync.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\TuneUpUtilitiesApp32.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\TuneUpUtilitiesService32.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ver-dictu.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mafia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD07716838EA3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPDC5C3546-B0DD-4CE4-AD10-187D28F005A7&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Promt IE Helper - {1F13CE11-4FAC-49A9-8155-D4F3F0F91A33} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - PROMT Translator - {C7DDDD27-F303-42A5-B979-51559F7DC0F0} - C:\Program Files\PRMT10\PRMTIE\prmtie.dll (PROMT Ltd.)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478
FF DefaultSearchEngine: Trovi search
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: https://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tongbu.com/tongbu,version=0.1 - C:\Program Files\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Mafia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\testlog.txt
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahootc.xml
FF Extension: PROMT - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\promtff9@promt9.ru [2014-05-29]
FF Extension: YouTube Unblocker - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\youtubeunblocker@unblocker.yt [2014-04-18]
FF Extension: DownloadHelper - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: {11574f4a-82a7-4b99-81dc-020c5e316e55} - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{11574f4a-82a7-4b99-81dc-020c5e316e55}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Mafia\AppData\Roaming\Mozilla\Firefox\Profiles\pwny7wno.default-1381859675478\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16]
Chrome:
=======
CHR HomePage: https://www.facebook.com/?ref=logo
CHR StartupUrls: "https://www.facebook.com/",
"https://www.youtube.com/feed/subscriptions",
"hxxp://www.tumblr.com/dashboard",
"https://twitter.com/"
CHR Extension: (ProxFlow) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-05-05]
CHR Extension: (Google Docs) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05]
CHR Extension: (Google Drive) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (TV) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05]
CHR Extension: (Adblock Plus) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-05]
CHR Extension: (Google-Suche) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05]
CHR Extension: (Love O'Clock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcnbegbcdfdlndabgemkabfhfllocma [2014-05-05]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-05]
CHR Extension: (Stylish) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-05-05]
CHR Extension: (AdBlock) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05]
CHR Extension: (FVD Downloader) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-05]
CHR Extension: (Surfing Day 2012) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgigjnbamdjoeifabplldbjgbjnacki [2014-05-05]
CHR Extension: (Google Wallet) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR Extension: (Google Mail) - C:\Users\Mafia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2012-08-01] ()
R2 BoxSyncFSEventsReaderService; C:\Program Files\Box\Box Sync\FSEventsReader.exe [13824 2013-09-09] ()
R2 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [18432 2013-09-09] (Box Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1682768 2014-05-13] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [0 ] (TuneUp Software)
S2 HPSLPSVC; C:\Users\Mafia\AppData\Local\Temp\7zS49D6\hpslpsvc32.dll [X]
S2 MBAMScheduler; "C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe" [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-16] (REALiX(tm))
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [74456 2014-05-26] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25712 2013-01-29] (Microsoft Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-28] (Avira GmbH)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [0 ] (TuneUp Software)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52920 2014-04-10] (StdLib)
R3 ALSysIO; \??\C:\Users\Mafia\AppData\Local\Temp\ALSysIO.sys [X]
S3 athr; system32\DRIVERS\athr.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys D4EF00B622EBEBEF85AB53C51A509A14
C:\Windows\System32\DRIVERS\atikmpag.sys 0A536B713BF916E62A14D48B0C1739A3
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\System32\Drivers\ssadadb.sys DD8D9C597AF7CD2F6B70A3D6A4A1ACEA
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 636C40DAC5D13F4C354973017AA8ADC2
C:\Windows\System32\DRIVERS\avgntflt.sys 06740B4CA398D0D00A49CB1D22FC2BC3
C:\Windows\System32\DRIVERS\avipbb.sys 05AF7CBF0BDA1571BBADC36703EB9CA4
C:\Windows\System32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\Windows\system32\drivers\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Program Files\SystemRequirementsLab\cpudrv.sys D01F685F8B4598D144B0CCE9FF95D8D5
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dfx11_1.sys 30384865C9AF82DB291E5C4F468E1AC6
C:\Windows\System32\DRIVERS\ssudbus.sys 560B0DCE52DFED6623B27C9BAFA6F236
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 2A958EF85DB1B61FFCA65044FA4BCE9E
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\drivers\evbdx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDIO.sys B83BDCCBACB65BAA9E20888DD0083A16
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\System32\DRIVERS\ggflt.sys 93CA4D9A0433BE0EDD0B9F2F26D5E54C
C:\Windows\System32\DRIVERS\ggsemc.sys 17E678AAB82CCDFB80E7614504933895
C:\Windows\System32\DRIVERS\hamachi.sys 833051C6C6C42117191935F734CFBD97
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys 950CC1E6AE3A6CD23E0945CDE089B02C
C:\Windows\System32\DRIVERS\htcnprot.sys 339ADEFAD60353F960E3CA67CE468C24
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 988C0A49F09D75D3341CB419141793C1
C:\Windows\system32\drivers\HWiNFO32.SYS 43E745EFA7D34ADAED455C0AA94C424A
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\igdkmd32.sys AD626F6964F4D364D226C39E06872DD3
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys 82EE5914B6AB27BFD23ECA29AEB34DA4
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys C924D31D6411854E8B6EEFEFA2FE87BA
C:\Windows\system32\drivers\mbam.sys 8683C1B450F4B3872839308D836E0F92
C:\Windows\system32\drivers\mwac.sys BD27D97297934FD4217A37FD28A7ABC7
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl.sys 9213AA35BCA94EB79D366DA254E4BDF5
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\DRIVERS\NuidFltr.sys A82BB9014BEF0E4986C3DA610B3A25FE
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb.sys 0F6756EF8BDA6DFA7BE50465C83132BB
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIV.sys 79C8488DFA2AA377441645123CB73845
C:\Windows\System32\DRIVERS\Rt86win7.sys 3983CEA05BB855351D75F5482B6C42CE
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys E5B56569A9F79B70314FEDE6C953641E
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ssadbus.sys 64E44ACD8C238FCBBB78F0BA4BDC4B05
C:\Windows\System32\DRIVERS\ssadmdfl.sys BB2C84A15C765DA89FD832B0E73F26CE
C:\Windows\System32\DRIVERS\ssadmdm.sys 6D0D132DDC6F43EDA00DCED6D8B1CA31
C:\Windows\System32\DRIVERS\ssadserd.sys 1A5A397BC459F346AB56492B61EF79F6
C:\Windows\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\Windows\System32\DRIVERS\ssudmdm.sys 585FDB94DB04AC1C56298D1FD1F1389E
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\Synth3dVsc.sys F2AD8960812FD111E20E84659EF19D43
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 052306FD76793D5D5AB5D9891FD1ADBB
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 01246F0BAAD7B68EC0F472AA41E33282
C:\Windows\system32\drivers\tsusbhub.sys 045ACB987C650D8186C6B4A692223860
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\DRIVERS\VClone.sys DAEF3AC067094497402C77476BBC3540
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\wacommousefilter.sys 427A8BC96F16C40DF81C2D2F4EDD32DD
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 846B58EA44BF8C92E4B59F4E2252C4C0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\wStLibG.sys 022E6B0F67F3CF1DE63502194E7D8AC7
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xusb21.sys C26C68BCBAC1F33F890C226769759209
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-03 16:41 - 2014-06-03 16:44 - 00043565 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-03 16:40 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-03 16:33 - 2014-06-03 16:33 - 00002777 _____ () C:\Users\Mafia\Desktop\FSS.txt
2014-06-03 16:32 - 2014-06-03 16:32 - 00410112 _____ (Farbar) C:\Users\Mafia\Desktop\FSS.exe
2014-06-03 15:10 - 2014-06-03 16:44 - 00000000 ____D () C:\FRST
2014-06-03 15:09 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Downloads\FRST(1).exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis.exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ () C:\Users\Mafia\Downloads\hijackthis(1).exe
2014-06-03 14:33 - 2014-06-03 14:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\HijackThis - CHIP-Installer.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-01 12:34 - 2014-06-01 12:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 06:04 - 2014-06-03 16:23 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-01 06:04 - 2014-05-24 14:17 - 00445952 __RSH (Kitsai) C:\Windows\system32\Microsoft.com
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:27 - 2014-06-01 05:28 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 05:26 - 2014-06-01 05:26 - 26568637 _____ () C:\Users\Mafia\Downloads\Dr.Fone.for.iOS.4.5.0.27.rar
2014-06-01 03:49 - 2014-06-01 04:06 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 03:38 - 2014-06-01 06:10 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 03:38 - 2014-06-01 05:42 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:13 - 2014-06-01 03:30 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 02:41 - 2014-06-01 02:59 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:22 - 2014-05-31 18:28 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:35 - 2014-05-30 13:41 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 01:47 - 2014-05-29 01:48 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 01:01 - 2014-04-04 17:05 - 00000000 ____D () C:\Users\Mafia\Downloads\1532
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-26 18:35 - 2014-05-30 21:31 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-26 17:49 - 2014-05-26 17:53 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 17:05 - 2014-05-26 20:30 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-25 02:08 - 2014-06-01 03:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 02:08 - 2014-05-26 03:32 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-25 02:08 - 2014-05-25 02:08 - 00001061 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-25 02:08 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-25 02:08 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:00 - 2014-05-24 23:06 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:58 - 2014-05-24 22:59 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:53 - 2014-05-24 22:56 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 06:11 - 2014-05-24 06:13 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:47 - 2014-05-24 04:49 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 02:42 - 2014-05-24 03:02 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:41 - 2014-05-24 02:57 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2013-01-21 11:11 - 64168776 _____ () C:\Users\Mafia\Downloads\Emma_Setup.exe
2014-05-24 00:21 - 2014-05-24 00:22 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 14:40 - 2014-05-23 14:41 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-22 23:56 - 2014-05-22 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 23:51 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-22 23:49 - 2014-05-22 23:50 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:18 - 2014-05-22 23:19 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 04:36 - 2014-05-22 04:37 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:25 - 2014-05-22 04:26 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-29 09:44 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:39 - 2013-12-21 20:51 - 00000000 ____D () C:\Users\Mafia\Downloads\Langenscheidt T1 Professional
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:22 - 2014-05-21 00:24 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:11 - 2014-05-20 11:12 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 01:11 - 2014-05-20 01:11 - 01326389 _____ () C:\Users\Mafia\Downloads\adwcleaner_3.210.exe
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 13:11 - 2014-05-19 13:17 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:47 - 2014-05-18 23:48 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-06-03 16:22 - 00009048 _____ () C:\Windows\setupact.log
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 16:57 - 2014-06-03 16:22 - 01974142 _____ () C:\Windows\PFRO.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 10:38 - 2012-10-15 22:06 - 00000000 ____D () C:\Users\Mafia\Downloads\Dox
2014-05-18 09:56 - 2014-05-22 04:36 - 00010147 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-18 08:41 - 2014-05-22 17:06 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 02:32 - 2014-05-29 01:04 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-23 00:57 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 22:11 - 2014-05-16 22:11 - 10627812 _____ () C:\Users\Mafia\Downloads\SuperOneClickv2.3.3-ShortFuse.zip
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:16 - 2014-05-17 03:11 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-16 20:10 - 2014-05-16 20:14 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:34 - 2011-12-28 11:01 - 00000000 ____D () C:\Users\Mafia\Downloads\hosts-
2014-05-16 18:56 - 2014-05-16 19:00 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 18:56 - 2014-05-16 19:00 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:19 - 2014-05-12 01:16 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-15 15:19 - 2000-05-18 01:00 - 01509632 _____ (Microsoft Corporation) C:\Users\Mafia\Downloads\InstMsiW.exe
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:25 - 2014-05-15 05:40 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:22 - 2014-05-15 15:02 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 05:22 - 2014-05-15 14:59 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 01:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 20:15 - 2014-06-02 22:08 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-05-13 20:12 - 2014-05-13 22:47 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 19:49 - 2014-06-03 16:23 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-05-13 11:37 - 2014-05-21 00:26 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-13 11:11 - 2014-05-15 05:23 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 00:35 - 2014-05-13 00:42 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2014-05-30 03:27 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-13 00:09 - 2014-05-30 03:27 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 19:32 - 2014-05-12 20:43 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:30 - 2014-05-13 02:48 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-12 19:29 - 2014-05-29 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-05-12 19:29 - 2014-05-29 01:07 - 00000000 ____D () C:\Windows\msagent
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:08 - 2014-05-12 12:14 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-11 18:30 - 2014-05-26 00:25 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:24 - 2014-05-12 12:11 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-11 18:24 - 2014-05-11 18:26 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 21:26 - 2014-03-21 22:36 - 00000000 ____D () C:\Users\Mafia\Downloads\Babylon Pro 10
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:37 - 2014-05-08 15:38 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 08:04 - 2014-05-08 13:12 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:28 - 2014-05-08 02:31 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:27 - 2014-05-08 02:28 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-07 19:56 - 2014-03-28 18:19 - 00000000 ____D () C:\Users\Mafia\Downloads\bshdbxst
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-06 17:14 - 2014-05-06 17:26 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-05-05 18:44 - 2014-05-22 23:59 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-05 18:44 - 2014-05-05 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-05 18:36 - 2014-05-05 18:36 - 00000000 ____D () C:\ProgramData\AppReady Software
2014-05-05 18:35 - 2014-05-25 21:58 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-05 18:17 - 2014-05-05 18:17 - 00428141 _____ () C:\Users\Mafia\Desktop\Minecraft-Modder_v2.9.2.exe
2014-05-04 02:11 - 2014-05-04 02:16 - 1308144206 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1.1_11D201_Restore.ipsw
==================== One Month Modified Files and Folders =======
2014-06-03 16:44 - 2014-06-03 16:41 - 00043565 _____ () C:\Users\Mafia\Desktop\FRST.txt
2014-06-03 16:44 - 2014-06-03 15:10 - 00000000 ____D () C:\FRST
2014-06-03 16:44 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Temp
2014-06-03 16:33 - 2014-06-03 16:33 - 00002777 _____ () C:\Users\Mafia\Desktop\FSS.txt
2014-06-03 16:32 - 2014-06-03 16:32 - 00410112 _____ (Farbar) C:\Users\Mafia\Desktop\FSS.exe
2014-06-03 16:28 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 16:28 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 16:26 - 2013-08-28 03:28 - 01520109 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 16:24 - 2013-08-31 22:35 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Dropbox
2014-06-03 16:23 - 2014-06-01 06:04 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-06-03 16:23 - 2014-05-13 19:49 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DropboxMaster
2014-06-03 16:23 - 2014-02-03 16:35 - 00000000 ____D () C:\Users\Mafia\AppData\Local\LogMeIn Hamachi
2014-06-03 16:23 - 2013-08-31 22:37 - 00000000 ___RD () C:\Users\Mafia\Dropbox
2014-06-03 16:22 - 2014-05-18 16:58 - 00009048 _____ () C:\Windows\setupact.log
2014-06-03 16:22 - 2014-05-18 16:57 - 01974142 _____ () C:\Windows\PFRO.log
2014-06-03 16:22 - 2013-09-30 22:26 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 16:22 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 16:21 - 2013-10-15 19:42 - 00000000 ____D () C:\AdwCleaner
2014-06-03 16:11 - 2010-11-20 23:01 - 01657362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-03 15:09 - 2014-06-03 16:40 - 01059840 _____ (Farbar) C:\Users\Mafia\Desktop\FRST.exe
2014-06-03 15:09 - 2014-06-03 15:09 - 01059840 _____ (Farbar) C:\Users\Mafia\Downloads\FRST(1).exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mafia\Downloads\hijackthis.exe
2014-06-03 14:50 - 2014-06-03 14:50 - 00388608 _____ () C:\Users\Mafia\Downloads\hijackthis(1).exe
2014-06-03 14:48 - 2013-08-28 03:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-03 14:33 - 2014-06-03 14:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\HijackThis - CHIP-Installer.exe
2014-06-03 14:24 - 2014-06-03 14:24 - 00000044 _____ () C:\Neues Textdokument.txt
2014-06-03 04:45 - 2013-09-01 15:40 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Adobe
2014-06-02 22:23 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\UseNeXT
2014-06-02 22:15 - 2013-09-01 22:42 - 00000000 ____D () C:\Users\Mafia\Documents\UseNeXT
2014-06-02 22:08 - 2014-05-13 20:15 - 00000000 ____D () C:\Users\Mafia\AppData\Local\QuickPar
2014-06-02 21:58 - 2013-09-30 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 19:51 - 2014-04-06 12:47 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\.minecraft
2014-06-01 19:50 - 2013-08-31 12:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Skype
2014-06-01 12:35 - 2014-06-01 12:34 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (3)
2014-06-01 09:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-01 06:10 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Wondershare
2014-06-01 05:42 - 2014-06-01 03:38 - 00000000 ___HD () C:\Program Files\Dr.Fone_Temp
2014-06-01 05:41 - 2014-06-01 05:41 - 17249726 _____ () C:\Users\Mafia\Downloads\Wondershare Dr.Fone 1.0.2.5 iPhone 5 + Reg Key.rar
2014-06-01 05:28 - 2014-06-01 05:27 - 37652255 _____ () C:\Users\Mafia\Downloads\dr_fone_ios[freedownloadsbywali.com].rar
2014-06-01 05:26 - 2014-06-01 05:26 - 26568637 _____ () C:\Users\Mafia\Downloads\Dr.Fone.for.iOS.4.5.0.27.rar
2014-06-01 04:06 - 2014-06-01 03:49 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part07.rar
2014-06-01 04:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-01 03:40 - 2014-06-01 03:40 - 00000000 _____ () C:\Users\Mafia\AppData\Roaming\p.n
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\ProgramData\Wondershare
2014-06-01 03:38 - 2014-06-01 03:38 - 00000000 ____D () C:\Program Files\Common Files\Wondershare
2014-06-01 03:35 - 2014-06-01 03:35 - 00001048 _____ () C:\Users\Mafia\Downloads\relink.us__Wondershare_Dr.Fone_for_iOS_4.1.1.5_d113dbcd7ab4743928810899a9f375.dlc
2014-06-01 03:30 - 2014-06-01 03:13 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part06.rar
2014-06-01 03:21 - 2014-05-25 02:08 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 02:59 - 2014-06-01 02:41 - 1047527424 _____ () C:\Users\Mafia\Downloads\2315648946457894-lolwddogsrelo.part05.rar
2014-06-01 02:40 - 2014-06-01 02:40 - 00005488 _____ () C:\Users\Mafia\Downloads\9a899b3bb764b80ec902323fa9a530e9.dlc
2014-05-31 18:28 - 2014-05-31 18:22 - 03847328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 18:26 - 2014-05-31 18:26 - 00115144 _____ () C:\Users\Mafia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-31 18:23 - 2013-08-28 03:29 - 00000000 ____D () C:\Users\Mafia
2014-05-31 17:04 - 2009-07-14 04:03 - 69468160 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 27262976 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-05-31 17:04 - 2009-07-14 04:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-05-31 16:59 - 2009-07-14 04:03 - 00069632 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-05-31 02:41 - 2014-02-07 02:05 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\vlc
2014-05-31 01:47 - 2014-05-31 01:47 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave(1).zip
2014-05-31 00:12 - 2014-05-31 00:12 - 00025508 _____ () C:\Users\Mafia\Downloads\org.thebigboss.downlock_v0.1-3_iphoneos-arm.deb
2014-05-30 21:31 - 2014-05-26 18:35 - 00000000 ____D () C:\Users\Mafia\Desktop\Neue Musik mit Cover
2014-05-30 14:33 - 2014-05-30 14:33 - 00599791 _____ () C:\Users\Mafia\Downloads\Fairway Solitaire Blast Hack Tool.rar
2014-05-30 14:29 - 2014-05-30 14:29 - 00029100 _____ () C:\Users\Mafia\Downloads\ipa01367_GameSave.zip
2014-05-30 13:41 - 2014-05-30 13:35 - 76603164 _____ () C:\Users\Mafia\Downloads\476127375.ipa
2014-05-30 03:27 - 2014-05-13 00:10 - 00000057 _____ () C:\Windows\IMTDCCM.INI
2014-05-30 03:27 - 2014-05-13 00:09 - 00000000 ____D () C:\Program Files\GadgetWide Cloud Control Service
2014-05-29 21:25 - 2014-02-08 00:09 - 00000000 ____D () C:\The KMPlayer
2014-05-29 10:49 - 2013-09-13 07:08 - 00000000 ____D () C:\Users\Mafia\Documents\Tongbu
2014-05-29 10:45 - 2014-05-29 10:45 - 00000000 ____D () C:\Users\Mafia\Desktop\Library
2014-05-29 09:53 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\Lhsp
2014-05-29 09:44 - 2014-05-21 00:51 - 00000000 ____D () C:\Langenscheidt T1 7_0
2014-05-29 01:48 - 2014-05-29 01:47 - 11429326 _____ () C:\Users\Mafia\Downloads\Bypass iOS7 By mohammednadhir31.rar
2014-05-29 01:07 - 2014-05-29 01:07 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_29-05-14_01-07-35.log
2014-05-29 01:07 - 2014-05-12 19:29 - 00000000 ____D () C:\Windows\msagent
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Speech
2014-05-29 01:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-05-29 01:04 - 2014-05-29 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PROMT
2014-05-29 01:04 - 2014-05-17 02:32 - 00000000 ____D () C:\Program Files\PRMT10
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\ProgramData\PROMT
2014-05-29 01:03 - 2014-05-29 01:03 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-05-29 00:40 - 2014-05-29 00:40 - 00003312 _____ () C:\Users\Mafia\Downloads\d47a0d88eaa5f3f885b32016624c2700.dlc
2014-05-29 00:08 - 2014-05-29 00:08 - 03146623 _____ () C:\Users\Mafia\Downloads\DIR-615_fw_revd_414b02_ALL_de_20130411.zip
2014-05-28 23:16 - 2014-05-28 23:16 - 111128912 _____ (Apple Inc.) C:\Users\Mafia\Downloads\itunessetup_16920.exe
2014-05-27 20:36 - 2014-05-27 20:36 - 00021124 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.de-SubCentral.rar
2014-05-27 00:55 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\addins
2014-05-26 20:30 - 2014-05-26 17:05 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner (2)
2014-05-26 17:53 - 2014-05-26 17:49 - 62624584 _____ () C:\Users\Mafia\Desktop\Addicted Instrumental.zip
2014-05-26 03:32 - 2014-05-25 02:08 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Notepad++
2014-05-26 00:25 - 2014-05-11 18:30 - 00000000 ____D () C:\Program Files\Notepad++
2014-05-25 21:58 - 2014-05-05 18:35 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-25 02:08 - 2014-05-25 02:08 - 00001061 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-25 02:08 - 2014-05-25 02:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-25 02:07 - 2014-05-25 02:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-24 23:06 - 2014-05-24 23:00 - 527018710 _____ () C:\Users\Mafia\Downloads\Lt28h_4.4.2_MaDMaT.zip
2014-05-24 22:59 - 2014-05-24 22:58 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit(1).zip
2014-05-24 22:56 - 2014-05-24 22:53 - 261566507 _____ () C:\Users\Mafia\Downloads\pac_aoba_4.4.Alpha-1_20140502-185255.zip
2014-05-24 22:25 - 2014-05-24 22:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mafia\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:29 - 2013-10-16 16:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 14:17 - 2014-06-01 06:04 - 00445952 __RSH (Kitsai) C:\Windows\system32\Microsoft.com
2014-05-24 06:13 - 2014-05-24 06:11 - 09023582 _____ () C:\Users\Mafia\Downloads\sony_bootloader_unlock.rar
2014-05-24 06:12 - 2014-05-24 06:12 - 09092064 _____ (Kingosoft Technology Ltd. ) C:\Users\Mafia\Downloads\sony_bootloader_unlock.exe
2014-05-24 05:40 - 2014-05-24 05:40 - 00011712 _____ () C:\Windows\DPINST.LOG
2014-05-24 04:49 - 2014-05-24 04:47 - 00000000 ____D () C:\Fastboot files
2014-05-24 04:47 - 2014-05-24 04:47 - 00825874 _____ () C:\Users\Mafia\Downloads\fastboot.zip
2014-05-24 04:20 - 2014-05-24 04:20 - 00001824 _____ () C:\Users\Mafia\Downloads\vold.fstab
2014-05-24 04:14 - 2014-02-10 21:55 - 00000000 ____D () C:\Flashtool
2014-05-24 03:57 - 2014-05-24 03:57 - 03058322 _____ () C:\Users\Mafia\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v17_perf-event-exploit.zip
2014-05-24 03:02 - 2014-05-24 02:42 - 519492673 _____ () C:\Users\Mafia\Downloads\LT28h_6.2.B.0.211_Generic.zip
2014-05-24 02:57 - 2014-05-24 02:41 - 414675530 _____ () C:\Users\Mafia\Downloads\LT28i_6.1.E.3.7-Stock-Rooted.zip
2014-05-24 00:25 - 2013-12-25 08:57 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-05-24 00:23 - 2014-05-24 00:23 - 00027632 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\seehcri.sys
2014-05-24 00:22 - 2014-05-24 00:21 - 64656538 _____ () C:\Users\Mafia\Downloads\Flash_tool_for_Xperia_2.zip
2014-05-24 00:22 - 2013-12-17 13:30 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-05-24 00:21 - 2014-05-24 00:21 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\Emma Sony Flash Tool - CHIP-Installer.exe
2014-05-23 21:17 - 2013-12-17 13:30 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-23 16:43 - 2013-08-25 01:00 - 00000000 ____D () C:\Users\Bea
2014-05-23 15:08 - 2013-08-28 07:41 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\iFunbox_UserCache
2014-05-23 14:41 - 2014-05-23 14:40 - 89006156 _____ () C:\Users\Mafia\Downloads\itunes to restore custom ispw BY BESSI.zip
2014-05-23 14:37 - 2014-05-23 14:37 - 00000784 _____ () C:\Users\Mafia\Downloads\hosts.txt
2014-05-23 00:57 - 2014-05-16 22:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-05-23 00:54 - 2013-10-18 18:59 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\libimobiledevice
2014-05-22 23:59 - 2014-05-05 18:44 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-22 23:56 - 2014-05-22 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-22 23:55 - 2014-05-22 23:55 - 00000000 ____D () C:\Program Files\iPod
2014-05-22 23:55 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\iTunes
2014-05-22 23:55 - 2013-08-28 07:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-22 23:50 - 2014-05-22 23:49 - 89082704 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup1105.exe
2014-05-22 23:47 - 2014-05-22 23:47 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05(1).rar
2014-05-22 23:20 - 2014-05-22 23:20 - 02958695 _____ () C:\Users\Mafia\Downloads\Install_ipswDownloader_v201_hf.exe
2014-05-22 23:19 - 2014-05-22 23:18 - 11202228 _____ () C:\Users\Mafia\Downloads\itunes 11.05.rar
2014-05-22 23:15 - 2014-04-19 15:12 - 00007680 ___SH () C:\Users\Mafia\AppData\Roaming\Thumbs.db
2014-05-22 17:06 - 2014-05-18 08:41 - 00000000 ____D () C:\Users\Mafia\Desktop\Neuer Ordner
2014-05-22 04:37 - 2014-05-22 04:36 - 00000955 _____ () C:\Windows\system32\Drivers\etc\hosts.umbrella
2014-05-22 04:36 - 2014-05-18 09:56 - 00010147 _____ () C:\Users\Mafia\Downloads\umbrella.log
2014-05-22 04:35 - 2014-03-16 21:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\DiskAid
2014-05-22 04:26 - 2014-05-22 04:25 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-05-21 19:05 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\Performance
2014-05-21 18:01 - 2014-04-03 19:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\redsn0w
2014-05-21 14:39 - 2014-05-21 14:39 - 00007686 _____ () C:\Windows\system32\Drivers\etc.rar
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LangenscheidtT1 7.0
2014-05-21 00:51 - 2014-05-21 00:51 - 00000000 ____D () C:\Program Files\Langenscheidt T1 7_0
2014-05-21 00:51 - 2013-08-28 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-21 00:50 - 2013-08-28 04:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-05-21 00:38 - 2013-09-07 02:12 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-05-21 00:36 - 2014-05-21 00:36 - 27893796 _____ () C:\Users\Mafia\Downloads\Tu.Up.Utilities.296.m1.rar
2014-05-21 00:26 - 2014-05-13 11:37 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Microsoft_Corporation
2014-05-21 00:24 - 2014-05-21 00:22 - 113652504 _____ () C:\Users\Mafia\Downloads\Langenscheidt_T1_Professional.rar
2014-05-20 23:55 - 2014-05-20 23:55 - 00104336 _____ () C:\Users\Mafia\Downloads\com.magnusdevelopment.gifpaper_v1.0-84_iphoneos-arm.deb
2014-05-20 23:17 - 2014-05-20 23:17 - 00595982 _____ () C:\Users\Mafia\Downloads\com.a3tweaks.auxo2_v1.2_iphoneos-arm-CrAcKeD By RegKiller.deb
2014-05-20 17:02 - 2014-05-20 17:02 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-20 17:02 - 2013-08-31 12:22 - 00000000 ___RD () C:\Program Files\Skype
2014-05-20 17:02 - 2013-08-31 12:21 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 11:12 - 2014-05-20 11:12 - 00000000 ____D () C:\Users\Mafia\Documents\iTools
2014-05-20 11:12 - 2014-05-20 11:11 - 02879276 _____ () C:\Users\Mafia\Downloads\iTools0520E_2.rar
2014-05-20 10:58 - 2013-08-28 04:53 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:58 - 2013-08-28 04:53 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-20 01:43 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas
2014-05-20 01:11 - 2014-05-20 01:11 - 01326389 _____ () C:\Users\Mafia\Downloads\adwcleaner_3.210.exe
2014-05-19 13:17 - 2014-05-19 13:11 - 327532650 _____ () C:\Users\Mafia\Downloads\gotkills04e07.rar
2014-05-19 13:13 - 2014-05-19 13:13 - 00021151 _____ () C:\Users\Mafia\Downloads\Game.of.Thrones.S04E07.HDTV.x264-KILLERS.VO.rar
2014-05-19 03:08 - 2014-05-19 03:08 - 00000000 ____D () C:\Users\Mafia\Documents\PDF Files
2014-05-19 02:58 - 2014-05-19 02:58 - 00000000 ____D () C:\ProgramData\Avanquest Software
2014-05-19 02:56 - 2014-05-19 02:56 - 00000000 ____D () C:\Users\Public\Documents\Avanquest Software
2014-05-19 02:50 - 2014-05-19 02:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Mafia\Downloads\PDF Experte Ultimate - CHIP-Downloader.exe
2014-05-18 23:56 - 2013-08-28 07:39 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-05-18 23:48 - 2014-05-18 23:47 - 111121232 _____ (Apple Inc.) C:\Users\Mafia\Downloads\iTunesSetup.exe
2014-05-18 16:58 - 2014-05-18 16:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-18 11:07 - 2014-05-18 11:07 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\PROMT
2014-05-18 01:07 - 2014-05-18 01:07 - 05366773 _____ () C:\Users\Mafia\Downloads\iCloud Activation bypass with redsn0w 0..mp4
2014-05-17 16:22 - 2014-05-17 16:22 - 08535964 _____ () C:\Users\Mafia\Desktop\Hatsune Miku - Strobe Light (ストロボライト) - English-Romaji Sub.ogg
2014-05-17 15:25 - 2014-05-17 15:25 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Malwarebytes
2014-05-17 05:02 - 2013-08-28 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-05-17 03:18 - 2014-05-17 03:18 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-05-17 03:18 - 2013-08-28 03:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-17 03:11 - 2014-05-16 20:16 - 00000000 ____D () C:\Program Files\PRMT9
2014-05-17 02:34 - 2014-05-17 02:34 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_17-05-14_02-34-44.log
2014-05-17 01:47 - 2014-05-17 01:47 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267(1).msi
2014-05-16 23:25 - 2014-05-16 23:25 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Cloud Control.lnk
2014-05-16 22:53 - 2014-05-16 22:53 - 00991232 _____ () C:\Users\Mafia\Downloads\MicrosoftFixit50267.msi
2014-05-16 22:53 - 2014-05-16 22:53 - 00001243 _____ () C:\Users\Mafia\Desktop\etc - Verknüpfung.lnk
2014-05-16 22:13 - 2014-05-16 22:13 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Drivers et Pilotes
2014-05-16 22:11 - 2014-05-16 22:11 - 10627812 _____ () C:\Users\Mafia\Downloads\SuperOneClickv2.3.3-ShortFuse.zip
2014-05-16 20:47 - 2014-05-16 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-16 20:47 - 2014-05-16 20:47 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 20:47 - 2014-05-16 20:47 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-16 20:47 - 2013-09-13 06:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 20:46 - 2014-05-16 20:46 - 00921512 _____ (Oracle Corporation) C:\Users\Mafia\Downloads\jxpiinstall(1).exe
2014-05-16 20:20 - 2014-05-16 20:20 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_20-20-02.log
2014-05-16 20:14 - 2014-05-16 20:10 - 461998752 _____ (PROMT ) C:\Users\Mafia\Downloads\PROMT9_Freelance_EngGer_EGE_Trial.exe
2014-05-16 19:00 - 2014-05-16 18:56 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002181 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-05-16 19:00 - 2014-05-16 18:56 - 00002020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-16 18:58 - 2013-09-01 15:40 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-05-16 18:55 - 2013-09-01 15:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-16 17:24 - 2014-05-16 17:24 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_16-05-14_17-24-13.log
2014-05-16 17:12 - 2013-09-13 06:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 17:00 - 2014-05-16 17:00 - 00049018 _____ () C:\Users\Mafia\Downloads\coinwidget.com-master.zip
2014-05-16 16:35 - 2013-08-28 03:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-16 16:35 - 2013-08-28 03:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 15:20 - 2014-05-15 15:20 - 00002829 _____ () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\GadgetWide Tool.lnk
2014-05-15 15:02 - 2014-05-15 05:22 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\WindowsDDL
2014-05-15 14:59 - 2014-05-15 05:22 - 00000000 __SHD () C:\Users\Mafia\vWc85O
2014-05-15 05:41 - 2014-05-15 05:41 - 00000000 ____D () C:\Users\Mafia\AppData\Local\BigFinishGames
2014-05-15 05:40 - 2014-05-15 05:40 - 00000962 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:40 - 00000950 _____ () C:\Users\Public\Desktop\Tesla Effect A Tex Murphy Adventure.lnk
2014-05-15 05:40 - 2014-05-15 05:25 - 00000000 ____D () C:\Program Files\Tesla Effect A Tex Murphy Adventure
2014-05-15 05:23 - 2014-05-13 11:11 - 00000000 ____D () C:\Users\Mafia\Desktop\Tesla Effect A Tex Murphy Adventure - Reloaded - r
2014-05-15 05:02 - 2013-09-01 15:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-15 04:55 - 2013-11-24 17:47 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\ProgramData\Razer
2014-05-15 04:55 - 2013-11-24 17:46 - 00000000 ____D () C:\Program Files\Razer
2014-05-15 01:01 - 2013-08-28 07:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 00:47 - 2014-05-15 00:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 00:47 - 2013-08-28 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 00:45 - 2012-06-14 12:39 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 11:08 - 2014-05-14 11:08 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-05-14 11:08 - 2014-04-15 11:35 - 00000897 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 22:48 - 2014-05-13 22:48 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 22:47 - 2014-05-13 20:12 - 00000000 ____D () C:\Program Files\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00503439 _____ (Peter B Clements) C:\Users\Mafia\Downloads\QuickPar-0.9.1.0-DEU.exe
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 20:12 - 2014-05-13 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-05-13 13:30 - 2013-08-28 03:47 - 00000000 ____D () C:\Program Files\Java
2014-05-13 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 07:05 - 2014-05-13 07:05 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_07-05-17.log
2014-05-13 05:40 - 2014-05-13 05:40 - 00004144 _____ () C:\Windows\system32\IssuesFixerLog_13-05-14_05-40-06.log
2014-05-13 02:48 - 2014-05-12 19:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Win_3400
2014-05-13 00:42 - 2014-05-13 00:35 - 1308208441 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1_11D167_Restore.ipsw
2014-05-13 00:10 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-12 21:30 - 2014-05-12 21:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Promt
2014-05-12 21:11 - 2014-05-12 21:11 - 00006465 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_21-11-14.log
2014-05-12 20:43 - 2014-05-12 19:32 - 00000000 ____D () C:\Users\Mafia\Downloads\Patch for PROMT Professional 9.5
2014-05-12 19:29 - 2014-05-12 19:29 - 00006292 _____ () C:\Windows\system32\IssuesFixerLog_12-05-14_19-29-53.log
2014-05-12 12:14 - 2014-05-12 12:08 - 00000000 ____D () C:\Users\Mafia\Downloads\iPhone.Backup.Extractor.v4.0.9.0
2014-05-12 12:11 - 2014-05-11 18:24 - 00001246 _____ () C:\Users\Mafia\Desktop\iPhone Backup Extractor.lnk
2014-05-12 07:26 - 2014-05-25 02:08 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-25 02:08 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-12 01:16 - 2014-05-15 15:19 - 05438976 _____ () C:\Users\Mafia\Downloads\GadgetWide Cloud Control Service.msi
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:30 - 2014-05-11 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-05-11 18:29 - 2014-05-11 18:29 - 07631728 _____ () C:\Users\Mafia\Downloads\npp.6.6.2.Installer.exe
2014-05-11 18:26 - 2014-05-11 18:24 - 00000107 _____ () C:\Users\Mafia\Desktop\Neues Textdokument.txt
2014-05-11 17:58 - 2013-09-02 05:19 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Deployment
2014-05-11 17:40 - 2013-08-28 04:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 19:51 - 2014-05-10 19:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 20:30 - 2014-05-08 20:30 - 00000000 ____D () C:\Users\Mafia\AppData\Local\MaxRecorder
2014-05-08 19:50 - 2014-05-08 19:50 - 00000000 ____D () C:\ProgramData\DFX
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\Max Recorder
2014-05-08 19:49 - 2013-08-29 12:27 - 00000000 ____D () C:\Program Files\DFX
2014-05-08 15:39 - 2014-05-08 15:39 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Logitech
2014-05-08 15:38 - 2014-05-08 15:38 - 00000320 _____ () C:\Users\Mafia\Desktop\MyHarmony.appref-ms
2014-05-08 15:38 - 2014-05-08 15:38 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech
2014-05-08 15:38 - 2014-05-08 15:37 - 00409880 _____ (Logitech) C:\Users\Mafia\Downloads\MyHarmony-App.exe
2014-05-08 13:12 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Mafia\Desktop\Attack on Titan
2014-05-08 09:23 - 2014-01-06 23:54 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\AVS4YOU
2014-05-08 02:35 - 2013-10-02 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-08 02:31 - 2014-05-08 02:31 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2014-05-08 02:31 - 2014-05-08 02:28 - 00000000 ____D () C:\Program Files\Unlockroot Pro
2014-05-08 02:28 - 2014-05-08 02:27 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Mafia\Downloads\Sony PC Companion_Web.exe
2014-05-08 01:31 - 2014-01-06 23:49 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-05-08 01:21 - 2013-12-05 01:56 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\TuneUpMedia
2014-05-08 01:21 - 2013-08-28 04:12 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Mozilla
2014-05-07 11:46 - 2014-05-07 11:46 - 00000924 _____ () C:\Users\Mafia\Downloads\iPhone 4S.txt
2014-05-07 00:18 - 2014-04-29 12:56 - 00000000 ____D () C:\Users\Mafia\Desktop\Minecraft-bilder
2014-05-06 17:26 - 2014-05-06 17:14 - 2563039232 _____ () C:\Users\Mafia\Downloads\X17-24208.iso
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-05-05 19:52 - 2014-05-05 19:52 - 00000000 ____D () C:\Users\Mafia\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-05-05 18:44 - 2014-05-05 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-05 18:44 - 2013-09-30 22:26 - 00000000 ____D () C:\Program Files\Google
2014-05-05 18:39 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-05 18:36 - 2014-05-05 18:36 - 00000000 ____D () C:\ProgramData\AppReady Software
2014-05-05 18:17 - 2014-05-05 18:17 - 00428141 _____ () C:\Users\Mafia\Desktop\Minecraft-Modder_v2.9.2.exe
2014-05-04 02:16 - 2014-05-04 02:11 - 1308144206 _____ () C:\Users\Mafia\Downloads\iPhone4,1_7.1.1_11D201_Restore.ipsw
2014-05-04 01:43 - 2013-08-28 07:41 - 00000000 ____D () C:\Program Files\i-Funbox DevTeam
Files to move or delete:
====================
C:\Users\Bea\contacts.dat
Some content of TEMP:
====================
C:\Users\Mafia\AppData\Local\Temp\avgnt.exe
C:\Users\Mafia\AppData\Local\Temp\bassmod.dll
C:\Users\Mafia\AppData\Local\Temp\cnwcdr.exe
C:\Users\Mafia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvp2yt.dll
C:\Users\Mafia\AppData\Local\Temp\npp.6.6.3.Installer.exe
C:\Users\Mafia\AppData\Local\Temp\nse2496.exe
C:\Users\Mafia\AppData\Local\Temp\nseF99A.exe
C:\Users\Mafia\AppData\Local\Temp\nseFC59.exe
C:\Users\Mafia\AppData\Local\Temp\nsoFF56.exe
C:\Users\Mafia\AppData\Local\Temp\nsu2765.exe
C:\Users\Mafia\AppData\Local\Temp\nsu2C94.exe
C:\Users\Mafia\AppData\Local\Temp\nsv7DF5.exe
C:\Users\Mafia\AppData\Local\Temp\proxy_vole8242817500600634785.dll
C:\Users\Mafia\AppData\Local\Temp\Quarantine.exe
C:\Users\Mafia\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
path \bootmgr
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
displayorder {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
{61b1399a-24cd-11de-a4c4-ca27f4abce37}
{current}
toolsdisplayorder {memdiag}
timeout 15
Windows-Startladeprogramm
-------------------------
Bezeichner {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
custom:15000065 3
custom:15000066 3
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{10a77769-b926-11e3-9e2d-f3f7ac4b143e}
systemroot \windows
nx OptIn
custom:250000c2 1
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {5eea018c-c458-11e3-a4e7-dd71149e4331}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale de-DE
inherit {bootloadersettings}
custom:15000065 3
custom:15000066 3
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{5eea018d-c458-11e3-a4e7-dd71149e4331}
systemroot \windows
nx OptIn
custom:250000c2 1
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {ab31a0e4-0f88-11e3-95df-c80cab60adee}
device ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\Winre.wim,{ab31a0e5-0f88-11e3-95df-c80cab60adee}
systemroot \windows
nx OptIn
winpe Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 ohne DDR-RAM Sperre
locale de-DE
inherit {bootloadersettings}
recoverysequence {ab31a0e4-0f88-11e3-95df-c80cab60adee}
recoveryenabled Yes
testsigning Yes
osdevice partition=C:
systemroot \Windows
kernel ntkrlICE.exe
resumeobject {ab31a0e2-0f88-11e3-95df-c80cab60adee}
nx OptIn
pae ForceEnable
numproc 2
usefirmwarepcisettings No
Windows-Startladeprogramm
-------------------------
Bezeichner {ec0b5fe6-c457-11e3-a4e7-dd71149e4331}
device partition=D:
path \WINDOWS\system32\winload.exe
description Windows 8.1
locale de-DE
inherit {bootloadersettings}
recoverysequence {5eea018c-c458-11e3-a4e7-dd71149e4331}
integrityservices Enable
recoveryenabled Yes
custom:17000077 352321653
osdevice partition=D:
systemroot \WINDOWS
resumeobject {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
nx OptIn
custom:250000c2 1
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {10a77766-b926-11e3-9e2d-f3f7ac4b143e}
device partition=D:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {10a77768-b926-11e3-9e2d-f3f7ac4b143e}
recoveryenabled Yes
custom:17000077 352321653
filedevice partition=D:
filepath \hiberfil.sys
custom:25000008 1
pae Yes
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {ab31a0e2-0f88-11e3-95df-c80cab60adee}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {ec0b5fe5-c457-11e3-a4e7-dd71149e4331}
device partition=D:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {5eea018c-c458-11e3-a4e7-dd71149e4331}
recoveryenabled Yes
custom:17000077 352321653
filedevice partition=D:
filepath \hiberfil.sys
custom:25000008 1
pae Yes
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {10a77769-b926-11e3-9e2d-f3f7ac4b143e}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {10a7776a-b926-11e3-9e2d-f3f7ac4b143e}
description Windows Setup
ramdisksdidevice partition=D:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Ger„teoptionen
--------------
Bezeichner {5eea018d-c458-11e3-a4e7-dd71149e4331}
description Windows Recovery
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Ger„teoptionen
--------------
Bezeichner {ab31a0e5-0f88-11e3-95df-c80cab60adee}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\ab31a0e4-0f88-11e3-95df-c80cab60adee\boot.sdi
LastRegBack: 2014-05-29 01:30
==================== End Of Log ============================
03.06.2014, 21:57
Baum-Darstellung